WiredWX Hobby Weather ToolsLog in

 


fake antivirus alpha

2 posters

descriptionfake antivirus alpha Emptyfake antivirus alpha

more_horiz
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:01:52 PM, on 11/1/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Users\Dennis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5RH2U6M9\winlogon[1].scr
C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Advanced Explorer Editor - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\SysWow64\AdvancedIEupdate.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hȋdden
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [tinySpell] C:\Program Files (x86)\tinySpell\tinyspell.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: PackageCab - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} (FixItClient Class) - https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://ak.imgag.com/imgag/cp/install/Crusher.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15079 bytes

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
Every time I open the malwarebytes antimalware program to scan it closes right away it will not allow me to scan.

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
OTL Extras logfile created on: 11/2/2009 1:46:17 PM - Run 1
OTL by OldTimer - Version 3.1.3.0 Folder = C:\Users\Dennis\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 41.48% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 227.52 Gb Free Space | 79.83% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENNIS-PC
Current User Name: Dennis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\Wscript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\Wscript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\Wscript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\Wscript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 8E FE D4 64 C9 54 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 
"FirstRunDisabled" = 
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{019A3175-3095-46C1-BDEF-6331FBE5CD25}" = lport=2869 | protocol=6 | dir=in | app=system |
"{17F744ED-900E-48EA-8C84-BB8947472635}" = rport=138 | protocol=17 | dir=out | app=system |
"{30166050-BCB7-49FA-9F00-10E5F410DFC1}" = rport=139 | protocol=6 | dir=out | app=system |
"{3181CB27-1AB3-4C3A-AF30-A07F7935D52F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{35C64C35-6F2C-4E40-B17B-1BFCEE82539A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{52FF3880-E0EE-491E-9FFE-CA8DA9E7E8EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{763305F5-35CD-4F47-B17B-CE0CE9812D2D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{917D563C-ECAC-4948-A96B-9F8F80EE14D8}" = lport=137 | protocol=17 | dir=in | app=system |
"{94A9EEE9-74D5-4C56-B658-30C842849D07}" = lport=138 | protocol=17 | dir=in | app=system |
"{C00F7210-DD0D-4ED9-832C-320A8B31F471}" = lport=139 | protocol=6 | dir=in | app=system |
"{C35D7176-FA69-47CE-BD9D-4F752824EE4A}" = lport=445 | protocol=6 | dir=in | app=system |
"{DAB783FB-2F2B-468F-BF1C-C75317E4D6FF}" = rport=445 | protocol=6 | dir=out | app=system |
"{FEFE4668-6707-483C-9A33-990D3118D3CF}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0365773B-E07B-4B1D-BC4D-B76F689A8F60}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{0BF3239C-F9C0-47EB-8A2C-4D96B4736E98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{0D50244B-06EE-4BDB-9E39-F09B0323C6D5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{1A771202-7585-4C9C-B33E-D3E4C2027622}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{1FE2027F-C109-4E0B-9C38-BF97C9FDC93C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{39C57EC8-B9AA-49BD-9A20-F427A9187E48}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{51F2D2C3-058B-4A87-8420-29A44FFD3633}" = dir=in | app=e:\setup\hpznui40.exe |
"{5289633D-D1EB-4FA3-AEB7-782F3B0A52FE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{5757CB54-A6D9-4D43-82D2-CCCA4F4DD27D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{5C9355D9-F635-4593-97CD-2062465C0052}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{5F041A55-C109-4CB5-B8A3-074D129D0F9B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{614AF644-818A-4BE2-8502-A0D55A3C6312}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{62523BE7-D407-4909-A60F-CDF0797144C4}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{6CB98077-3110-4BE5-B3F1-0F1FADFF2C33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{757D990D-74E1-4526-AF01-B6C954C2B3AC}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{7AD9BC0E-5DBF-41B2-91DE-9AF61043CA09}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{836D2432-D2AD-4DEC-AFB3-3F986F231681}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{8501FC1A-15DA-40DA-8E47-86B8F5234CC2}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{89515D67-BD0D-498A-B3C0-EAB5E74F9E49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{8C2B85EA-C1B4-4B60-AB1F-873B72F0FC11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9074E19F-A1B6-4352-943B-0DE7254492EF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{96857A24-C825-40B1-8F85-A883E37B4574}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{97A9EA64-E5EE-4234-8759-3196D43EF86D}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9A6FCDD6-F702-4B80-A415-165C51777598}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{9B2185B7-0657-4364-A3A6-6AF75B8EE58D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{A004D435-7479-4468-AEDB-D6E9D4B22BCF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{AF7A57F3-A454-46FE-BA07-32CFD9174351}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{C14D30D6-14FC-4D4B-A751-DC3C46F0772A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{C610362B-7EC2-47E9-8CC5-B0CC2EF91A50}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{C9AA9E61-35D6-4C83-B15D-55D04EC23227}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CC953F42-3359-4D58-8390-C173BD801189}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{DDBFA9EC-D21E-4B5C-A156-DC3D901DD77A}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{E5AE7BF7-B47D-459A-80E4-17CE6FAE0057}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{F08EF844-F4E5-4D3B-BD6A-78C9D42BB9B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F876FEB3-5CAE-4AEE-86F8-9DA0A3861107}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{F9DC0E8E-AB2B-4FCD-9023-F7B56711C988}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{FE005D68-7AFD-45BF-B02D-FC5F69D6E39F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B87BB2A8-5921-9B18-BBB5-D9A42F9CD3E1}" = ccc-utility64
"{C6CFAF5A-12F9-485E-EAD7-7FA1D3E5B943}" = ATI Catalyst Install Manager
"{C8732DC3-1736-44b2-B741-2D636DE58605}" = HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDEDFD63-E430-4b0c-8D61-5E4E7280F027}" = Network64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002471C5-6F62-D6CD-D6E5-A0F20F079B8B}" = Catalyst Control Center Localization Polish
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03819281-0870-65EE-24B0-A7DEDE9F796A}" = Catalyst Control Center Localization Chinese Traditional
"{04F66470-CEA7-BF9A-1885-8E1A3474825A}" = CCC Help Danish
"{08062F2F-926A-D7EC-57E9-AB97AA0D7FDA}" = CCC Help Finnish
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0CAB8CDF-232E-F28F-A017-B388F41FACCB}" = CCC Help Portuguese
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{150FE68F-EE0C-4867-150A-D74FECBB8448}" = Catalyst Control Center Graphics Light
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2680244D-0FBA-4856-EBE3-9D67E61EB46F}" = Catalyst Control Center Localization Spanish
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2BDFE775-48C0-3E1C-895C-DACC33CC52F0}" = Catalyst Control Center Localization Greek
"{2DAD2930-DFC1-AD0F-E63D-B3E95451CD68}" = CCC Help Greek
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2F59397E-50B1-3CA6-2F8C-03773D40BE3B}" = Catalyst Control Center Graphics Full New
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32622F02-640A-4335-86FF-557325DC39D4}" = PS_AIO_04_C6300_Software_Min
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{35CC44E6-5916-89DC-16B6-7ADE609211CE}" = Catalyst Control Center Localization Finnish
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3A9C19FE-D61C-50DA-6FAF-7FB941B538A0}" = Catalyst Control Center Localization French
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BAB23A6-5272-F52D-1AF0-29419F1362B4}" = Catalyst Control Center Localization Italian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{445F6483-40DC-61B5-849D-35274D96DBA3}" = Catalyst Control Center Localization Czech
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4A239818-F5F7-7AE8-9FD3-08F435ED88D0}" = Skins
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4C17CE6E-4838-819F-01BE-7EEE6181914A}" = Catalyst Control Center Localization Norwegian
"{4C4EA31F-AE29-2517-5E92-3EFB1FD7B896}" = CCC Help Hungarian
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{527CF1CA-D98B-504D-833B-69DA9A8A5AD6}" = CCC Help Czech
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5B99A0A7-0B21-2CD6-474D-8D67177BD4D6}" = Catalyst Control Center Localization Dutch
"{5CFE0191-1ECE-7BD5-8AEF-069ED59A01BB}" = Catalyst Control Center Localization Korean
"{6244BAF3-F26D-A695-1EF6-D9A3C0A6DAA1}" = Catalyst Control Center Graphics Previews Common
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6570A194-A52D-9F23-EA48-90D7C6F20BE9}" = Catalyst Control Center Localization Swedish
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{666F0B45-78DA-FAA3-AB14-43CAEEA3D475}" = Catalyst Control Center Localization Russian
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66B6555E-07BF-3FCB-191F-BCD75650F1F2}" = CCC Help Italian
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{67F6A6BA-E225-4BF5-8E7C-BB4AE25EDCBC}" = Catalyst Control Center InstallProxy
"{69E1907C-E9EA-7A5A-79ED-47FF2B5BFDFB}" = Catalyst Control Center Localization Danish
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{75D0438A-55FB-DD38-0745-5D370179CAC7}" = CCC Help French
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{793C0C7E-7977-C9B5-B427-FDF95F2D1636}" = Catalyst Control Center Localization Hungarian
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{7BD42C12-74D1-4804-B24D-D21E25D4E3CF}" = PS_AIO_04_C6300_ProductContext
"{7CA1269D-86E6-91A8-DD66-9CF6838821BF}" = Catalyst Control Center Localization Portuguese
"{812C53D9-39EC-0511-04E4-5430A4747FB5}" = CCC Help German
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{99832252-D489-4276-B961-6D505CF0AFAA}" = PS_AIO_04_C6300_Software
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9EDC4EA1-558A-4297-9BCB-F36E572E6B1D}" = C6300_Help
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A1940302-F0F9-132F-C521-A5D0E24FAC1D}" = CCC Help Thai
"{A2315CF8-E14F-FA46-B1F1-20E0E5483ADB}" = Catalyst Control Center Localization Thai
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A8411EDB-6A00-8D1A-584B-7A932F44A0C9}" = CCC Help Japanese
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5CD4CF-3802-623E-AD97-D188785EF411}" = CCC Help Polish
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B9275904-9237-94A3-2144-E3D6A62B57E9}" = CCC Help Turkish
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C48EB957-0CCB-D590-AB3F-B3F8A14ECC2F}" = Catalyst Control Center Graphics Full Existing
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CBA7FD59-19A7-5724-5646-CF307326CC18}" = Catalyst Control Center Core Implementation
"{CC0E1AE3-091D-4969-B151-7AC142062C28}" = SmartWebPrinting
"{CC7A4274-E6F2-2351-DA6A-07AB73896609}" = CCC Help Norwegian
"{CD7D2C01-F3C8-4127-325D-49853FCCDB62}" = Catalyst Control Center Localization German
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1E7EA15-5F96-728C-AF32-E1CFF8F9CE44}" = CCC Help Swedish
"{D4250558-4DE6-4342-8865-D397FD66076B}" = C6300
"{D47419B2-62BD-6B53-A96F-7E2F6F3D50C0}" = Catalyst Control Center Localization Turkish
"{D62C79B5-44E0-DEC0-AF01-6A1404E093E9}" = CCC Help Spanish
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E12F2B78-CF64-2438-391F-3D3411A6E193}" = CCC Help English
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E5C3A144-0F9B-8F3E-F1A3-2BB7B26014A6}" = ccc-core-static
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{E8B11A27-5CA6-748E-0F68-159CCF789DF3}" = CCC Help Dutch
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED65A382-3F80-D5A8-CCE0-DAB59D85CA91}" = CCC Help Russian
"{EDBB71B2-3C17-4EA5-ED91-E2EA5C2305CF}" = CCC Help Korean
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F250EA7A-F117-2CCE-03E7-BB62C2BF476C}" = Catalyst Control Center Graphics Previews Vista
"{F38CC586-4703-CE3C-F466-D7821E87926A}" = Catalyst Control Center Localization Chinese Standard
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F62F62BD-E5C5-56E3-6CF6-00407B743E32}" = CCC Help Chinese Traditional
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAF7448B-7AB8-8C58-745E-1551CB481C3D}" = CCC Help Chinese Standard
"{FDE3DBB7-AA79-AA91-ABE9-3696883FAB20}" = Catalyst Control Center Localization Japanese
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"N360" = Norton 360
"tinySpell_is1" = tinySpell 1.8.010
"Tux Paint_is1" = Tux Paint 0.9.21
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AlphaAV" = Alpha Antivirus

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
OTL logfile created on: 11/2/2009 1:46:17 PM - Run 1
OTL by OldTimer - Version 3.1.3.0 Folder = C:\Users\Dennis\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 41.48% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.00 Gb Total Space | 227.52 Gb Free Space | 79.83% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.04 Gb Free Space | 15.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENNIS-PC
Current User Name: Dennis
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/02 13:45:58 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/10/30 17:05:23 | 01,211,392 | ---- | M] () -- C:\Program Files (x86)\AlphaAV\alpha.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/27 00:23:17 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/07/17 22:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10c.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/03/08 06:34:00 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
PRC - [2009/02/09 17:14:02 | 00,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/09 17:13:36 | 00,206,120 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
PRC - [2009/02/03 08:15:18 | 00,111,856 | ---- | M] (Yahoo! Inc) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
PRC - [2008/12/25 16:41:20 | 00,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/25 16:41:16 | 01,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/12/02 21:28:22 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/28 21:04:26 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/28 21:04:26 | 01,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/19 12:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/22 13:32:20 | 00,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/10/10 15:24:44 | 00,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008/08/28 23:09:08 | 00,133,648 | ---- | M] (Microsoft Corp.) -- c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe
PRC - [2008/06/09 13:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2008/06/09 13:16:32 | 02,363,392 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/26 01:25:18 | 00,286,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2008/03/25 20:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 20:27:58 | 00,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:49:00 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe


========== Modules (SafeList) ==========

MOD - [2009/11/02 13:45:58 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
MOD - [2009/07/17 08:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/04/11 01:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/04/11 01:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/04/11 01:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 21:52:09 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/24 20:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- 64bit-(FontCache)
SRV:64bit: - [2009/04/11 02:11:13 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- 64bit-(BthServ)
SRV:64bit: - [2008/12/10 09:04:58 | 00,935,424 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\Ati2evxx.exe -- 64bit-(Ati External Event Utility)
SRV:64bit: - [2008/09/26 14:13:54 | 00,279,040 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- 64bit-(STacSV)
SRV:64bit: - [2008/09/26 14:13:24 | 00,089,088 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- 64bit-(AESTFilters)
SRV:64bit: - [2008/03/18 19:25:40 | 00,023,040 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\Hpservice.exe -- 64bit-(hpsrv)
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- 64bit-(WMPNetworkSvc)
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- 64bit-(WinDefend)
SRV:64bit: - [2007/12/11 15:11:30 | 00,015,872 | ---- | M] (Agere Systems) -- C:\Windows\SysNative\agr64svc.exe -- 64bit-(AgereModemAudio)
SRV - [2009/08/22 03:14:09 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/07/16 18:16:44 | 00,250,616 | ---- | M] (WildTangent, Inc.) -- C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 23:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/02/18 13:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 13:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2009/02/09 17:14:02 | 00,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/02/09 17:14:02 | 00,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched)
SRV - [2008/12/02 21:28:22 | 00,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/19 12:14:06 | 00,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2008/11/09 15:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/10/23 15:46:02 | 00,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008/10/09 10:56:48 | 00,094,208 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/09/15 09:13:38 | 00,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo)
SRV - [2008/06/09 13:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:23:58 | 00,894,976 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/03/25 19:38:24 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006/10/26 17:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2004/10/22 06:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/09/14 04:16:04 | 00,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- 64bit-(SymEvent) SymEvent [Kernel | On_Demand | Running]
DRV:64bit: - [2009/09/14 04:15:13 | 00,034,152 | R--- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- 64bit-(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,583,296 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\ccHPx64.sys -- 64bit-(ccHP) Symantec Hash Provider [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,476,720 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SRTSP64.SYS -- 64bit-(SRTSP) Symantec Real Time Storage Protection x64 [File_System | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,402,992 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SYMEFA64.SYS -- 64bit-(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,334,384 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\BHDrvx64.sys -- 64bit-(BHDrvx64) Symantec Heuristics Driver [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,278,576 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMTDI.SYS -- 64bit-(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,120,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMFW.SYS -- 64bit-(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,056,880 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\Drivers\N360x64\0305020.00B\SYMNDISV.SYS -- 64bit-(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0305020.00B\SRTSPX64.SYS -- 64bit-(SRTSPX) Symantec Real Time Storage Protection (PEL) x64 [Kernel | System | Running]
DRV:64bit: - [2009/08/22 03:14:09 | 00,031,280 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- 64bit-(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running]
DRV:64bit: - [2009/04/11 00:39:51 | 00,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- 64bit-(HdAudAddService) Microsoft 1.1 UAA Function Driver for High Definition Audio Service [Kernel | On_Demand | Running]
DRV:64bit: - [2009/01/19 23:57:37 | 00,694,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\BTHport.sys -- 64bit-(BTHPORT) Bluetooth Port Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- 64bit-(RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- 64bit-(BTHUSB) Bluetooth Radio USB Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2009/01/19 23:57:37 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- 64bit-(BthEnum) Bluetooth Request Block Driver [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/12/10 10:31:26 | 04,993,024 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- 64bit-(atikmdag) atikmdag [Kernel | On_Demand | Running]
DRV:64bit: - [2008/10/27 20:40:02 | 01,164,288 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\DRIVERS\athrx.sys -- 64bit-(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/09/26 14:14:14 | 00,465,408 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- 64bit-(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running]
DRV:64bit: - [2008/07/21 05:53:04 | 00,145,496 | ---- | M] (JMicron Technology Corporation) -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- 64bit-(JMCR) JMCR [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/05/28 16:54:18 | 00,026,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- 64bit-(usbfilter) AMD USB Filter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/04/28 00:25:06 | 00,016,400 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- 64bit-(AtiPcie) ATI PCI Express (3GIO) Filter [Kernel | Boot | Running]
DRV:64bit: - [2008/03/27 15:10:56 | 00,026,984 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- 64bit-(hpdskflt) HP Filter [Kernel | Boot | Running]
DRV:64bit: - [2008/03/27 15:10:14 | 00,040,296 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- 64bit-(Accelerometer) HP Accelerometer [Kernel | On_Demand | Running]
DRV:64bit: - [2008/02/29 18:59:32 | 01,252,352 | ---- | M] (Agere Systems) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- 64bit-(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running]
DRV:64bit: - [2008/02/14 09:56:14 | 00,160,768 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- 64bit-(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/24 08:24:24 | 00,060,928 | ---- | M] (ENE TECHNOLOGY INC.) -- C:\Windows\SysNative\DRIVERS\enecir.sys -- 64bit-(enecir) ENE CIR Receiver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\usbvideo.sys -- 64bit-(usbvideo) USB Video Device (WDM) [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:25 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\serscan.sys -- 64bit-(StillCam) Still Serial Digital Camera Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/20 21:47:02 | 00,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- 64bit-(BthPan) Bluetooth Device (Personal Area Network) [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:57 | 03,154,432 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- 64bit-(NETw3v64) Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:55 | 00,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- 64bit-(sdbus) sdbus [Kernel | On_Demand | Stopped]
DRV:64bit: - [2008/01/20 21:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- 64bit-(CmBatt) Microsoft ACPI Control Method Battery Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2008/01/18 06:31:30 | 00,320,560 | ---- | M] (Synaptics, Inc.) -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- 64bit-(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2007/06/18 19:13:12 | 00,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- 64bit-(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running]
DRV:64bit: - [2006/10/03 20:45:36 | 00,273,408 | ---- | M] (Marvell) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- 64bit-(yukonx64) NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller [Kernel | On_Demand | Stopped]
DRV - [2009/10/28 17:37:21 | 00,466,992 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091028.004\IDSviA64.sys -- (IDSVia64) IDSVia64 [Kernel | System | Running]
DRV - [2009/09/11 16:50:48 | 01,742,896 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091102.003\EX64.SYS -- (NAVEX15) NAVEX15 [Kernel | On_Demand | Running]
DRV - [2009/09/11 16:50:48 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running]
DRV - [2009/09/11 16:50:48 | 00,132,656 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running]
DRV - [2009/09/11 16:50:48 | 00,116,272 | ---- | M] (Symantec Corporation) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091102.003\ENG64.SYS -- (NAVENG) NAVENG [Kernel | On_Demand | Running]
DRV - [2008/11/28 21:04:24 | 00,146,928 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) Power Control [2009/02/26 05:35:27] [Kernel | Auto | Running]
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running]
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running]


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 02:01:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/04/01 19:01:21 | 00,000,000 | ---D | M]


O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (&Advanced Explorer Editor) - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\Windows\SysWOW64\AdvancedIEupdate.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKLM..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKCU..\Run: [tinySpell] C:\Program Files (x86)\tinySpell\tinyspell.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe (Yahoo! Inc)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr =
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {588031A3-94BF-4CDD-86D0-939F6F93910F} https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB (FixItClient Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://www.nick.com/common/groove/gx/GrooveAX27.cab (Groove Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} http://ak.imgag.com/imgag/cp/install/Crusher.cab (Creative Toolbox Plug-in)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class)
O16 - DPF: PackageCab http://ak.imgag.com/imgag/cp/install/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c09c4d6c-af7b-11de-8b5b-00235a2fe768}\Shell - "" = AutoRun
O33 - MountPoints2\{c09c4d6c-af7b-11de-8b5b-00235a2fe768}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
========== Files/Folders - Created Within 30 Days ==========

[2009/11/02 13:45:58 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Users\Dennis\Desktop\OTL.exe
[2009/11/01 22:22:38 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/11/01 22:22:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/11/01 17:35:12 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009/11/01 17:35:11 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2009/11/01 17:35:10 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/11/01 17:31:43 | 00,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2009/11/01 17:31:43 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winspool.drv
[2009/11/01 17:31:42 | 00,449,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2009/11/01 17:31:42 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2009/11/01 17:31:22 | 00,893,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009/11/01 17:31:22 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2009/11/01 17:31:16 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2009/11/01 17:31:16 | 00,981,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2009/11/01 17:31:16 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2009/11/01 17:31:16 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2009/11/01 17:31:16 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2009/11/01 17:31:16 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2009/11/01 17:31:15 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2009/11/01 17:31:15 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecs.dll
[2009/11/01 17:31:15 | 00,566,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2009/11/01 17:31:15 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2009/11/01 17:31:15 | 00,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2009/11/01 17:31:15 | 00,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2009/11/01 17:31:15 | 00,328,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiag.exe
[2009/11/01 17:31:15 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2009/11/01 17:31:15 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2009/11/01 17:31:15 | 00,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2009/11/01 17:31:15 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiag.exe
[2009/11/01 17:31:15 | 00,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2009/11/01 17:31:15 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2009/11/01 17:31:15 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2009/11/01 17:31:15 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10core.dll
[2009/11/01 17:31:15 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2009/11/01 17:31:14 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2009/11/01 17:31:14 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2009/11/01 17:31:14 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2009/11/01 17:31:14 | 00,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2009/11/01 17:31:14 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2009/11/01 17:31:14 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2009/11/01 17:31:14 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2009/11/01 17:31:14 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2009/11/01 17:31:14 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2009/11/01 17:31:14 | 00,326,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2009/11/01 17:31:14 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2009/11/01 17:31:14 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2009/11/01 17:31:13 | 03,068,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2009/11/01 17:31:13 | 01,548,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2009/11/01 17:31:13 | 01,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2009/11/01 17:31:13 | 01,142,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll
[2009/11/01 17:31:13 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2009/11/01 17:31:13 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2009/11/01 17:31:12 | 01,269,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2009/11/01 17:31:12 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10.dll
[2009/11/01 17:31:12 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2009/11/01 17:28:31 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShextAutoplay.exe
[2009/11/01 17:28:31 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShextAutoplay.exe
[2009/11/01 17:28:30 | 00,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdbusenum.dll
[2009/11/01 17:28:30 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BthMtpContextHandler.dll
[2009/11/01 17:28:14 | 02,537,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2009/11/01 17:28:14 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceConnectApi.dll
[2009/11/01 17:28:13 | 02,727,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2009/11/01 17:28:13 | 00,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2009/11/01 17:28:13 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2009/11/01 17:28:13 | 00,433,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2009/11/01 17:28:13 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2009/11/01 17:28:13 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceWMDRM.dll
[2009/11/01 17:28:13 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceTypes.dll
[2009/11/01 17:28:13 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceWMDRM.dll
[2009/11/01 17:28:13 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceTypes.dll
[2009/11/01 17:28:13 | 00,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceClassExtension.dll
[2009/11/01 17:28:13 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2009/11/01 17:28:13 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceClassExtension.dll
[2009/11/01 17:28:13 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDShServiceObj.dll
[2009/11/01 17:28:13 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceConnectApi.dll
[2009/11/01 17:28:12 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2009/11/01 17:25:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleaccrc.dll
[2009/11/01 17:25:43 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaccrc.dll
[2009/11/01 17:25:35 | 00,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAutomationCore.dll
[2009/11/01 17:25:35 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAutomationCore.dll
[2009/11/01 17:25:35 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2009/11/01 17:25:35 | 00,234,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleacc.dll
[2009/11/01 17:14:08 | 00,000,000 | ---D | C] -- C:\Users\Dennis\Documents\JavaRa[1]

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/30 21:12:40 | 00,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes
[2009/10/30 21:12:29 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/30 21:12:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/30 21:12:29 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/30 18:47:20 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\N360_BACKUP
[2009/10/30 17:05:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AlphaAVUninstall
[2009/10/30 17:05:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AlphaAV
[2009/10/29 02:01:33 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2009/10/29 02:01:33 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2009/10/29 02:01:12 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2009/10/29 02:01:11 | 03,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2009/10/29 02:01:11 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2009/10/29 02:01:10 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2009/10/28 03:39:50 | 10,626,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/10/28 03:39:49 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2009/10/28 03:39:49 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2009/10/28 03:39:47 | 13,428,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/10/28 03:39:44 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/10/28 03:39:44 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/10/27 07:09:26 | 02,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2009/10/27 07:09:26 | 02,424,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2009/10/27 07:09:26 | 00,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2009/10/27 07:09:26 | 00,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2009/10/27 07:08:37 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2009/10/27 07:08:37 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/10/27 07:08:37 | 00,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2009/10/27 07:08:36 | 00,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2009/10/27 07:08:36 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/10/27 07:08:36 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/10/27 07:08:17 | 00,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2009/10/27 07:08:17 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/10/27 07:08:17 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2009/10/27 07:08:17 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/10/24 23:05:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TuxPaint
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2009/10/24 11:34:52 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2009/10/24 11:34:51 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2009/10/24 08:09:21 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2009/10/23 22:13:49 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/10/23 22:13:49 | 00,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2009/10/22 23:06:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Coupons
[2009/10/20 21:03:23 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2009/10/20 21:03:23 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0007.dll
[2009/10/20 21:03:17 | 02,582,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLsvc.exe
[2009/10/20 21:03:17 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCExt.dll
[2009/10/20 21:03:16 | 02,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FunctionDiscoveryFolder.dll
[2009/10/20 21:03:16 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FunctionDiscoveryFolder.dll
[2009/10/20 21:03:14 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0009.dll
[2009/10/20 21:03:14 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NlsLexicons0009.dll
[2009/10/20 21:03:11 | 02,280,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2009/10/20 21:03:11 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msstrc.dll
[2009/10/20 21:03:11 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:03:11 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmlfilter.dll
[2009/10/20 21:03:11 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshooks.dll
[2009/10/20 21:03:10 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLCExt.dll
[2009/10/20 21:03:10 | 00,019,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2009/10/20 21:03:07 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2009/10/20 21:03:03 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WscEapPr.dll
[2009/10/20 21:03:02 | 02,204,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2009/10/20 21:03:02 | 01,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz2.dll
[2009/10/20 21:03:02 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wcnwiz2.dll
[2009/10/20 21:03:02 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WscEapPr.dll
[2009/10/20 21:03:01 | 01,381,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2009/10/20 21:03:01 | 01,165,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2009/10/20 21:03:01 | 00,948,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hdaudbus.sys
[2009/10/20 21:03:01 | 00,046,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardcpl.cpl
[2009/10/20 21:03:00 | 01,146,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2009/10/20 21:02:59 | 00,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2009/10/20 21:02:58 | 00,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2009/10/20 21:02:57 | 03,108,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2009/10/20 21:02:57 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2009/10/20 21:02:56 | 00,886,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmain.dll
[2009/10/20 21:02:55 | 01,515,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ntfs.sys
[2009/10/20 21:02:55 | 00,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2009/10/20 21:02:54 | 12,897,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2009/10/20 21:02:52 | 01,582,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2009/10/20 21:02:52 | 00,946,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavenge.dll
[2009/10/20 21:02:52 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2009/10/20 21:02:51 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2009/10/20 21:02:50 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys
[2009/10/20 21:02:50 | 00,538,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2009/10/20 21:02:50 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2009/10/20 21:02:48 | 02,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2009/10/20 21:02:47 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2009/10/20 21:02:46 | 01,804,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2009/10/20 21:02:46 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2009/10/20 21:02:45 | 03,263,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2009/10/20 21:02:43 | 00,836,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\p2psvc.dll
[2009/10/20 21:02:43 | 00,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2009/10/20 21:02:43 | 00,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2009/10/20 21:02:41 | 01,418,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2009/10/20 21:02:41 | 01,217,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2009/10/20 21:02:40 | 02,715,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmc.exe
[2009/10/20 21:02:40 | 00,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2009/10/20 21:02:40 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:02:39 | 01,185,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2009/10/20 21:02:38 | 02,506,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2009/10/20 21:02:37 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2009/10/20 21:02:37 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchIndexer.exe
[2009/10/20 21:02:37 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2009/10/20 21:02:37 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizui.dll
[2009/10/20 21:02:33 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spinstall.exe
[2009/10/20 21:02:33 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spreview.exe
[2009/10/20 21:02:32 | 01,915,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2009/10/20 21:02:32 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2009/10/20 21:02:32 | 00,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdohlp.dll
[2009/10/20 21:02:31 | 03,433,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfsr.exe
[2009/10/20 21:02:31 | 00,796,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2009/10/20 21:02:31 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2009/10/20 21:02:30 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shell32.dll
[2009/10/20 21:02:30 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2VDEC.DLL
[2009/10/20 21:02:29 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\p2psvc.dll
[2009/10/20 21:02:29 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchIndexer.exe
[2009/10/20 21:02:29 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorPwdMgr.dll
[2009/10/20 21:02:29 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorPwdMgr.dll
[2009/10/20 21:02:28 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2009/10/20 21:02:28 | 00,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2009/10/20 21:02:28 | 00,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2009/10/20 21:02:28 | 00,223,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2009/10/20 21:02:27 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2009/10/20 21:02:26 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2009/10/20 21:02:25 | 00,858,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kernel32.dll
[2009/10/20 21:02:25 | 00,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv.sys
[2009/10/20 21:02:25 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2009/10/20 21:02:25 | 00,278,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscoree.dll
[2009/10/20 21:02:24 | 01,165,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntdll.dll
[2009/10/20 21:02:24 | 00,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2VDEC.DLL
[2009/10/20 21:02:24 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2009/10/20 21:02:24 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2009/10/20 21:02:24 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\korwbrkr.dll
[2009/10/20 21:02:23 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2009/10/20 21:02:23 | 00,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2009/10/20 21:02:22 | 00,922,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2009/10/20 21:02:22 | 00,403,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscoree.dll
[2009/10/20 21:02:21 | 00,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uDWM.dll
[2009/10/20 21:02:21 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2009/10/20 21:02:20 | 03,894,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2009/10/20 21:02:20 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2009/10/20 21:02:19 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2009/10/20 21:02:19 | 00,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairing.dll
[2009/10/20 21:02:19 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairing.dll
[2009/10/20 21:02:18 | 00,606,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\http.sys

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:02:18 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2009/10/20 21:02:17 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sperror.dll
[2009/10/20 21:02:16 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2009/10/20 21:02:15 | 01,673,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeCPL.dll
[2009/10/20 21:02:15 | 00,401,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\P2PGraph.dll
[2009/10/20 21:02:15 | 00,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2009/10/20 21:02:14 | 01,019,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2009/10/20 21:02:14 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2009/10/20 21:02:14 | 00,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2009/10/20 21:02:14 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SLC.dll
[2009/10/20 21:02:13 | 01,259,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2009/10/20 21:02:13 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2009/10/20 21:02:13 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2009/10/20 21:02:12 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet40.dll
[2009/10/20 21:02:12 | 01,491,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtsvc.dll
[2009/10/20 21:02:12 | 00,581,632 | ---- | C] (Microsoft) -- C:\Windows\SysNative\IasMigPlugin.dll
[2009/10/20 21:02:11 | 01,925,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2009/10/20 21:02:11 | 01,336,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6.dll
[2009/10/20 21:02:11 | 00,738,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ndis.sys
[2009/10/20 21:02:11 | 00,164,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Storport.sys
[2009/10/20 21:02:11 | 00,049,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2009/10/20 21:02:10 | 00,558,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2009/10/20 21:02:10 | 00,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2009/10/20 21:02:10 | 00,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2009/10/20 21:02:10 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\compcln.exe
[2009/10/20 21:02:09 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2009/10/20 21:02:09 | 01,081,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qmgr.dll
[2009/10/20 21:02:09 | 01,078,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2009/10/20 21:02:08 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2009/10/20 21:02:08 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user32.dll
[2009/10/20 21:02:08 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2009/10/20 21:02:08 | 00,171,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2009/10/20 21:02:08 | 00,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorShell.dll
[2009/10/20 21:02:08 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorShell.dll
[2009/10/20 21:02:08 | 00,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBth.dll
[2009/10/20 21:02:07 | 01,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2009/10/20 21:02:07 | 01,064,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2009/10/20 21:02:07 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexch40.dll
[2009/10/20 21:02:06 | 01,584,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2009/10/20 21:02:06 | 01,316,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ole32.dll
[2009/10/20 21:02:06 | 01,065,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2009/10/20 21:02:06 | 00,719,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcss.dll
[2009/10/20 21:02:06 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IasMigReader.exe
[2009/10/20 21:02:06 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\P2PGraph.dll
[2009/10/20 21:02:05 | 03,079,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009/10/20 21:02:04 | 01,733,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2009/10/20 21:02:04 | 01,658,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:02:04 | 01,183,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3.dll
[2009/10/20 21:02:04 | 00,967,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2009/10/20 21:02:04 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2009/10/20 21:02:03 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2009/10/20 21:02:03 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2009/10/20 21:02:02 | 01,433,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VSSVC.exe
[2009/10/20 21:02:02 | 01,357,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2009/10/20 21:02:02 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdi32.dll
[2009/10/20 21:02:02 | 00,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolss.dll
[2009/10/20 21:02:02 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingWizard.exe
[2009/10/20 21:02:02 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingWizard.exe
[2009/10/20 21:02:01 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmc.exe
[2009/10/20 21:02:01 | 01,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comsvcs.dll
[2009/10/20 21:02:01 | 01,650,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browseui.dll
[2009/10/20 21:02:01 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2009/10/20 21:02:01 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\IasMigPlugin.dll
[2009/10/20 21:02:00 | 01,930,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2009/10/20 21:02:00 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Magnify.exe
[2009/10/20 21:02:00 | 00,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\afd.sys
[2009/10/20 21:01:59 | 01,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2009/10/20 21:01:59 | 00,123,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2009/10/20 21:01:59 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdBth.dll
[2009/10/20 21:01:58 | 01,092,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmSvc.dll
[2009/10/20 21:01:57 | 00,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2009/10/20 21:01:57 | 00,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bcrypt.dll
[2009/10/20 21:01:57 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchFilterHost.exe
[2009/10/20 21:01:56 | 02,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\milcore.dll
[2009/10/20 21:01:56 | 00,347,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2009/10/20 21:01:56 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SearchProtocolHost.exe
[2009/10/20 21:01:55 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009/10/20 21:01:55 | 00,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iasrecst.dll
[2009/10/20 21:01:55 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spoolss.dll
[2009/10/20 21:01:54 | 02,484,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2009/10/20 21:01:54 | 00,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Magnify.exe
[2009/10/20 21:01:54 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NaturalLanguage6.dll
[2009/10/20 21:01:54 | 00,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapimig.exe
[2009/10/20 21:01:53 | 02,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apds.dll
[2009/10/20 21:01:53 | 00,843,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedsvc.dll
[2009/10/20 21:01:53 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2009/10/20 21:01:52 | 01,040,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2009/10/20 21:01:52 | 01,013,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpedit.dll
[2009/10/20 21:01:52 | 00,460,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2009/10/20 21:01:52 | 00,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiosrv.dll
[2009/10/20 21:01:52 | 00,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\es.dll
[2009/10/20 21:01:52 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjtes40.dll
[2009/10/20 21:01:51 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpedit.dll
[2009/10/20 21:01:51 | 00,918,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comuid.dll

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:01:51 | 00,647,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2009/10/20 21:01:51 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp60.dll
[2009/10/20 21:01:51 | 00,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2009/10/20 21:01:51 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwmi.dll
[2009/10/20 21:01:51 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Storprop.dll
[2009/10/20 21:01:50 | 01,244,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2009/10/20 21:01:50 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2009/10/20 21:01:50 | 00,820,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2009/10/20 21:01:50 | 00,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2009/10/20 21:01:50 | 00,620,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2009/10/20 21:01:50 | 00,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2009/10/20 21:01:50 | 00,275,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fltMgr.sys
[2009/10/20 21:01:50 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\es.dll
[2009/10/20 21:01:49 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advapi32.dll
[2009/10/20 21:01:49 | 00,455,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2009/10/20 21:01:49 | 00,394,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wevtapi.dll
[2009/10/20 21:01:49 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstext40.dll
[2009/10/20 21:01:49 | 00,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlhtml.dll
[2009/10/20 21:01:48 | 00,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2009/10/20 21:01:48 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WebClnt.dll
[2009/10/20 21:01:48 | 00,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe
[2009/10/20 21:01:48 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLC.dll
[2009/10/20 21:01:48 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayDriverLib.dll
[2009/10/20 21:01:48 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2009/10/20 21:01:47 | 00,447,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2009/10/20 21:01:47 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2009/10/20 21:01:47 | 00,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2009/10/20 21:01:46 | 01,570,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2009/10/20 21:01:46 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comsvcs.dll
[2009/10/20 21:01:46 | 00,621,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2009/10/20 21:01:46 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxbde40.dll
[2009/10/20 21:01:46 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WcnNetsh.dll
[2009/10/20 21:01:46 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwmi.dll
[2009/10/20 21:01:45 | 01,681,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcnwiz.dll
[2009/10/20 21:01:45 | 01,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vssapi.dll
[2009/10/20 21:01:45 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devmgr.dll
[2009/10/20 21:01:44 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srvnet.sys
[2009/10/20 21:01:44 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingProxy.dll
[2009/10/20 21:01:44 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingProxy.dll
[2009/10/20 21:01:43 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2009/10/20 21:01:43 | 00,581,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wcncsvc.dll
[2009/10/20 21:01:42 | 01,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NetProjW.dll
[2009/10/20 21:01:42 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctfp.dll
[2009/10/20 21:01:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdBthProxy.dll
[2009/10/20 21:01:41 | 01,499,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2009/10/20 21:01:41 | 01,195,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2009/10/20 21:01:40 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl40.dll

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
[2009/10/20 21:01:40 | 00,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp60.dll
[2009/10/20 21:01:40 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\w32time.dll
[2009/10/20 21:01:40 | 00,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2009/10/20 21:01:40 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll
[2009/10/20 21:01:40 | 00,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2009/10/20 21:01:39 | 00,660,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2009/10/20 21:01:39 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2009/10/20 21:01:39 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\newdev.dll
[2009/10/20 21:01:39 | 00,354,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2009/10/20 21:01:39 | 00,289,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rsaenh.dll
[2009/10/20 21:01:39 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spoolsv.exe
[2009/10/20 21:01:39 | 00,164,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2009/10/20 21:01:38 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2009/10/20 21:01:38 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propsys.dll
[2009/10/20 21:01:38 | 00,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpsvc.dll
[2009/10/20 21:01:38 | 00,631,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLCommDlg.dll
[2009/10/20 21:01:38 | 00,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netbt.sys
[2009/10/20 21:01:38 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2009/10/20 21:01:38 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iasrecst.dll
[2009/10/20 21:01:38 | 00,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2009/10/20 21:01:37 | 02,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009/10/20 21:01:37 | 01,748,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2009/10/20 21:01:37 | 00,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\crypt32.dll
[2009/10/20 21:01:37 | 00,727,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtcprx.dll
[2009/10/20 21:01:37 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umpnpmgr.dll
[2009/10/20 21:01:36 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupapi.dll
[2009/10/20 21:01:34 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mspbde40.dll
[2009/10/20 21:01:33 | 01,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2009/10/20 21:01:33 | 00,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdbss.sys
[2009/10/20 21:01:32 | 00,840,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2009/10/20 21:01:32 | 00,480,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\swprv.dll
[2009/10/20 21:01:32 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SLUI.exe
[2009/10/20 21:01:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2009/10/20 21:01:31 | 01,245,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2009/10/20 21:01:31 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2009/10/20 21:01:30 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2009/10/20 21:01:30 | 00,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MPSSVC.dll
[2009/10/20 21:01:30 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2009/10/20 21:01:30 | 00,380,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2009/10/20 21:01:30 | 00,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shlwapi.dll
[2009/10/20 21:01:30 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msltus40.dll
[2009/10/20 21:01:29 | 01,543,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2009/10/20 21:01:29 | 00,671,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2009/10/20 21:01:29 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrd3x40.dll
[2009/10/20 21:01:28 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browseui.dll
[2009/10/20 21:01:28 | 00,581,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2009/10/20 21:01:28 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iassdo.dll
[2009/10/20 21:01:28 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbhub.sys
[2009/10/20 21:01:28 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtapi.dll

descriptionfake antivirus alpha EmptyRe: fake antivirus alpha

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum