Jump to content


Photo

Avast Anti-virus randomly says something is trying to shut it down


  • This topic is locked This topic is locked
26 replies to this topic

#1 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 27 December 2012 - 07:30 PM

I'm not sure if I have a malware infection or if my anti-virus is just being glitchy, but my Avast antivirus has lately been occasionally displaying a pop-up window saying that something is trying to shut it down, and that if I am not responsible, I should say "no." I obviously did not tell Avast to shut down.

I did a Malwarebytes scan a few weeks ago, and it found nothing, and even tried using ESET online scanner, and it also found nothing wrong, and I haven't had any other symptoms of an infection. Thus, I assumed it wasn't malware at first. However, I keep getting the Avast pop-up occassionally, so I wanted to check here to make absolutely sure I'm not infected with anything.

Thanks in advance!

My logs:


Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.27.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
vosz :: HOME-PC [administrator]

12/27/2012 6:10:48 PM
mbam-log-2012-12-27 (18-10-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 288458
Time elapsed: 14 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by vosz at 18:46:04 on 2012-12-27
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.879 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Common Files\Comodo\launcher_service.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\GamesBar\SearchEngineProtection.exe
C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Comodo\GeekBuddy\unit.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Users\vosz\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\hp\kbd\kbd.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\vosz\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.majorgeeks.com/
mStart Page = hxxp://www.majorgeeks.com/
uProxyOverride = <local>;*.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: HP Print Clips: {053F9267-DC04-4294-A72C-58F732D338C0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Accelerator Plugin: {656EC4B7-072B-4698-B504-2A414C1F0037} - c:\program files\peoplepc accelerated\prpl_IePopupBlocker.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SearchEngineProtection] c:\program files\gamesbar\SearchEngineProtection.exe
uRun: [Google Update] "c:\users\vosz\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [CCUTRAYICON] FactoryMode
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [DT HPW] c:\program files\portrait displays\hp my display\DTHtml.exe -startup_folder
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ZoneAlarm Installer] "c:\program files\checkpoint\install\launcher.exe" "c:\program files\checkpoint\install\install.exe" /r /c "c:\program files\checkpoint\install\Install.xml"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [tvncontrol] "c:\program files\common files\comodo\tvnserver.exe" -controlservice -slave
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [PCDrProfiler] c:\program files\pc-doctor 5 for windows\RunProfiler.exe -r
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish picture mover\SnapfishMediaDetector.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\startg~1.lnk - c:\program files\comodo\geekbuddy\launcher.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://service.futuremark.com/openapi/receivers/FMSI.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052} : NameServer = 207.69.188.185,207.69.188.186
TCP: Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052} : DHCPNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\vosz\appdata\roaming\mozilla\firefox\profiles\a2e7wxeq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\wildtangent games\app\browserintegration\registered\3\NP_wtapp.dll
FF - plugin: c:\users\vosz\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 08:36; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-12 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-12 361032]
R1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2012-12-4 35064]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-11-7 494416]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-11-7 42264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-4-6 218688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-12 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-3-12 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-12 44808]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files\common files\comodo\launcher_service.exe [2012-11-1 70352]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2012-12-19 1868432]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-3 21504]
R2 GeekBuddyRSP;GeekBuddy Remote Screen Protocol;c:\program files\common files\comodo\GeekBuddyRSP.exe [2012-10-31 1467088]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2011-3-12 95232]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2008-10-11 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2012-3-24 401920]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-6-3 21504]
S3 rcmirror;rcmirror;c:\windows\system32\drivers\rcmirror.sys [2007-12-14 5120]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-12-24 22:49:14 -------- d-----w- c:\program files\common files\Nancy Drew Prerequisites
2012-12-24 22:49:11 -------- d-----w- c:\program files\Her Interactive
2012-12-22 14:59:49 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 14:59:49 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:31:02 -------- d-----w- c:\program files\iPod
2012-12-14 21:30:59 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-14 21:30:59 -------- d-----w- c:\program files\iTunes
2012-12-13 16:47:26 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 16:47:15 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 16:47:14 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 16:47:14 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 16:47:12 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 16:47:12 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 16:47:11 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 16:47:11 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 16:47:07 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 16:47:06 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-13 16:47:06 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-12 17:56:56 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 17:56:55 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 17:56:55 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 17:56:54 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 17:56:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-07 23:15:52 -------- d-----w- c:\program files\GoldenTrails3TheGuardiansCreedPremiumEdition
2012-12-06 21:20:51 -------- d-----w- c:\users\vosz\appdata\roaming\DominiGames
2012-12-04 17:56:56 -------- d-----w- c:\users\vosz\appdata\roaming\island_tribe_4_realore_wild_tangent_en
2012-12-04 08:41:28 35064 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2012-12-03 18:53:09 -------- d-----w- c:\users\vosz\appdata\local\Farmington Tales
2012-12-01 17:41:18 -------- d-----w- c:\program files\IslandTribe4
.
==================== Find3M ====================
.
2012-12-20 01:13:04 42760 ----a-w- c:\windows\system32\certsentry.dll
2012-12-11 21:22:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-11 21:22:09 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-04 08:41:28 35064 ----a-w- c:\windows\inf\cfrmd\cfrmd.sys
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-08 04:37:46 42264 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 04:37:44 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 04:37:44 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 04:37:36 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 04:37:36 301264 ----a-w- c:\windows\system32\guard32.dll
2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-10-25 08:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 08:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-11 02:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 02:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-11 02:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 02:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 02:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 02:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29:42 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29:41 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29:41 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:29:41 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28:53 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 18:15:52 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 23:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
============= FINISH: 18:49:07.05 ===============


Results of screen317's Security Check version 0.99.56
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Out of date HijackThis installed!
SpywareBlaster 4.6
Spybot - Search & Destroy
McAfee SiteAdvisor
CWShredder
Malwarebytes Anti-Malware version 1.65.1.1000
HijackThis 2.0.2
CCleaner
Java™ 6 Update 31
Java 7 Update 9
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox 13.0.1 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast AvastSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

#2 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 28 December 2012 - 03:56 AM

Hello Mahvra,

We are currently studying your logs and will be back to you as soon as possible. Thank you for your patience.

#3 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 28 December 2012 - 08:20 AM

Hi Mahvra - Welcome to SWI. :hi:

Download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all antivirus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

Note: **Do not mouseclick ComboFix's window while it's running. That may cause it to stall**
Note: **If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**

====

Please download TDSSKiller.exe to your Desktop

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

====

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
====

In your next post, please include
  • The ComboFix log (located at C:\ComboFix.txt)
  • The TDSSKiller report
  • The AdwCleaner log


#4 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 28 December 2012 - 03:46 PM

Thanks! The resulting logs:


ComboFix 12-12-28.02 - vosz 12/28/2012 14:31:34.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.2188 [GMT -5:00]
Running from: c:\users\vosz\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-28 to 2012-12-28 )))))))))))))))))))))))))))))))
.
.
2012-12-28 19:43 . 2012-12-28 19:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-12-28 19:43 . 2012-12-28 19:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-28 19:43 . 2012-12-28 19:43 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2012-12-28 19:43 . 2012-12-28 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-24 22:49 . 2012-12-24 22:49 -------- d-----w- c:\program files\Common Files\Nancy Drew Prerequisites
2012-12-24 22:49 . 2012-12-24 22:49 -------- d-----w- c:\program files\Her Interactive
2012-12-22 14:59 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 14:59 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:31 . 2012-12-14 21:31 -------- d-----w- c:\program files\iPod
2012-12-14 21:30 . 2012-12-14 21:31 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-14 21:30 . 2012-12-14 21:31 -------- d-----w- c:\program files\iTunes
2012-12-13 16:50 . 2012-11-14 02:56 149552 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-13 16:47 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-13 16:47 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-13 16:47 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-13 16:47 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-13 16:47 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-13 16:47 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-13 16:47 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-13 16:47 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-13 16:47 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-13 16:47 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-13 16:47 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-12 17:56 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 17:56 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 17:56 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-12 17:56 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-12 17:56 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-07 23:15 . 2012-12-08 06:12 -------- d-----w- c:\program files\GoldenTrails3TheGuardiansCreedPremiumEdition
2012-12-06 21:20 . 2012-12-16 22:43 -------- d-----w- c:\users\vosz\AppData\Roaming\DominiGames
2012-12-04 17:56 . 2012-12-04 17:57 -------- d-----w- c:\users\vosz\AppData\Roaming\island_tribe_4_realore_wild_tangent_en
2012-12-04 08:41 . 2012-12-04 08:41 35064 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2012-12-03 18:53 . 2012-12-03 18:54 -------- d-----w- c:\users\vosz\AppData\Local\Farmington Tales
2012-12-01 17:41 . 2012-12-06 19:49 -------- d-----w- c:\program files\IslandTribe4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 01:13 . 2012-11-23 18:19 42760 ----a-w- c:\windows\system32\certsentry.dll
2012-12-11 21:22 . 2012-04-09 15:47 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-11 21:22 . 2011-07-06 13:08 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-04 08:41 . 2012-12-04 08:41 35064 ----a-w- c:\windows\inf\CFRMD\cfrmd.sys
2012-11-08 04:37 . 2012-11-08 04:37 82952 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-11-08 04:37 . 2012-11-08 04:37 42264 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-08 04:37 . 2012-11-08 04:37 494416 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-08 04:37 . 2012-11-08 04:37 19632 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-08 04:37 . 2012-11-08 04:37 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-08 04:37 . 2012-11-08 04:37 301264 ----a-w- c:\windows\system32\guard32.dll
2012-10-30 23:51 . 2011-03-12 18:06 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2011-03-12 18:06 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2011-03-12 18:06 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-03-12 18:06 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 23:51 . 2011-03-12 18:06 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2011-03-12 18:06 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2011-03-12 18:03 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2011-03-12 18:03 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-11 02:15 . 2012-10-11 02:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-11 02:15 . 2012-10-11 02:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-11 02:14 . 2012-10-11 02:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-11 02:14 . 2012-10-11 02:14 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-11 02:14 . 2012-10-11 02:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-11 02:14 . 2010-01-19 19:09 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-11 02:14 . 2012-10-11 02:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-11 02:14 . 2012-10-11 02:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-11 02:14 . 2012-10-11 02:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-11 02:14 . 2012-10-11 02:14 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-11 02:14 . 2012-10-11 02:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-11 02:14 . 2010-01-19 19:09 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-10-02 19:29 . 2010-01-12 03:18 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:29 . 2012-11-18 17:20 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:29 . 2010-01-12 03:18 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:29 . 2010-01-12 03:18 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29 . 2010-01-12 03:18 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28 . 2010-01-12 03:18 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-29 23:54 . 2008-11-18 22:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-16 13:38 . 2011-11-17 03:43 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Steam"="c:\program files\Steam\Steam.exe" [2012-12-04 1354736]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"SearchEngineProtection"="c:\program files\Gamesbar\SearchEngineProtection.exe" [2010-05-31 568312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-06-15 178968]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 4702208]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"DT HPW"="c:\program files\Portrait Displays\HP My Display\DTHtml.exe" [2007-04-25 280064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"AmazonGSDownloaderTray"="c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-08 6756048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PCDrProfiler"="c:\program files\PC-Doctor 5 for Windows\RunProfiler.exe" [2007-04-05 73728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish Media Detector.lnk - c:\program files\Snapfish Picture Mover\SnapfishMediaDetector.exe [2007-5-7 1273856]
Start GeekBuddy.lnk - c:\program files\Comodo\GeekBuddy\launcher.exe [2012-11-1 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ ?­\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.Commonstartup
backupExtension=.Commonstartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-12 02:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
2011-01-02 16:16 1670656 ----a-w- c:\program files\KeePass Password Safe 2\KeePass.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerBlock]
2010-11-07 03:24 1866864 ----a-w- c:\program files\PeerBlock\peerblock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 21:22]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001Core.job
- c:\users\vosz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-19 05:13]
.
2012-12-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001UA.job
- c:\users\vosz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-19 05:13]
.
2012-12-09 c:\windows\Tasks\HPCeeScheduleForvosz.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-09-11 23:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.majorgeeks.com/
mStart Page = hxxp://www.majorgeeks.com/
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052}: NameServer = 207.69.188.185,207.69.188.186
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
FF - ProfilePath - c:\users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-02 08:36; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-ZoneAlarm Installer - c:\program files\CheckPoint\Install\Launcher.exe
HKLM-Run-tvncontrol - c:\program files\Common Files\Comodo\tvnserver.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-28 14:45
Windows 6.0.6002 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2992315687-346107145-2984242248-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4%p***]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2992315687-346107145-2984242248-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*4%p***\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-2992315687-346107145-2984242248-1001\Software\SecuROM\License information*]
"datasecu"=hex:df,67,9c,4b,3a,1f,52,c7,17,c2,a8,1e,4f,2d,48,a5,3a,02,c6,e7,6b,
69,37,d0,1c,75,20,63,e5,4a,cf,08,3d,fc,95,73,27,a3,5f,bc,db,11,c6,da,bc,5f,\
"rkeysecu"=hex:e2,19,80,54,2d,59,a0,96,c5,b4,5f,25,ef,f1,bb,1d
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&1464f959&0&UID257\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&1464f959&0&UID257\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&339da9f2&0&UID256\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&339da9f2&0&UID256\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&339da9f2&0&UID512\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&339da9f2&0&UID512\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&12345678&01&00\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&12345678&01&00\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&UID1048833\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&UID1048833\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&UID16777473\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\Default_Monitor\5&5c42365&0&UID16777473\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&339da9f2&0&UID257\Device Parameters\MODES]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&339da9f2&0&UID257\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&339da9f2&0&UID257\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&5c42365&0&UID1048833\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&5c42365&0&UID1048833\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&5c42365&0&UID16777473\Device Parameters\MODES]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&5c42365&0&UID16777473\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\HWP26A2\5&5c42365&0&UID16777473\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\WDE1901\5&5c42365&0&UID1048833\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\DISPLAY\WDE1901\5&5c42365&0&UID1048833\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(856)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\guard32.dll
.
Completion time: 2012-12-28 14:50:06
ComboFix-quarantined-files.txt 2012-12-28 19:49
ComboFix2.txt 2012-07-01 15:27
ComboFix3.txt 2012-04-30 04:18
.
Pre-Run: 259,068,792,832 bytes free
Post-Run: 259,504,381,952 bytes free
.
- - End Of File - - E69FBB8D9537DADC82924E7368FA6DE7


15:35:31.0434 5460 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:35:31.0497 5460 ============================================================
15:35:31.0497 5460 Current date / time: 2012/12/28 15:35:31.0497
15:35:31.0497 5460 SystemInfo:
15:35:31.0497 5460
15:35:31.0497 5460 OS Version: 6.0.6002 ServicePack: 2.0
15:35:31.0497 5460 Product type: Workstation
15:35:31.0497 5460 ComputerName: HOME-PC
15:35:31.0497 5460 UserName: vosz
15:35:31.0497 5460 Windows directory: C:\Windows
15:35:31.0497 5460 System windows directory: C:\Windows
15:35:31.0497 5460 Processor architecture: Intel x86
15:35:31.0497 5460 Number of processors: 2
15:35:31.0497 5460 Page size: 0x1000
15:35:31.0497 5460 Boot type: Normal boot
15:35:31.0497 5460 ============================================================
15:35:31.0871 5460 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:35:31.0934 5460 ============================================================
15:35:31.0934 5460 \Device\Harddisk0\DR0:
15:35:31.0934 5460 MBR partitions:
15:35:31.0934 5460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3916CBA5
15:35:31.0934 5460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3916CBE4, BlocksNum 0x121805D
15:35:31.0934 5460 ============================================================
15:35:31.0965 5460 C: <-> \Device\Harddisk0\DR0\Partition1
15:35:32.0012 5460 D: <-> \Device\Harddisk0\DR0\Partition2
15:35:32.0012 5460 ============================================================
15:35:32.0012 5460 Initialize success
15:35:32.0012 5460 ============================================================
15:35:40.0077 4784 ============================================================
15:35:40.0077 4784 Scan started
15:35:40.0077 4784 Mode: Manual;
15:35:40.0077 4784 ============================================================
15:35:40.0576 4784 ================ Scan system memory ========================
15:35:40.0576 4784 System memory - ok
15:35:40.0576 4784 ================ Scan services =============================
15:35:40.0763 4784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:35:40.0779 4784 ACPI - ok
15:35:40.0888 4784 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:40.0904 4784 AdobeARMservice - ok
15:35:40.0982 4784 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:40.0982 4784 AdobeFlashPlayerUpdateSvc - ok
15:35:41.0044 4784 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:35:41.0044 4784 adp94xx - ok
15:35:41.0091 4784 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:35:41.0106 4784 adpahci - ok
15:35:41.0122 4784 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:35:41.0122 4784 adpu160m - ok
15:35:41.0169 4784 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:35:41.0169 4784 adpu320 - ok
15:35:41.0262 4784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:35:41.0278 4784 AeLookupSvc - ok
15:35:41.0309 4784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
15:35:41.0309 4784 AFD - ok
15:35:41.0356 4784 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:35:41.0356 4784 agp440 - ok
15:35:41.0418 4784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:35:41.0418 4784 aic78xx - ok
15:35:41.0512 4784 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
15:35:41.0512 4784 AlertService - ok
15:35:41.0543 4784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
15:35:41.0543 4784 ALG - ok
15:35:41.0590 4784 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
15:35:41.0590 4784 aliide - ok
15:35:41.0668 4784 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
15:35:41.0668 4784 Amazon Download Agent - ok
15:35:41.0715 4784 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:35:41.0715 4784 amdagp - ok
15:35:41.0746 4784 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
15:35:41.0746 4784 amdide - ok
15:35:41.0777 4784 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:35:41.0777 4784 AmdK7 - ok
15:35:41.0793 4784 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:35:41.0793 4784 AmdK8 - ok
15:35:41.0855 4784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
15:35:41.0855 4784 Appinfo - ok
15:35:41.0918 4784 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:41.0918 4784 Apple Mobile Device - ok
15:35:41.0964 4784 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
15:35:41.0964 4784 arc - ok
15:35:42.0011 4784 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:35:42.0011 4784 arcsas - ok
15:35:42.0120 4784 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:35:42.0120 4784 aspnet_state - ok
15:35:42.0152 4784 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:35:42.0152 4784 aswFsBlk - ok
15:35:42.0230 4784 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:35:42.0230 4784 aswMonFlt - ok
15:35:42.0276 4784 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
15:35:42.0276 4784 aswRdr - ok
15:35:42.0526 4784 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:35:42.0542 4784 aswSnx - ok
15:35:42.0604 4784 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:35:42.0604 4784 aswSP - ok
15:35:42.0635 4784 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:35:42.0635 4784 aswTdi - ok
15:35:42.0713 4784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:35:42.0713 4784 AsyncMac - ok
15:35:42.0760 4784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
15:35:42.0760 4784 atapi - ok
15:35:42.0791 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:35:42.0791 4784 AudioEndpointBuilder - ok
15:35:42.0807 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:35:42.0807 4784 Audiosrv - ok
15:35:42.0869 4784 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:35:42.0869 4784 avast! Antivirus - ok
15:35:42.0916 4784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
15:35:42.0916 4784 Beep - ok
15:35:42.0963 4784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
15:35:42.0963 4784 BFE - ok
15:35:43.0010 4784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
15:35:43.0010 4784 BITS - ok
15:35:43.0025 4784 blbdrive - ok
15:35:43.0088 4784 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:35:43.0088 4784 Bonjour Service - ok
15:35:43.0119 4784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:35:43.0119 4784 bowser - ok
15:35:43.0166 4784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:35:43.0166 4784 BrFiltLo - ok
15:35:43.0166 4784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:35:43.0166 4784 BrFiltUp - ok
15:35:43.0197 4784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
15:35:43.0197 4784 Browser - ok
15:35:43.0244 4784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:35:43.0244 4784 Brserid - ok
15:35:43.0275 4784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:35:43.0275 4784 BrSerWdm - ok
15:35:43.0306 4784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:35:43.0306 4784 BrUsbMdm - ok
15:35:43.0322 4784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:35:43.0322 4784 BrUsbSer - ok
15:35:43.0337 4784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:35:43.0337 4784 BTHMODEM - ok
15:35:43.0446 4784 catchme - ok
15:35:43.0478 4784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:35:43.0478 4784 cdfs - ok
15:35:43.0524 4784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:35:43.0524 4784 cdrom - ok
15:35:43.0556 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
15:35:43.0556 4784 CertPropSvc - ok
15:35:43.0602 4784 [ 2A3A6EEF9E5479CF662B088EEBEDE8D8 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
15:35:43.0602 4784 CFRMD - ok
15:35:43.0634 4784 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
15:35:43.0634 4784 circlass - ok
15:35:43.0680 4784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
15:35:43.0680 4784 CLFS - ok
15:35:43.0790 4784 [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher C:\Program Files\Common Files\Comodo\launcher_service.exe
15:35:43.0790 4784 CLPSLauncher - ok
15:35:43.0805 4784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:43.0805 4784 clr_optimization_v2.0.50727_32 - ok
15:35:43.0883 4784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:43.0883 4784 clr_optimization_v4.0.30319_32 - ok
15:35:44.0008 4784 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:35:44.0024 4784 cmdAgent - ok
15:35:44.0070 4784 [ 623C7421D76860837CE0643950A117E7 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:35:44.0070 4784 cmdGuard - ok
15:35:44.0133 4784 [ 5A6ED5F670CD80EC338A94A8A08EC7F1 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
15:35:44.0133 4784 cmdHlp - ok
15:35:44.0180 4784 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:35:44.0180 4784 cmdide - ok
15:35:44.0211 4784 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:35:44.0211 4784 Compbatt - ok
15:35:44.0211 4784 COMSysApp - ok
15:35:44.0226 4784 cpuz130 - ok
15:35:44.0242 4784 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:35:44.0258 4784 crcdisk - ok
15:35:44.0289 4784 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:35:44.0289 4784 Crusoe - ok
15:35:44.0351 4784 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:35:44.0351 4784 CryptSvc - ok
15:35:44.0414 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:35:44.0429 4784 DcomLaunch - ok
15:35:44.0492 4784 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:35:44.0492 4784 DfsC - ok
15:35:44.0570 4784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
15:35:44.0601 4784 DFSR - ok
15:35:44.0663 4784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:35:44.0663 4784 Dhcp - ok
15:35:44.0679 4784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
15:35:44.0679 4784 disk - ok
15:35:44.0741 4784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:35:44.0741 4784 Dnscache - ok
15:35:44.0788 4784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:35:44.0788 4784 dot3svc - ok
15:35:44.0835 4784 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:35:44.0835 4784 Dot4 - ok
15:35:44.0850 4784 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:35:44.0850 4784 Dot4Print - ok
15:35:44.0866 4784 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:35:44.0866 4784 dot4usb - ok
15:35:44.0897 4784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
15:35:44.0897 4784 DPS - ok
15:35:44.0960 4784 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
15:35:44.0960 4784 DQLWinService - ok
15:35:45.0194 4784 [ 02F0870C07872CC506C33E79883082B3 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
15:35:45.0209 4784 DragonUpdater - ok
15:35:45.0256 4784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:35:45.0256 4784 drmkaud - ok
15:35:45.0272 4784 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:35:45.0272 4784 dtsoftbus01 - ok
15:35:45.0318 4784 [ 94E6CE3F9A0751C9B77EF94245067921 ] DTSRVC C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
15:35:45.0318 4784 DTSRVC - ok
15:35:45.0365 4784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:35:45.0365 4784 DXGKrnl - ok
15:35:45.0396 4784 [ D00EEAE1CACD77A1A8396BBC19140BBA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
15:35:45.0396 4784 E100B - ok
15:35:45.0428 4784 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:35:45.0428 4784 E1G60 - ok
15:35:45.0474 4784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
15:35:45.0474 4784 EapHost - ok
15:35:45.0506 4784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
15:35:45.0521 4784 Ecache - ok
15:35:45.0552 4784 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:35:45.0552 4784 ehRecvr - ok
15:35:45.0584 4784 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
15:35:45.0584 4784 ehSched - ok
15:35:45.0599 4784 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
15:35:45.0599 4784 ehstart - ok
15:35:45.0630 4784 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:35:45.0630 4784 elxstor - ok
15:35:45.0693 4784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:35:45.0708 4784 EMDMgmt - ok
15:35:45.0740 4784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
15:35:45.0740 4784 EventSystem - ok
15:35:45.0802 4784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
15:35:45.0802 4784 exfat - ok
15:35:45.0864 4784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:35:45.0864 4784 fastfat - ok
15:35:45.0896 4784 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:35:45.0896 4784 fdc - ok
15:35:45.0927 4784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
15:35:45.0927 4784 fdPHost - ok
15:35:45.0942 4784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
15:35:45.0942 4784 FDResPub - ok
15:35:45.0989 4784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:35:45.0989 4784 FileInfo - ok
15:35:46.0052 4784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:35:46.0067 4784 Filetrace - ok
15:35:46.0114 4784 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:35:46.0114 4784 flpydisk - ok
15:35:46.0161 4784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:35:46.0192 4784 FltMgr - ok
15:35:46.0254 4784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
15:35:46.0270 4784 FontCache - ok
15:35:46.0488 4784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:35:46.0488 4784 FontCache3.0.0.0 - ok
15:35:46.0520 4784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:35:46.0520 4784 Fs_Rec - ok
15:35:46.0582 4784 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:35:46.0582 4784 gagp30kx - ok
15:35:46.0722 4784 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
15:35:46.0722 4784 GamesAppService - ok
15:35:46.0785 4784 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:35:46.0785 4784 GEARAspiWDM - ok
15:35:46.0910 4784 [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
15:35:46.0941 4784 GeekBuddyRSP - ok
15:35:46.0988 4784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
15:35:47.0003 4784 gpsvc - ok
15:35:47.0034 4784 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:35:47.0050 4784 HdAudAddService - ok
15:35:47.0097 4784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:35:47.0112 4784 HDAudBus - ok
15:35:47.0144 4784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:35:47.0144 4784 HidBth - ok
15:35:47.0206 4784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
15:35:47.0206 4784 HidIr - ok
15:35:47.0237 4784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
15:35:47.0253 4784 hidserv - ok
15:35:47.0268 4784 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:35:47.0268 4784 HidUsb - ok
15:35:47.0300 4784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:35:47.0300 4784 hkmsvc - ok
15:35:47.0362 4784 [ E48B80F6614D4BEFA7768B960FFEF514 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
15:35:47.0362 4784 HP Health Check Service - ok
15:35:47.0393 4784 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:35:47.0393 4784 HpCISSs - ok
15:35:47.0471 4784 [ 58D4765AB87347DB835D5693ADF652C1 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:35:47.0471 4784 hpqcxs08 - ok
15:35:47.0487 4784 [ 99ED733F614660EB32199BF889DFB7E2 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:35:47.0487 4784 hpqddsvc - ok
15:35:47.0549 4784 [ 78C88781FBD2FDD3BCBA09F58897FE45 ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
15:35:47.0565 4784 HSF_DP - ok
15:35:47.0580 4784 [ 1E289F978D1E6F11DB88D4FCB2F9D92F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
15:35:47.0596 4784 HSXHWBS2 - ok
15:35:47.0627 4784 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:35:47.0627 4784 HTTP - ok
15:35:47.0674 4784 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:35:47.0674 4784 i2omp - ok
15:35:47.0721 4784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:35:47.0736 4784 i8042prt - ok
15:35:47.0799 4784 [ 9A4DC97E912C5EA375E2C69917946265 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
15:35:47.0814 4784 IAANTMON - ok
15:35:47.0861 4784 [ 2D8143C90F246D0F1735AF7D05D515F3 ] iaStor C:\Windows\system32\drivers\iastor.sys
15:35:47.0861 4784 iaStor - ok
15:35:47.0877 4784 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:35:47.0892 4784 iaStorV - ok
15:35:47.0939 4784 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:35:47.0939 4784 IDriverT - ok
15:35:48.0017 4784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:35:48.0033 4784 idsvc - ok
15:35:48.0048 4784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:35:48.0048 4784 iirsp - ok
15:35:48.0095 4784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
15:35:48.0111 4784 IKEEXT - ok
15:35:48.0173 4784 [ CE3034F551E06F7A290DA4D8DF29246E ] inspect C:\Windows\system32\DRIVERS\inspect.sys
15:35:48.0173 4784 inspect - ok
15:35:48.0267 4784 [ AE3DF3265781543B616E0A8830F6774B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:35:48.0282 4784 IntcAzAudAddService - ok
15:35:48.0329 4784 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
15:35:48.0345 4784 IntelDHSvcConf - ok
15:35:48.0360 4784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
15:35:48.0360 4784 intelide - ok
15:35:48.0392 4784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:35:48.0392 4784 intelppm - ok
15:35:48.0423 4784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:35:48.0423 4784 IPBusEnum - ok
15:35:48.0470 4784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:35:48.0470 4784 IpFilterDriver - ok
15:35:48.0501 4784 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:35:48.0501 4784 iphlpsvc - ok
15:35:48.0516 4784 IpInIp - ok
15:35:48.0548 4784 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:35:48.0548 4784 IPMIDRV - ok
15:35:48.0563 4784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:35:48.0579 4784 IPNAT - ok
15:35:48.0641 4784 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:35:48.0657 4784 iPod Service - ok
15:35:48.0688 4784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:35:48.0688 4784 IRENUM - ok
15:35:48.0719 4784 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:35:48.0719 4784 isapnp - ok
15:35:48.0782 4784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:35:48.0782 4784 iScsiPrt - ok
15:35:48.0844 4784 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
15:35:48.0844 4784 ISSM - ok
15:35:48.0875 4784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:35:48.0891 4784 iteatapi - ok
15:35:48.0906 4784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:35:48.0906 4784 iteraid - ok
15:35:48.0938 4784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:35:48.0938 4784 kbdclass - ok
15:35:48.0969 4784 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:35:48.0969 4784 kbdhid - ok
15:35:48.0984 4784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
15:35:48.0984 4784 KeyIso - ok
15:35:49.0062 4784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:35:49.0078 4784 KSecDD - ok
15:35:49.0140 4784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:35:49.0140 4784 KtmRm - ok
15:35:49.0187 4784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
15:35:49.0187 4784 LanmanServer - ok
15:35:49.0250 4784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:35:49.0250 4784 LanmanWorkstation - ok
15:35:49.0296 4784 [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:35:49.0296 4784 LightScribeService - ok
15:35:49.0343 4784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:35:49.0343 4784 lltdio - ok
15:35:49.0390 4784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:35:49.0390 4784 lltdsvc - ok
15:35:49.0421 4784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:35:49.0421 4784 lmhosts - ok
15:35:49.0452 4784 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:35:49.0452 4784 LSI_FC - ok
15:35:49.0484 4784 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:35:49.0484 4784 LSI_SAS - ok
15:35:49.0515 4784 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:35:49.0515 4784 LSI_SCSI - ok
15:35:49.0546 4784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
15:35:49.0546 4784 luafv - ok
15:35:49.0593 4784 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
15:35:49.0593 4784 M1 Server - ok
15:35:49.0686 4784 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
15:35:49.0686 4784 McAfee SiteAdvisor Service - ok
15:35:49.0749 4784 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
15:35:49.0749 4784 MCLServiceATL - ok
15:35:49.0796 4784 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:35:49.0796 4784 Mcx2Svc - ok
15:35:49.0842 4784 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:35:49.0842 4784 mdmxsdk - ok
15:35:49.0874 4784 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
15:35:49.0874 4784 megasas - ok
15:35:49.0889 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
15:35:49.0905 4784 MMCSS - ok
15:35:49.0936 4784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
15:35:49.0936 4784 Modem - ok
15:35:49.0967 4784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:35:49.0967 4784 monitor - ok
15:35:49.0998 4784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:35:49.0998 4784 mouclass - ok
15:35:50.0030 4784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:35:50.0030 4784 mouhid - ok
15:35:50.0061 4784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:35:50.0061 4784 MountMgr - ok
15:35:50.0123 4784 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:35:50.0123 4784 MozillaMaintenance - ok
15:35:50.0186 4784 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
15:35:50.0186 4784 mpio - ok
15:35:50.0217 4784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:35:50.0232 4784 mpsdrv - ok
15:35:50.0248 4784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
15:35:50.0264 4784 MpsSvc - ok
15:35:50.0295 4784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:35:50.0295 4784 Mraid35x - ok
15:35:50.0326 4784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:35:50.0326 4784 MRxDAV - ok
15:35:50.0357 4784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:35:50.0373 4784 mrxsmb - ok
15:35:50.0420 4784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:35:50.0420 4784 mrxsmb10 - ok
15:35:50.0435 4784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:35:50.0435 4784 mrxsmb20 - ok
15:35:50.0466 4784 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
15:35:50.0466 4784 msahci - ok
15:35:50.0513 4784 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:35:50.0529 4784 msdsm - ok
15:35:50.0544 4784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
15:35:50.0544 4784 MSDTC - ok
15:35:50.0576 4784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:35:50.0576 4784 Msfs - ok
15:35:50.0607 4784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:35:50.0622 4784 msisadrv - ok
15:35:50.0654 4784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:35:50.0654 4784 MSiSCSI - ok
15:35:50.0669 4784 msiserver - ok
15:35:50.0685 4784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:35:50.0685 4784 MSKSSRV - ok
15:35:50.0732 4784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:35:50.0732 4784 MSPCLOCK - ok
15:35:50.0763 4784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:35:50.0763 4784 MSPQM - ok
15:35:50.0810 4784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:35:50.0810 4784 MsRPC - ok
15:35:50.0825 4784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:35:50.0825 4784 mssmbios - ok
15:35:50.0856 4784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:35:50.0856 4784 MSTEE - ok
15:35:50.0888 4784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
15:35:50.0888 4784 Mup - ok
15:35:50.0919 4784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
15:35:50.0934 4784 napagent - ok
15:35:50.0981 4784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:35:50.0997 4784 NativeWifiP - ok
15:35:51.0044 4784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:35:51.0044 4784 NDIS - ok
15:35:51.0075 4784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:35:51.0075 4784 NdisTapi - ok
15:35:51.0122 4784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:35:51.0122 4784 Ndisuio - ok
15:35:51.0168 4784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:35:51.0184 4784 NdisWan - ok
15:35:51.0200 4784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:35:51.0200 4784 NDProxy - ok
15:35:51.0231 4784 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:35:51.0231 4784 Net Driver HPZ12 - ok
15:35:51.0246 4784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:35:51.0246 4784 NetBIOS - ok
15:35:51.0262 4784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:35:51.0278 4784 netbt - ok
15:35:51.0278 4784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
15:35:51.0278 4784 Netlogon - ok
15:35:51.0309 4784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
15:35:51.0324 4784 Netman - ok
15:35:51.0340 4784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
15:35:51.0340 4784 netprofm - ok
15:35:51.0371 4784 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:51.0371 4784 NetTcpPortSharing - ok
15:35:51.0418 4784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:35:51.0434 4784 nfrd960 - ok
15:35:51.0465 4784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:35:51.0465 4784 NlaSvc - ok
15:35:51.0543 4784 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
15:35:51.0543 4784 nosGetPlusHelper - ok
15:35:51.0574 4784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:35:51.0574 4784 Npfs - ok
15:35:51.0590 4784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
15:35:51.0605 4784 nsi - ok
15:35:51.0621 4784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:35:51.0621 4784 nsiproxy - ok
15:35:51.0683 4784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:35:51.0699 4784 Ntfs - ok
15:35:51.0730 4784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:35:51.0730 4784 ntrigdigi - ok
15:35:51.0777 4784 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
15:35:51.0777 4784 NuidFltr - ok
15:35:51.0792 4784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
15:35:51.0792 4784 Null - ok
15:35:52.0120 4784 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:35:52.0229 4784 nvlddmkm - ok
15:35:52.0276 4784 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:35:52.0292 4784 nvraid - ok
15:35:52.0307 4784 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:35:52.0307 4784 nvstor - ok
15:35:52.0370 4784 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:35:52.0385 4784 nvsvc - ok
15:35:52.0463 4784 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:35:52.0463 4784 nvUpdatusService - ok
15:35:52.0494 4784 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:35:52.0494 4784 nv_agp - ok
15:35:52.0494 4784 NwlnkFlt - ok
15:35:52.0510 4784 NwlnkFwd - ok
15:35:52.0541 4784 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:35:52.0541 4784 ohci1394 - ok
15:35:52.0572 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:35:52.0588 4784 p2pimsvc - ok
15:35:52.0604 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
15:35:52.0604 4784 p2psvc - ok
15:35:52.0635 4784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
15:35:52.0635 4784 Parport - ok
15:35:52.0650 4784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:35:52.0666 4784 partmgr - ok
15:35:52.0682 4784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:35:52.0682 4784 Parvdm - ok
15:35:52.0697 4784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
15:35:52.0697 4784 PcaSvc - ok
15:35:52.0713 4784 PcdrNdisuio - ok
15:35:52.0744 4784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
15:35:52.0760 4784 pci - ok
15:35:52.0775 4784 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
15:35:52.0775 4784 pciide - ok
15:35:52.0806 4784 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:35:52.0806 4784 pcmcia - ok
15:35:52.0869 4784 [ 18ED1D71FEF6F71D38C24263500BBD01 ] PdiPorts C:\Windows\system32\Drivers\PdiPorts.sys
15:35:52.0869 4784 PdiPorts - ok
15:35:52.0916 4784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:35:52.0931 4784 PEAUTH - ok
15:35:52.0994 4784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
15:35:53.0025 4784 pla - ok
15:35:53.0056 4784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:35:53.0056 4784 PlugPlay - ok
15:35:53.0103 4784 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:35:53.0103 4784 Pml Driver HPZ12 - ok
15:35:53.0118 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:35:53.0134 4784 PNRPAutoReg - ok
15:35:53.0150 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:35:53.0150 4784 PNRPsvc - ok
15:35:53.0181 4784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:35:53.0181 4784

#5 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 29 December 2012 - 07:50 AM

Hi Mahvra,

Unfortunately your last post hit the character limit. The TDSSKiller report is incomplete and the AdwCleaner log is missing entirely. Please include these logs in your next reply. Please check if your answer covers all the required information. You might need several posts :thumbup:

#6 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 29 December 2012 - 10:51 AM

15:35:31.0434 5460 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:35:31.0497 5460 ============================================================
15:35:31.0497 5460 Current date / time: 2012/12/28 15:35:31.0497
15:35:31.0497 5460 SystemInfo:
15:35:31.0497 5460
15:35:31.0497 5460 OS Version: 6.0.6002 ServicePack: 2.0
15:35:31.0497 5460 Product type: Workstation
15:35:31.0497 5460 ComputerName: HOME-PC
15:35:31.0497 5460 UserName: vosz
15:35:31.0497 5460 Windows directory: C:\Windows
15:35:31.0497 5460 System windows directory: C:\Windows
15:35:31.0497 5460 Processor architecture: Intel x86
15:35:31.0497 5460 Number of processors: 2
15:35:31.0497 5460 Page size: 0x1000
15:35:31.0497 5460 Boot type: Normal boot
15:35:31.0497 5460 ============================================================
15:35:31.0871 5460 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:35:31.0934 5460 ============================================================
15:35:31.0934 5460 \Device\Harddisk0\DR0:
15:35:31.0934 5460 MBR partitions:
15:35:31.0934 5460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3916CBA5
15:35:31.0934 5460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3916CBE4, BlocksNum 0x121805D
15:35:31.0934 5460 ============================================================
15:35:31.0965 5460 C: <-> \Device\Harddisk0\DR0\Partition1
15:35:32.0012 5460 D: <-> \Device\Harddisk0\DR0\Partition2
15:35:32.0012 5460 ============================================================
15:35:32.0012 5460 Initialize success
15:35:32.0012 5460 ============================================================
15:35:40.0077 4784 ============================================================
15:35:40.0077 4784 Scan started
15:35:40.0077 4784 Mode: Manual;
15:35:40.0077 4784 ============================================================
15:35:40.0576 4784 ================ Scan system memory ========================
15:35:40.0576 4784 System memory - ok
15:35:40.0576 4784 ================ Scan services =============================
15:35:40.0763 4784 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
15:35:40.0779 4784 ACPI - ok
15:35:40.0888 4784 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:35:40.0904 4784 AdobeARMservice - ok
15:35:40.0982 4784 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:35:40.0982 4784 AdobeFlashPlayerUpdateSvc - ok
15:35:41.0044 4784 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:35:41.0044 4784 adp94xx - ok
15:35:41.0091 4784 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:35:41.0106 4784 adpahci - ok
15:35:41.0122 4784 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
15:35:41.0122 4784 adpu160m - ok
15:35:41.0169 4784 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:35:41.0169 4784 adpu320 - ok
15:35:41.0262 4784 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:35:41.0278 4784 AeLookupSvc - ok
15:35:41.0309 4784 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
15:35:41.0309 4784 AFD - ok
15:35:41.0356 4784 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:35:41.0356 4784 agp440 - ok
15:35:41.0418 4784 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:35:41.0418 4784 aic78xx - ok
15:35:41.0512 4784 [ C86D177967D27C80E466D4ED95C26DB9 ] AlertService C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
15:35:41.0512 4784 AlertService - ok
15:35:41.0543 4784 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
15:35:41.0543 4784 ALG - ok
15:35:41.0590 4784 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
15:35:41.0590 4784 aliide - ok
15:35:41.0668 4784 [ FF6F0F6A2D72065AE4300426FA414693 ] Amazon Download Agent C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
15:35:41.0668 4784 Amazon Download Agent - ok
15:35:41.0715 4784 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:35:41.0715 4784 amdagp - ok
15:35:41.0746 4784 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
15:35:41.0746 4784 amdide - ok
15:35:41.0777 4784 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
15:35:41.0777 4784 AmdK7 - ok
15:35:41.0793 4784 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:35:41.0793 4784 AmdK8 - ok
15:35:41.0855 4784 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
15:35:41.0855 4784 Appinfo - ok
15:35:41.0918 4784 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:35:41.0918 4784 Apple Mobile Device - ok
15:35:41.0964 4784 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
15:35:41.0964 4784 arc - ok
15:35:42.0011 4784 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:35:42.0011 4784 arcsas - ok
15:35:42.0120 4784 [ 40C145F12FF461A0220303BDA134F598 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:35:42.0120 4784 aspnet_state - ok
15:35:42.0152 4784 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:35:42.0152 4784 aswFsBlk - ok
15:35:42.0230 4784 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:35:42.0230 4784 aswMonFlt - ok
15:35:42.0276 4784 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
15:35:42.0276 4784 aswRdr - ok
15:35:42.0526 4784 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:35:42.0542 4784 aswSnx - ok
15:35:42.0604 4784 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:35:42.0604 4784 aswSP - ok
15:35:42.0635 4784 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:35:42.0635 4784 aswTdi - ok
15:35:42.0713 4784 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:35:42.0713 4784 AsyncMac - ok
15:35:42.0760 4784 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
15:35:42.0760 4784 atapi - ok
15:35:42.0791 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:35:42.0791 4784 AudioEndpointBuilder - ok
15:35:42.0807 4784 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:35:42.0807 4784 Audiosrv - ok
15:35:42.0869 4784 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:35:42.0869 4784 avast! Antivirus - ok
15:35:42.0916 4784 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
15:35:42.0916 4784 Beep - ok
15:35:42.0963 4784 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
15:35:42.0963 4784 BFE - ok
15:35:43.0010 4784 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
15:35:43.0010 4784 BITS - ok
15:35:43.0025 4784 blbdrive - ok
15:35:43.0088 4784 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:35:43.0088 4784 Bonjour Service - ok
15:35:43.0119 4784 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:35:43.0119 4784 bowser - ok
15:35:43.0166 4784 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
15:35:43.0166 4784 BrFiltLo - ok
15:35:43.0166 4784 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
15:35:43.0166 4784 BrFiltUp - ok
15:35:43.0197 4784 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
15:35:43.0197 4784 Browser - ok
15:35:43.0244 4784 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
15:35:43.0244 4784 Brserid - ok
15:35:43.0275 4784 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
15:35:43.0275 4784 BrSerWdm - ok
15:35:43.0306 4784 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
15:35:43.0306 4784 BrUsbMdm - ok
15:35:43.0322 4784 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
15:35:43.0322 4784 BrUsbSer - ok
15:35:43.0337 4784 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:35:43.0337 4784 BTHMODEM - ok
15:35:43.0446 4784 catchme - ok
15:35:43.0478 4784 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:35:43.0478 4784 cdfs - ok
15:35:43.0524 4784 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:35:43.0524 4784 cdrom - ok
15:35:43.0556 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
15:35:43.0556 4784 CertPropSvc - ok
15:35:43.0602 4784 [ 2A3A6EEF9E5479CF662B088EEBEDE8D8 ] CFRMD C:\Windows\system32\DRIVERS\CFRMD.sys
15:35:43.0602 4784 CFRMD - ok
15:35:43.0634 4784 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
15:35:43.0634 4784 circlass - ok
15:35:43.0680 4784 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
15:35:43.0680 4784 CLFS - ok
15:35:43.0790 4784 [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher C:\Program Files\Common Files\Comodo\launcher_service.exe
15:35:43.0790 4784 CLPSLauncher - ok
15:35:43.0805 4784 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:35:43.0805 4784 clr_optimization_v2.0.50727_32 - ok
15:35:43.0883 4784 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:35:43.0883 4784 clr_optimization_v4.0.30319_32 - ok
15:35:44.0008 4784 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:35:44.0024 4784 cmdAgent - ok
15:35:44.0070 4784 [ 623C7421D76860837CE0643950A117E7 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:35:44.0070 4784 cmdGuard - ok
15:35:44.0133 4784 [ 5A6ED5F670CD80EC338A94A8A08EC7F1 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
15:35:44.0133 4784 cmdHlp - ok
15:35:44.0180 4784 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:35:44.0180 4784 cmdide - ok
15:35:44.0211 4784 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:35:44.0211 4784 Compbatt - ok
15:35:44.0211 4784 COMSysApp - ok
15:35:44.0226 4784 cpuz130 - ok
15:35:44.0242 4784 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:35:44.0258 4784 crcdisk - ok
15:35:44.0289 4784 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
15:35:44.0289 4784 Crusoe - ok
15:35:44.0351 4784 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:35:44.0351 4784 CryptSvc - ok
15:35:44.0414 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:35:44.0429 4784 DcomLaunch - ok
15:35:44.0492 4784 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:35:44.0492 4784 DfsC - ok
15:35:44.0570 4784 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
15:35:44.0601 4784 DFSR - ok
15:35:44.0663 4784 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
15:35:44.0663 4784 Dhcp - ok
15:35:44.0679 4784 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
15:35:44.0679 4784 disk - ok
15:35:44.0741 4784 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:35:44.0741 4784 Dnscache - ok
15:35:44.0788 4784 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:35:44.0788 4784 dot3svc - ok
15:35:44.0835 4784 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:35:44.0835 4784 Dot4 - ok
15:35:44.0850 4784 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:35:44.0850 4784 Dot4Print - ok
15:35:44.0866 4784 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:35:44.0866 4784 dot4usb - ok
15:35:44.0897 4784 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
15:35:44.0897 4784 DPS - ok
15:35:44.0960 4784 [ A0B584C33F55545D56F9E71FB4E203AC ] DQLWinService C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
15:35:44.0960 4784 DQLWinService - ok
15:35:45.0194 4784 [ 02F0870C07872CC506C33E79883082B3 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
15:35:45.0209 4784 DragonUpdater - ok
15:35:45.0256 4784 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:35:45.0256 4784 drmkaud - ok
15:35:45.0272 4784 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:35:45.0272 4784 dtsoftbus01 - ok
15:35:45.0318 4784 [ 94E6CE3F9A0751C9B77EF94245067921 ] DTSRVC C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
15:35:45.0318 4784 DTSRVC - ok
15:35:45.0365 4784 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:35:45.0365 4784 DXGKrnl - ok
15:35:45.0396 4784 [ D00EEAE1CACD77A1A8396BBC19140BBA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
15:35:45.0396 4784 E100B - ok
15:35:45.0428 4784 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:35:45.0428 4784 E1G60 - ok
15:35:45.0474 4784 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
15:35:45.0474 4784 EapHost - ok
15:35:45.0506 4784 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
15:35:45.0521 4784 Ecache - ok
15:35:45.0552 4784 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:35:45.0552 4784 ehRecvr - ok
15:35:45.0584 4784 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
15:35:45.0584 4784 ehSched - ok
15:35:45.0599 4784 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
15:35:45.0599 4784 ehstart - ok
15:35:45.0630 4784 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:35:45.0630 4784 elxstor - ok
15:35:45.0693 4784 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
15:35:45.0708 4784 EMDMgmt - ok
15:35:45.0740 4784 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
15:35:45.0740 4784 EventSystem - ok
15:35:45.0802 4784 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
15:35:45.0802 4784 exfat - ok
15:35:45.0864 4784 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:35:45.0864 4784 fastfat - ok
15:35:45.0896 4784 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:35:45.0896 4784 fdc - ok
15:35:45.0927 4784 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
15:35:45.0927 4784 fdPHost - ok
15:35:45.0942 4784 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
15:35:45.0942 4784 FDResPub - ok
15:35:45.0989 4784 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:35:45.0989 4784 FileInfo - ok
15:35:46.0052 4784 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:35:46.0067 4784 Filetrace - ok
15:35:46.0114 4784 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:35:46.0114 4784 flpydisk - ok
15:35:46.0161 4784 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:35:46.0192 4784 FltMgr - ok
15:35:46.0254 4784 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
15:35:46.0270 4784 FontCache - ok
15:35:46.0488 4784 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:35:46.0488 4784 FontCache3.0.0.0 - ok
15:35:46.0520 4784 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:35:46.0520 4784 Fs_Rec - ok
15:35:46.0582 4784 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:35:46.0582 4784 gagp30kx - ok
15:35:46.0722 4784 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
15:35:46.0722 4784 GamesAppService - ok
15:35:46.0785 4784 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:35:46.0785 4784 GEARAspiWDM - ok
15:35:46.0910 4784 [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
15:35:46.0941 4784 GeekBuddyRSP - ok
15:35:46.0988 4784 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
15:35:47.0003 4784 gpsvc - ok
15:35:47.0034 4784 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:35:47.0050 4784 HdAudAddService - ok
15:35:47.0097 4784 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:35:47.0112 4784 HDAudBus - ok
15:35:47.0144 4784 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:35:47.0144 4784 HidBth - ok
15:35:47.0206 4784 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
15:35:47.0206 4784 HidIr - ok
15:35:47.0237 4784 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
15:35:47.0253 4784 hidserv - ok
15:35:47.0268 4784 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:35:47.0268 4784 HidUsb - ok
15:35:47.0300 4784 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:35:47.0300 4784 hkmsvc - ok
15:35:47.0362 4784 [ E48B80F6614D4BEFA7768B960FFEF514 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
15:35:47.0362 4784 HP Health Check Service - ok
15:35:47.0393 4784 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
15:35:47.0393 4784 HpCISSs - ok
15:35:47.0471 4784 [ 58D4765AB87347DB835D5693ADF652C1 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:35:47.0471 4784 hpqcxs08 - ok
15:35:47.0487 4784 [ 99ED733F614660EB32199BF889DFB7E2 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:35:47.0487 4784 hpqddsvc - ok
15:35:47.0549 4784 [ 78C88781FBD2FDD3BCBA09F58897FE45 ] HSF_DP C:\Windows\system32\DRIVERS\HSX_DP.sys
15:35:47.0565 4784 HSF_DP - ok
15:35:47.0580 4784 [ 1E289F978D1E6F11DB88D4FCB2F9D92F ] HSXHWBS2 C:\Windows\system32\DRIVERS\HSXHWBS2.sys
15:35:47.0596 4784 HSXHWBS2 - ok
15:35:47.0627 4784 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:35:47.0627 4784 HTTP - ok
15:35:47.0674 4784 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
15:35:47.0674 4784 i2omp - ok
15:35:47.0721 4784 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:35:47.0736 4784 i8042prt - ok
15:35:47.0799 4784 [ 9A4DC97E912C5EA375E2C69917946265 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
15:35:47.0814 4784 IAANTMON - ok
15:35:47.0861 4784 [ 2D8143C90F246D0F1735AF7D05D515F3 ] iaStor C:\Windows\system32\drivers\iastor.sys
15:35:47.0861 4784 iaStor - ok
15:35:47.0877 4784 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
15:35:47.0892 4784 iaStorV - ok
15:35:47.0939 4784 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:35:47.0939 4784 IDriverT - ok
15:35:48.0017 4784 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:35:48.0033 4784 idsvc - ok
15:35:48.0048 4784 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:35:48.0048 4784 iirsp - ok
15:35:48.0095 4784 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
15:35:48.0111 4784 IKEEXT - ok
15:35:48.0173 4784 [ CE3034F551E06F7A290DA4D8DF29246E ] inspect C:\Windows\system32\DRIVERS\inspect.sys
15:35:48.0173 4784 inspect - ok
15:35:48.0267 4784 [ AE3DF3265781543B616E0A8830F6774B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:35:48.0282 4784 IntcAzAudAddService - ok
15:35:48.0329 4784 [ CE5AF42679DD85947D2D287594F22CE0 ] IntelDHSvcConf C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
15:35:48.0345 4784 IntelDHSvcConf - ok
15:35:48.0360 4784 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
15:35:48.0360 4784 intelide - ok
15:35:48.0392 4784 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:35:48.0392 4784 intelppm - ok
15:35:48.0423 4784 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:35:48.0423 4784 IPBusEnum - ok
15:35:48.0470 4784 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:35:48.0470 4784 IpFilterDriver - ok
15:35:48.0501 4784 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:35:48.0501 4784 iphlpsvc - ok
15:35:48.0516 4784 IpInIp - ok
15:35:48.0548 4784 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
15:35:48.0548 4784 IPMIDRV - ok
15:35:48.0563 4784 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
15:35:48.0579 4784 IPNAT - ok
15:35:48.0641 4784 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:35:48.0657 4784 iPod Service - ok
15:35:48.0688 4784 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:35:48.0688 4784 IRENUM - ok
15:35:48.0719 4784 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:35:48.0719 4784 isapnp - ok
15:35:48.0782 4784 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:35:48.0782 4784 iScsiPrt - ok
15:35:48.0844 4784 [ E29BA28F76C5A703E7F30F74CF36DF22 ] ISSM C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
15:35:48.0844 4784 ISSM - ok
15:35:48.0875 4784 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
15:35:48.0891 4784 iteatapi - ok
15:35:48.0906 4784 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
15:35:48.0906 4784 iteraid - ok
15:35:48.0938 4784 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:35:48.0938 4784 kbdclass - ok
15:35:48.0969 4784 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:35:48.0969 4784 kbdhid - ok
15:35:48.0984 4784 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
15:35:48.0984 4784 KeyIso - ok
15:35:49.0062 4784 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:35:49.0078 4784 KSecDD - ok
15:35:49.0140 4784 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:35:49.0140 4784 KtmRm - ok
15:35:49.0187 4784 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
15:35:49.0187 4784 LanmanServer - ok
15:35:49.0250 4784 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:35:49.0250 4784 LanmanWorkstation - ok
15:35:49.0296 4784 [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:35:49.0296 4784 LightScribeService - ok
15:35:49.0343 4784 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:35:49.0343 4784 lltdio - ok
15:35:49.0390 4784 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:35:49.0390 4784 lltdsvc - ok
15:35:49.0421 4784 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:35:49.0421 4784 lmhosts - ok
15:35:49.0452 4784 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:35:49.0452 4784 LSI_FC - ok
15:35:49.0484 4784 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:35:49.0484 4784 LSI_SAS - ok
15:35:49.0515 4784 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:35:49.0515 4784 LSI_SCSI - ok
15:35:49.0546 4784 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
15:35:49.0546 4784 luafv - ok
15:35:49.0593 4784 [ 7B073FD0133346D0E555353F164057D7 ] M1 Server C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
15:35:49.0593 4784 M1 Server - ok
15:35:49.0686 4784 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
15:35:49.0686 4784 McAfee SiteAdvisor Service - ok
15:35:49.0749 4784 [ 7BBA15CA5A2AA4E50C7CBFB78D11DB25 ] MCLServiceATL C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
15:35:49.0749 4784 MCLServiceATL - ok
15:35:49.0796 4784 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:35:49.0796 4784 Mcx2Svc - ok
15:35:49.0842 4784 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:35:49.0842 4784 mdmxsdk - ok
15:35:49.0874 4784 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
15:35:49.0874 4784 megasas - ok
15:35:49.0889 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
15:35:49.0905 4784 MMCSS - ok
15:35:49.0936 4784 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
15:35:49.0936 4784 Modem - ok
15:35:49.0967 4784 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:35:49.0967 4784 monitor - ok
15:35:49.0998 4784 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:35:49.0998 4784 mouclass - ok
15:35:50.0030 4784 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:35:50.0030 4784 mouhid - ok
15:35:50.0061 4784 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
15:35:50.0061 4784 MountMgr - ok
15:35:50.0123 4784 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:35:50.0123 4784 MozillaMaintenance - ok
15:35:50.0186 4784 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
15:35:50.0186 4784 mpio - ok
15:35:50.0217 4784 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:35:50.0232 4784 mpsdrv - ok
15:35:50.0248 4784 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
15:35:50.0264 4784 MpsSvc - ok
15:35:50.0295 4784 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
15:35:50.0295 4784 Mraid35x - ok
15:35:50.0326 4784 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:35:50.0326 4784 MRxDAV - ok
15:35:50.0357 4784 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:35:50.0373 4784 mrxsmb - ok
15:35:50.0420 4784 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:35:50.0420 4784 mrxsmb10 - ok
15:35:50.0435 4784 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:35:50.0435 4784 mrxsmb20 - ok
15:35:50.0466 4784 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
15:35:50.0466 4784 msahci - ok
15:35:50.0513 4784 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:35:50.0529 4784 msdsm - ok
15:35:50.0544 4784 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
15:35:50.0544 4784 MSDTC - ok
15:35:50.0576 4784 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:35:50.0576 4784 Msfs - ok
15:35:50.0607 4784 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:35:50.0622 4784 msisadrv - ok
15:35:50.0654 4784 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:35:50.0654 4784 MSiSCSI - ok
15:35:50.0669 4784 msiserver - ok
15:35:50.0685 4784 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:35:50.0685 4784 MSKSSRV - ok
15:35:50.0732 4784 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:35:50.0732 4784 MSPCLOCK - ok
15:35:50.0763 4784 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:35:50.0763 4784 MSPQM - ok
15:35:50.0810 4784 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:35:50.0810 4784 MsRPC - ok
15:35:50.0825 4784 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:35:50.0825 4784 mssmbios - ok
15:35:50.0856 4784 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:35:50.0856 4784 MSTEE - ok
15:35:50.0888 4784 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
15:35:50.0888 4784 Mup - ok
15:35:50.0919 4784 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
15:35:50.0934 4784 napagent - ok
15:35:50.0981 4784 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:35:50.0997 4784 NativeWifiP - ok
15:35:51.0044 4784 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:35:51.0044 4784 NDIS - ok
15:35:51.0075 4784 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:35:51.0075 4784 NdisTapi - ok
15:35:51.0122 4784 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:35:51.0122 4784 Ndisuio - ok
15:35:51.0168 4784 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:35:51.0184 4784 NdisWan - ok
15:35:51.0200 4784 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:35:51.0200 4784 NDProxy - ok
15:35:51.0231 4784 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:35:51.0231 4784 Net Driver HPZ12 - ok
15:35:51.0246 4784 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:35:51.0246 4784 NetBIOS - ok
15:35:51.0262 4784 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
15:35:51.0278 4784 netbt - ok
15:35:51.0278 4784 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
15:35:51.0278 4784 Netlogon - ok
15:35:51.0309 4784 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
15:35:51.0324 4784 Netman - ok
15:35:51.0340 4784 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
15:35:51.0340 4784 netprofm - ok
15:35:51.0371 4784 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:35:51.0371 4784 NetTcpPortSharing - ok
15:35:51.0418 4784 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:35:51.0434 4784 nfrd960 - ok
15:35:51.0465 4784 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:35:51.0465 4784 NlaSvc - ok
15:35:51.0543 4784 [ 25D6B2EB0A1FC4AB413AFE7EC4793EC1 ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
15:35:51.0543 4784 nosGetPlusHelper - ok
15:35:51.0574 4784 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:35:51.0574 4784 Npfs - ok
15:35:51.0590 4784 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
15:35:51.0605 4784 nsi - ok
15:35:51.0621 4784 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:35:51.0621 4784 nsiproxy - ok
15:35:51.0683 4784 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:35:51.0699 4784 Ntfs - ok
15:35:51.0730 4784 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
15:35:51.0730 4784 ntrigdigi - ok
15:35:51.0777 4784 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
15:35:51.0777 4784 NuidFltr - ok
15:35:51.0792 4784 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
15:35:51.0792 4784 Null - ok
15:35:52.0120 4784 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:35:52.0229 4784 nvlddmkm - ok
15:35:52.0276 4784 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:35:52.0292 4784 nvraid - ok
15:35:52.0307 4784 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:35:52.0307 4784 nvstor - ok
15:35:52.0370 4784 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:35:52.0385 4784 nvsvc - ok
15:35:52.0463 4784 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:35:52.0463 4784 nvUpdatusService - ok
15:35:52.0494 4784 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:35:52.0494 4784 nv_agp - ok
15:35:52.0494 4784 NwlnkFlt - ok
15:35:52.0510 4784 NwlnkFwd - ok
15:35:52.0541 4784 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:35:52.0541 4784 ohci1394 - ok
15:35:52.0572 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
15:35:52.0588 4784 p2pimsvc - ok
15:35:52.0604 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
15:35:52.0604 4784 p2psvc - ok
15:35:52.0635 4784 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
15:35:52.0635 4784 Parport - ok
15:35:52.0650 4784 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:35:52.0666 4784 partmgr - ok
15:35:52.0682 4784 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
15:35:52.0682 4784 Parvdm - ok
15:35:52.0697 4784 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
15:35:52.0697 4784 PcaSvc - ok
15:35:52.0713 4784 PcdrNdisuio - ok
15:35:52.0744 4784 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
15:35:52.0760 4784 pci - ok
15:35:52.0775 4784 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
15:35:52.0775 4784 pciide - ok
15:35:52.0806 4784 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:35:52.0806 4784 pcmcia - ok
15:35:52.0869 4784 [ 18ED1D71FEF6F71D38C24263500BBD01 ] PdiPorts C:\Windows\system32\Drivers\PdiPorts.sys
15:35:52.0869 4784 PdiPorts - ok
15:35:52.0916 4784 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:35:52.0931 4784 PEAUTH - ok
15:35:52.0994 4784 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
15:35:53.0025 4784 pla - ok
15:35:53.0056 4784 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:35:53.0056 4784 PlugPlay - ok
15:35:53.0103 4784 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:35:53.0103 4784 Pml Driver HPZ12 - ok
15:35:53.0118 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
15:35:53.0134 4784 PNRPAutoReg - ok
15:35:53.0150 4784 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
15:35:53.0150 4784 PNRPsvc - ok
15:35:53.0181 4784 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:35:53.0181 4784 PolicyAgent - ok
15:35:53.0196 4784 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:35:53.0212 4784 PptpMiniport - ok
15:35:53.0228 4784 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
15:35:53.0228 4784 Processor - ok
15:35:53.0259 4784 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
15:35:53.0259 4784 ProfSvc - ok
15:35:53.0274 4784 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:35:53.0274 4784 ProtectedStorage - ok
15:35:53.0321 4784 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\Windows\system32\DRIVERS\PS2.sys
15:35:53.0321 4784 Ps2 - ok
15:35:53.0337 4784 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
15:35:53.0337 4784 PSched - ok
15:35:53.0352 4784 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:35:53.0352 4784 PxHelp20 - ok
15:35:53.0399 4784 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:35:53.0415 4784 ql2300 - ok
15:35:53.0430 4784 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:35:53.0430 4784 ql40xx - ok
15:35:53.0462 4784 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
15:35:53.0477 4784 QWAVE - ok
15:35:53.0493 4784 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:35:53.0493 4784 QWAVEdrv - ok
15:35:53.0524 4784 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:35:53.0524 4784 RasAcd - ok
15:35:53.0540 4784 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
15:35:53.0555 4784 RasAuto - ok
15:35:53.0571 4784 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:35:53.0571 4784 Rasl2tp - ok
15:35:53.0602 4784 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
15:35:53.0618 4784 RasMan - ok
15:35:53.0633 4784 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:35:53.0633 4784 RasPppoe - ok
15:35:53.0664 4784 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:35:53.0664 4784 RasSstp - ok
15:35:53.0727 4784 [ 2564DDFAD0E934123F84C74185A3E137 ] rcmirror C:\Windows\system32\DRIVERS\rcmirror.sys
15:35:53.0727 4784 rcmirror - ok
15:35:53.0774 4784 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:35:53.0774 4784 rdbss - ok
15:35:53.0805 4784 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:35:53.0805 4784 RDPCDD - ok
15:35:53.0852 4784 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
15:35:53.0852 4784 rdpdr - ok
15:35:53.0867 4784 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:35:53.0867 4784 RDPENCDD - ok
15:35:53.0930 4784 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:35:53.0930 4784 RDPWD - ok
15:35:53.0976 4784 [ 752402F6BD5FA012805813C329F88DD3 ] Remote UI Service C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
15:35:53.0976 4784 Remote UI Service - ok
15:35:54.0023 4784 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:35:54.0023 4784 RemoteAccess - ok
15:35:54.0054 4784 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:35:54.0070 4784 RemoteRegistry - ok
15:35:54.0148 4784 [ 2DAC86F10C42B55F2511F14CBCEE7284 ] RoxMediaDB9 c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
15:35:54.0164 4784 RoxMediaDB9 - ok
15:35:54.0210 4784 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
15:35:54.0210 4784 RpcLocator - ok
15:35:54.0242 4784 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
15:35:54.0257 4784 RpcSs - ok
15:35:54.0273 4784 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:35:54.0288 4784 rspndr - ok
15:35:54.0288 4784 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
15:35:54.0288 4784 SamSs - ok
15:35:54.0335 4784 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:35:54.0335 4784 sbp2port - ok
15:35:54.0413 4784 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
15:35:54.0413 4784 SBSDWSCService - ok
15:35:54.0460 4784 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:35:54.0476 4784 SCardSvr - ok
15:35:54.0507 4784 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
15:35:54.0522 4784 Schedule - ok
15:35:54.0538 4784 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:35:54.0538 4784 SCPolicySvc - ok
15:35:54.0554 4784 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:35:54.0569 4784 SDRSVC - ok
15:35:54.0585 4784 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:35:54.0585 4784 secdrv - ok
15:35:54.0600 4784 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
15:35:54.0616 4784 seclogon - ok
15:35:54.0632 4784 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
15:35:54.0632 4784 SENS - ok
15:35:54.0678 4784 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:35:54.0678 4784 Serenum - ok
15:35:54.0694 4784 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
15:35:54.0710 4784 Serial - ok
15:35:54.0710 4784 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:35:54.0710 4784 sermouse - ok
15:35:54.0756 4784 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
15:35:54.0772 4784 SessionEnv - ok
15:35:54.0788 4784 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:35:54.0788 4784 sffdisk - ok
15:35:54.0803 4784 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:35:54.0803 4784 sffp_mmc - ok
15:35:54.0834 4784 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:35:54.0850 4784 sffp_sd - ok
15:35:54.0881 4784 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:35:54.0881 4784 sfloppy - ok
15:35:54.0928 4784 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:35:54.0928 4784 SharedAccess - ok
15:35:54.0959 4784 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:35:54.0959 4784 ShellHWDetection - ok
15:35:54.0990 4784 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:35:54.0990 4784 sisagp - ok
15:35:55.0022 4784 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
15:35:55.0022 4784 SiSRaid2 - ok
15:35:55.0068 4784 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:35:55.0068 4784 SiSRaid4 - ok
15:35:55.0115 4784 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:35:55.0115 4784 SkypeUpdate - ok
15:35:55.0209 4784 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
15:35:55.0271 4784 slsvc - ok
15:35:55.0318 4784 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
15:35:55.0318 4784 SLUINotify - ok
15:35:55.0334 4784 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:35:55.0349 4784 Smb - ok
15:35:55.0380 4784 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:35:55.0380 4784 SNMPTRAP - ok
15:35:55.0427 4784 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
15:35:55.0427 4784 spldr - ok
15:35:55.0474 4784 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
15:35:55.0474 4784 Spooler - ok
15:35:55.0505 4784 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:35:55.0521 4784 srv - ok
15:35:55.0536 4784 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:35:55.0552 4784 srv2 - ok
15:35:55.0552 4784 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:35:55.0568 4784 srvnet - ok
15:35:55.0583 4784 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:35:55.0599 4784 SSDPSRV - ok
15:35:55.0630 4784 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:35:55.0646 4784 SstpSvc - ok
15:35:55.0661 4784 Steam Client Service - ok
15:35:55.0724 4784 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:35:55.0739 4784 Stereo Service - ok
15:35:55.0770 4784 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:35:55.0770 4784 StillCam - ok
15:35:55.0817 4784 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
15:35:55.0833 4784 stisvc - ok
15:35:55.0864 4784 [ E5FF667E416DAC99BFF16B626234A379 ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:35:55.0880 4784 stllssvr - ok
15:35:55.0880 4784 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:35:55.0880 4784 swenum - ok
15:35:55.0926 4784 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
15:35:55.0942 4784 swprv - ok
15:35:55.0989 4784 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
15:35:55.0989 4784 Symc8xx - ok
15:35:56.0004 4784 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
15:35:56.0020 4784 Sym_hi - ok
15:35:56.0036 4784 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
15:35:56.0036 4784 Sym_u3 - ok
15:35:56.0082 4784 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
15:35:56.0098 4784 SysMain - ok
15:35:56.0129 4784 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:35:56.0129 4784 TabletInputService - ok
15:35:56.0160 4784 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:35:56.0176 4784 TapiSrv - ok
15:35:56.0192 4784 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
15:35:56.0192 4784 TBS - ok
15:35:56.0238 4784 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:35:56.0254 4784 Tcpip - ok
15:35:56.0270 4784 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
15:35:56.0285 4784 Tcpip6 - ok
15:35:56.0301 4784 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:35:56.0316 4784 tcpipreg - ok
15:35:56.0348 4784 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:35:56.0363 4784 TDPIPE - ok
15:35:56.0410 4784 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:35:56.0410 4784 TDTCP - ok
15:35:56.0441 4784 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:35:56.0441 4784 tdx - ok
15:35:56.0472 4784 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:35:56.0472 4784 TermDD - ok
15:35:56.0504 4784 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
15:35:56.0519 4784 TermService - ok
15:35:56.0550 4784 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
15:35:56.0550 4784 Themes - ok
15:35:56.0566 4784 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
15:35:56.0582 4784 THREADORDER - ok
15:35:56.0597 4784 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
15:35:56.0613 4784 TrkWks - ok
15:35:56.0660 4784 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:35:56.0660 4784 TrustedInstaller - ok
15:35:56.0706 4784 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:35:56.0706 4784 tssecsrv - ok
15:35:56.0753 4784 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
15:35:56.0753 4784 tunmp - ok
15:35:56.0784 4784 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:35:56.0784 4784 tunnel - ok
15:35:56.0816 4784 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:35:56.0816 4784 uagp35 - ok
15:35:56.0831 4784 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:35:56.0847 4784 udfs - ok
15:35:56.0909 4784 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:35:56.0909 4784 UI0Detect - ok
15:35:56.0940 4784 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:35:56.0940 4784 uliagpkx - ok
15:35:56.0956 4784 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
15:35:56.0956 4784 uliahci - ok
15:35:56.0987 4784 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
15:35:56.0987 4784 UlSata - ok
15:35:57.0018 4784 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
15:35:57.0018 4784 ulsata2 - ok
15:35:57.0050 4784 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:35:57.0050 4784 umbus - ok
15:35:57.0081 4784 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
15:35:57.0096 4784 upnphost - ok
15:35:57.0143 4784 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:35:57.0143 4784 USBAAPL - ok
15:35:57.0174 4784 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:35:57.0174 4784 usbccgp - ok
15:35:57.0206 4784 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:35:57.0206 4784 usbcir - ok
15:35:57.0221 4784 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:35:57.0221 4784 usbehci - ok
15:35:57.0252 4784 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:35:57.0268 4784 usbhub - ok
15:35:57.0284 4784 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:35:57.0284 4784 usbohci - ok
15:35:57.0315 4784 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:35:57.0315 4784 usbprint - ok
15:35:57.0362 4784 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:35:57.0377 4784 usbscan - ok
15:35:57.0393 4784 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:35:57.0393 4784 USBSTOR - ok
15:35:57.0424 4784 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:35:57.0424 4784 usbuhci - ok
15:35:57.0455 4784 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
15:35:57.0455 4784 UxSms - ok
15:35:57.0502 4784 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
15:35:57.0518 4784 vds - ok
15:35:57.0580 4784 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:35:57.0580 4784 vga - ok
15:35:57.0611 4784 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
15:35:57.0611 4784 VgaSave - ok
15:35:57.0658 4784 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:35:57.0658 4784 viaagp - ok
15:35:57.0689 4784 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:35:57.0689 4784 ViaC7 - ok
15:35:57.0705 4784 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
15:35:57.0705 4784 viaide - ok
15:35:57.0752 4784 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:35:57.0752 4784 volmgr - ok
15:35:57.0783 4784 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:35:57.0798 4784 volmgrx - ok
15:35:57.0830 4784 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:35:57.0845 4784 volsnap - ok
15:35:57.0876 4784 vsdatant7 - ok
15:35:57.0892 4784 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:35:57.0892 4784 vsmraid - ok
15:35:57.0970 4784 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
15:35:58.0001 4784 VSS - ok
15:35:58.0017 4784 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
15:35:58.0017 4784 W32Time - ok
15:35:58.0064 4784 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:35:58.0064 4784 WacomPen - ok
15:35:58.0110 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
15:35:58.0110 4784 Wanarp - ok
15:35:58.0126 4784 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:35:58.0126 4784 Wanarpv6 - ok
15:35:58.0157 4784 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:35:58.0157 4784 wcncsvc - ok
15:35:58.0188 4784 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:35:58.0188 4784 WcsPlugInService - ok
15:35:58.0220 4784 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
15:35:58.0220 4784 Wd - ok
15:35:58.0266 4784 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:35:58.0282 4784 Wdf01000 - ok
15:35:58.0313 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:35:58.0329 4784 WdiServiceHost - ok
15:35:58.0329 4784 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:35:58.0344 4784 WdiSystemHost - ok
15:35:58.0376 4784 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
15:35:58.0391 4784 WebClient - ok
15:35:58.0422 4784 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:35:58.0422 4784 Wecsvc - ok
15:35:58.0469 4784 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:35:58.0469 4784 wercplsupport - ok
15:35:58.0500 4784 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
15:35:58.0500 4784 WerSvc - ok
15:35:58.0547 4784 [ 0869C31E0FF995BF00628AF8C1658E26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
15:35:58.0563 4784 winachsf - ok
15:35:58.0610 4784 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:35:58.0610 4784 WinDefend - ok
15:35:58.0625 4784 WinHttpAutoProxySvc - ok
15:35:58.0656 4784 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:35:58.0672 4784 Winmgmt - ok
15:35:58.0734 4784 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
15:35:58.0766 4784 WinRM - ok
15:35:58.0797 4784 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:35:58.0828 4784 Wlansvc - ok
15:35:58.0906 4784 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
15:35:58.0906 4784 WLSetupSvc - ok
15:35:58.0937 4784 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:35:58.0937 4784 WmiAcpi - ok
15:35:59.0000 4784 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:35:59.0000 4784 wmiApSrv - ok
15:35:59.0062 4784 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:35:59.0078 4784 WMPNetworkSvc - ok
15:35:59.0093 4784 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:35:59.0109 4784 WPCSvc

#7 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 29 December 2012 - 10:52 AM

15:35:59.0156 4784 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:35:59.0171 4784 WPDBusEnum - ok
15:35:59.0249 4784 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:35:59.0249 4784 WPFFontCache_v0400 - ok
15:35:59.0280 4784 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:35:59.0280 4784 ws2ifsl - ok
15:35:59.0312 4784 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
15:35:59.0312 4784 wscsvc - ok
15:35:59.0327 4784 WSearch - ok
15:35:59.0405 4784 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:35:59.0452 4784 wuauserv - ok
15:35:59.0499 4784 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:35:59.0514 4784 WudfPf - ok
15:35:59.0561 4784 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:35:59.0561 4784 WUDFRd - ok
15:35:59.0577 4784 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:35:59.0592 4784 wudfsvc - ok
15:35:59.0639 4784 [ BFCC507ECA58F11C5FED96E192B878CB ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
15:35:59.0639 4784 XAudio - ok
15:35:59.0655 4784 XAudioService - ok
15:35:59.0670 4784 ================ Scan global ===============================
15:35:59.0702 4784 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
15:35:59.0764 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:35:59.0795 4784 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
15:35:59.0842 4784 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
15:35:59.0842 4784 [Global] - ok
15:35:59.0842 4784 ================ Scan MBR ==================================
15:35:59.0858 4784 [ 8913823FF508CCF109DB74B636C301DA ] \Device\Harddisk0\DR0
15:36:00.0310 4784 \Device\Harddisk0\DR0 - ok
15:36:00.0310 4784 ================ Scan VBR ==================================
15:36:00.0310 4784 [ A9F57F7A3962C28D5012DEB62197DD43 ] \Device\Harddisk0\DR0\Partition1
15:36:00.0310 4784 \Device\Harddisk0\DR0\Partition1 - ok
15:36:00.0310 4784 [ 532CF77B7DFCA9BA295939D2D9EE463A ] \Device\Harddisk0\DR0\Partition2
15:36:00.0310 4784 \Device\Harddisk0\DR0\Partition2 - ok
15:36:00.0310 4784 ============================================================
15:36:00.0310 4784 Scan finished
15:36:00.0310 4784 ============================================================
15:36:00.0326 3792 Detected object count: 0
15:36:00.0326 3792 Actual detected object count: 0




# AdwCleaner v2.103 - Logfile created 12/28/2012 at 15:37:21
# Updated 25/12/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : vosz - HOME-PC
# Boot Mode : Normal
# Running from : C:\Users\vosz\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\searchplugins\Askcom.xml
File Found : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files\GamesBar
Folder Found : C:\Program Files\iWin
Folder Found : C:\Program Files\IZArc\OpenCandy
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\GamesBar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\vosz\AppData\Local\AVG Security Toolbar
Folder Found : C:\Users\vosz\AppData\LocalLow\Conduit
Folder Found : C:\Users\vosz\AppData\Roaming\iWin

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1
Key Found : HKU\S-1-5-21-2992315687-346107145-2984242248-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

File : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\prefs.js

Found : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2645238.CurrentServerDate", "9-3-2011");
Found : user_pref("CT2645238.DialogsAlignMode", "LTR");
Found : user_pref("CT2645238.DownloadReferralCookieData", "");
Found : user_pref("CT2645238.EMailNotifierPollDate", "Tue Mar 08 2011 20:27:39 GMT-0500 (Eastern Standard Ti[...]
Found : user_pref("CT2645238.FirstServerDate", "5-3-2011");
Found : user_pref("CT2645238.FirstTime", true);
Found : user_pref("CT2645238.FirstTimeFF3", true);
Found : user_pref("CT2645238.FirstTimeSettingsDone", true);
Found : user_pref("CT2645238.FixPageNotFoundErrors", true);
Found : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2645238.Initialize", true);
Found : user_pref("CT2645238.InitializeCommonPrefs", true);
Found : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Found : user_pref("CT2645238.InstalledDate", "Sat Mar 05 2011 09:57:20 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2645238.InvalidateCache", false);
Found : user_pref("CT2645238.IsGrouping", false);
Found : user_pref("CT2645238.IsMulticommunity", false);
Found : user_pref("CT2645238.IsOpenThankYouPage", false);
Found : user_pref("CT2645238.IsOpenUninstallPage", false);
Found : user_pref("CT2645238.LanguagePackLastCheckTime", "Tue Mar 08 2011 20:27:39 GMT-0500 (Eastern Standar[...]
Found : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2645238.LastLogin_2.6.0.15", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eastern Standard Time)[...]
Found : user_pref("CT2645238.LatestVersion", "2.6.0.15");
Found : user_pref("CT2645238.Locale", "en");
Found : user_pref("CT2645238.LoginCache", 4);
Found : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Found : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Found : user_pref("CT2645238.RadioIsPodcast", false);
Found : user_pref("CT2645238.RadioLastCheckTime", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eastern Standard Time)[...]
Found : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2645238.RadioLastUpdateServer", "0");
Found : user_pref("CT2645238.RadioMediaID", "10183");
Found : user_pref("CT2645238.RadioMediaType", "Media Player");
Found : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT264523810183");
Found : user_pref("CT2645238.RadioStationName", "WAAM");
Found : user_pref("CT2645238.RadioStationURL", "hxxp://www.mainstreamnetwork.com/listen/dynamicuasx.asp?stat[...]
Found : user_pref("CT2645238.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2645238.SavedHomepage", "hxxp://www.google.com/");
Found : user_pref("CT2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Found : user_pref("CT2645238.SearchInNewTabEnabled", true);
Found : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Tue Mar 08 2011 20:27:33 GMT-0500 (Eastern Stand[...]
Found : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2645238.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2645238.SettingsLastCheckTime", "Tue Mar 08 2011 20:27:32 GMT-0500 (Eastern Standard Ti[...]
Found : user_pref("CT2645238.SettingsLastUpdate", "1299279411");
Found : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Fri Mar 04 2011 22:18:47 GMT-0500 (Eastern Sta[...]
Found : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2645238.UserID", "UN34163925007762164");
Found : user_pref("CT2645238.ValidationData_Toolbar", 2);
Found : user_pref("CT2645238.WeatherNetwork", "");
Found : user_pref("CT2645238.WeatherPollDate", "Tue Mar 08 2011 20:27:35 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2645238.WeatherUnit", "F");
Found : user_pref("CT2645238.alertChannelId", "1037922");
Found : user_pref("CT2645238.clientLogIsEnabled", true);
Found : user_pref("CT2645238.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2645238.ct2645238.FirstTimeSettingsDone", true);
Found : user_pref("CT2645238.ct2645238.SettingsLastCheckTime", "Sat Mar 05 2011 09:57:20 GMT-0500 (Eastern S[...]
Found : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 09:57:20 GMT-0500 (E[...]
Found : user_pref("CT2645238.myStuffEnabled", true);
Found : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2645238.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2645238");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eas[...]
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2645238");
Found : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm Security Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&Sea[...]
Found : user_pref("browser.search.selectedEngine", "Ask.com");
Found : user_pref("extensions.facemoods.id", "f2b77e1af9b34a2e9fe2f8b088e441b6");
Found : user_pref("extensions.facemoods.instlDay", "15008");
Found : user_pref("extensions.facemoods.lastActv", "4");
Found : user_pref("extensions.facemoods.newTab", false);
Found : user_pref("extensions.facemoods.sid", "f2b77e1af9b34a2e9fe2f8b088e441b6");
Found : user_pref("extensions.facemoods.update", "_#v1.1.0");
Found : user_pref("sfLog.10:07:36 PM:959.0551-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:36 PM:959.0554-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:36 PM:960.0566-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:36 PM:960.0567-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:07:36 PM:960.0568-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Found : user_pref("sfLog.10:07:36 PM:960.0569-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Found : user_pref("sfLog.10:07:36 PM:964.0598-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Found : user_pref("sfLog.10:07:36 PM:965.0600-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Found : user_pref("sfLog.10:07:36 PM:965.0601-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:07:38 PM:433.0627-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:38 PM:433.0630-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:38 PM:436.0642-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:38 PM:436.0645-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:39 PM:378.0672-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:39 PM:378.0675-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:41 PM:60.0687-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:41 PM:60.0690-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:42 PM:923.0778-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:42 PM:923.0781-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:43 PM:525.0808-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:43 PM:525.0811-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:43 PM:529.0823-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:43 PM:530.0826-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:48 PM:555.1020-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Found : user_pref("sfLog.10:07:53 PM:386.1058-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:53 PM:386.1061-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:57 PM:832.1366-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:07:57 PM:832.1369-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:247.0489-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:247.0492-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:253.0504-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:254.0507-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:419.0519-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:420.0522-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:50.0421-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:50.0424-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:51.0436-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:51.0437-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:08:20 PM:51.0438-wsEngine:::prepareAndInjectJs b4 --------------------------inj [...]
Found : user_pref("sfLog.10:08:20 PM:51.0439-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4 [...]
Found : user_pref("sfLog.10:08:20 PM:54.0468-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loca[...]
Found : user_pref("sfLog.10:08:20 PM:56.0470-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=h[...]
Found : user_pref("sfLog.10:08:20 PM:56.0471-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:08:20 PM:79.0474-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:20 PM:79.0477-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:21 PM:154.0534-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:21 PM:155.0537-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:23 PM:417.0625-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:23 PM:417.0628-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:25 PM:150.0655-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:25 PM:150.0658-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:27 PM:594.0761-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Found : user_pref("sfLog.10:08:29 PM:831.0910-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:29 PM:831.0913-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:30 PM:550.0975-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:08:30 PM:550.0978-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:550.0574-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:550.0577-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:551.0589-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:551.0590-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:15:39 AM:551.0591-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Found : user_pref("sfLog.10:15:39 AM:551.0592-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Found : user_pref("sfLog.10:15:39 AM:554.0621-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Found : user_pref("sfLog.10:15:39 AM:556.0623-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Found : user_pref("sfLog.10:15:39 AM:556.0624-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:15:39 AM:559.0627-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:559.0630-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:562.0642-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:39 AM:562.0645-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:49 AM:358.0897-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:49 AM:359.0900-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:49 AM:848.0912-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:49 AM:848.0915-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:50 AM:555.0992-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:50 AM:555.0995-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:51 AM:127.1037-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:51 AM:128.1040-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:53 AM:299.1105-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:53 AM:299.1108-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:53 AM:308.1120-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:53 AM:309.1123-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:54 AM:693.1150-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:54 AM:693.1153-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:15:55 AM:257.1165-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Found : user_pref("sfLog.10:16:54 AM:491.1821-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:492.1824-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:492.1836-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:493.1837-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:16:54 AM:493.1838-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Found : user_pref("sfLog.10:16:54 AM:493.1839-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Found : user_pref("sfLog.10:16:54 AM:497.1868-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Found : user_pref("sfLog.10:16:54 AM:499.1870-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Found : user_pref("sfLog.10:16:54 AM:499.1871-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:16:54 AM:515.1874-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:516.1877-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:696.1889-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:696.1892-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:953.1904-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:954.1907-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:992.1919-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:54 AM:992.1922-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:55 AM:69.1934-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:16:55 AM:69.1937-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:02 AM:150.1949-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:02 AM:151.1952-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:03 AM:846.2017-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Found : user_pref("sfLog.10:17:03 AM:89.2002-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:03 AM:89.2005-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:12 AM:556.2063-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:12 AM:557.2066-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:18 AM:571.2078-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:18 AM:572.2081-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:27 AM:980.2093-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:27 AM:981.2096-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:30 AM:588.2108-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:30 AM:589.2111-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:48 AM:602.2123-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:17:48 AM:602.2126-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:18:04 AM:37.2138-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:18:04 AM:38.2141-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:01 PM:913.17776-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:01 PM:914.17779-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:01 PM:915.17791-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:01 PM:915.17792-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:19:01 PM:915.17793-wsEngine:::prepareAndInjectJs b4 --------------------------in[...]
Found : user_pref("sfLog.10:19:01 PM:915.17794-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b[...]
Found : user_pref("sfLog.10:19:01 PM:920.17823-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.lo[...]
Found : user_pref("sfLog.10:19:01 PM:923.17825-wsEngine:::prepareAndInjectJs after inj aDomdocument.location[...]
Found : user_pref("sfLog.10:19:01 PM:923.17826-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:19:23 PM:456.17829-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:23 PM:456.17832-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:23 PM:458.17844-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:19:23 PM:458.17845-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:19:23 PM:459.17846-wsEngine:::prepareAndInjectJs b4 --------------------------in[...]
Found : user_pref("sfLog.10:19:23 PM:459.17847-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b[...]
Found : user_pref("sfLog.10:19:23 PM:467.17876-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.lo[...]
Found : user_pref("sfLog.10:19:23 PM:470.17878-wsEngine:::prepareAndInjectJs after inj aDomdocument.location[...]
Found : user_pref("sfLog.10:19:23 PM:470.17879-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:21:52 PM:656.2114-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:656.2117-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:657.2129-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:657.2130-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Found : user_pref("sfLog.10:21:52 PM:657.2131-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Found : user_pref("sfLog.10:21:52 PM:657.2132-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Found : user_pref("sfLog.10:21:52 PM:661.2161-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Found : user_pref("sfLog.10:21:52 PM:664.2163-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Found : user_pref("sfLog.10:21:52 PM:664.2164-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Found : user_pref("sfLog.10:21:52 PM:667.2167-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:668.2170-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:671.2182-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Found : user_pref("sfLog.10:21:52 PM:671.2185-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26768 octets] - [28/12/2012 15:37:21]

########## EOF - C:\AdwCleaner[R1].txt - [26829 octets] ##########

#8 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 29 December 2012 - 03:37 PM

Hi again,

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

====

Please download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • In the "Custom Scans/Fixes" window (under the light green bar) paste the content of the following the codebox:
    netsvcs
    drivers32 
    %SYSTEMDRIVE%\*.*
    %systemroot%\*.* /mp /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    %systemdrive%\Qoobox\Quarantine\*.* /s /md5
    
  • Click Run Scan and let the program run uninterrupted.
  • When the scan completes, it will open two Notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Post both logs in this thread.
  • You may need to use two posts to get it all.
====

In your next post, please include
  • The AdwCleaner log
  • The OTL logs


#9 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 10:57 AM

I did the scans. And sorry, I just wanted to ask: So have you figured out from the scans if Avast's weird behavior was caused by a malware infection? Or was my computer clean?

Anyway, my logs:


# AdwCleaner v2.104 - Logfile created 12/30/2012 at 01:07:04
# Updated 29/12/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : vosz - HOME-PC
# Boot Mode : Normal
# Running from : C:\Users\vosz\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\searchplugins\Askcom.xml
File Deleted : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\searchplugins\Conduit.xml
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\iWin
Folder Deleted : C:\Program Files\IZArc\OpenCandy
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\vosz\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\vosz\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\vosz\AppData\Roaming\iWin

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

File : C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\prefs.js

Deleted : user_pref("CT2645238.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2645238.CurrentServerDate", "9-3-2011");
Deleted : user_pref("CT2645238.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2645238.DownloadReferralCookieData", "");
Deleted : user_pref("CT2645238.EMailNotifierPollDate", "Tue Mar 08 2011 20:27:39 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2645238.FirstServerDate", "5-3-2011");
Deleted : user_pref("CT2645238.FirstTime", true);
Deleted : user_pref("CT2645238.FirstTimeFF3", true);
Deleted : user_pref("CT2645238.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2645238.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2645238.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2645238.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2645238.Initialize", true);
Deleted : user_pref("CT2645238.InitializeCommonPrefs", true);
Deleted : user_pref("CT2645238.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2645238.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2645238.InstalledDate", "Sat Mar 05 2011 09:57:20 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2645238.InvalidateCache", false);
Deleted : user_pref("CT2645238.IsGrouping", false);
Deleted : user_pref("CT2645238.IsMulticommunity", false);
Deleted : user_pref("CT2645238.IsOpenThankYouPage", false);
Deleted : user_pref("CT2645238.IsOpenUninstallPage", false);
Deleted : user_pref("CT2645238.LanguagePackLastCheckTime", "Tue Mar 08 2011 20:27:39 GMT-0500 (Eastern Standar[...]
Deleted : user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2645238.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2645238.LastLogin_2.6.0.15", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT2645238.LatestVersion", "2.6.0.15");
Deleted : user_pref("CT2645238.Locale", "en");
Deleted : user_pref("CT2645238.LoginCache", 4);
Deleted : user_pref("CT2645238.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2645238.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2645238.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2645238.RadioIsPodcast", false);
Deleted : user_pref("CT2645238.RadioLastCheckTime", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eastern Standard Time)[...]
Deleted : user_pref("CT2645238.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2645238.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2645238.RadioMediaID", "10183");
Deleted : user_pref("CT2645238.RadioMediaType", "Media Player");
Deleted : user_pref("CT2645238.RadioMenuSelectedID", "EBRadioMenu_CT264523810183");
Deleted : user_pref("CT2645238.RadioStationName", "WAAM");
Deleted : user_pref("CT2645238.RadioStationURL", "hxxp://www.mainstreamnetwork.com/listen/dynamicuasx.asp?stat[...]
Deleted : user_pref("CT2645238.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2645238.SavedHomepage", "hxxp://www.google.com/");
Deleted : user_pref("CT2645238.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2645238.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2645238.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT264[...]
Deleted : user_pref("CT2645238.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2645238.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2645238.SearchInNewTabLastCheckTime", "Tue Mar 08 2011 20:27:33 GMT-0500 (Eastern Stand[...]
Deleted : user_pref("CT2645238.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2645238.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2645238.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2645238.SettingsLastCheckTime", "Tue Mar 08 2011 20:27:32 GMT-0500 (Eastern Standard Ti[...]
Deleted : user_pref("CT2645238.SettingsLastUpdate", "1299279411");
Deleted : user_pref("CT2645238.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Fri Mar 04 2011 22:18:47 GMT-0500 (Eastern Sta[...]
Deleted : user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2645238.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Deleted : user_pref("CT2645238.UserID", "UN34163925007762164");
Deleted : user_pref("CT2645238.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2645238.WeatherNetwork", "");
Deleted : user_pref("CT2645238.WeatherPollDate", "Tue Mar 08 2011 20:27:35 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT2645238.WeatherUnit", "F");
Deleted : user_pref("CT2645238.alertChannelId", "1037922");
Deleted : user_pref("CT2645238.clientLogIsEnabled", true);
Deleted : user_pref("CT2645238.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2645238.ct2645238.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2645238.ct2645238.SettingsLastCheckTime", "Sat Mar 05 2011 09:57:20 GMT-0500 (Eastern S[...]
Deleted : user_pref("CT2645238.ct2645238.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 09:57:20 GMT-0500 (E[...]
Deleted : user_pref("CT2645238.myStuffEnabled", true);
Deleted : user_pref("CT2645238.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2645238.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2645238.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2645238.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2645238.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2645238");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2645238");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Mar 08 2011 20:27:34 GMT-0500 (Eas[...]
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2645238");
Deleted : user_pref("browser.search.defaultthis.engineName", "ZoneAlarm Security Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2645238&Sea[...]
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("extensions.facemoods.id", "f2b77e1af9b34a2e9fe2f8b088e441b6");
Deleted : user_pref("extensions.facemoods.instlDay", "15008");
Deleted : user_pref("extensions.facemoods.lastActv", "4");
Deleted : user_pref("extensions.facemoods.newTab", false);
Deleted : user_pref("extensions.facemoods.sid", "f2b77e1af9b34a2e9fe2f8b088e441b6");
Deleted : user_pref("extensions.facemoods.update", "_#v1.1.0");
Deleted : user_pref("sfLog.10:07:36 PM:959.0551-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:36 PM:959.0554-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:36 PM:960.0566-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:36 PM:960.0567-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:07:36 PM:960.0568-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Deleted : user_pref("sfLog.10:07:36 PM:960.0569-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Deleted : user_pref("sfLog.10:07:36 PM:964.0598-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Deleted : user_pref("sfLog.10:07:36 PM:965.0600-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Deleted : user_pref("sfLog.10:07:36 PM:965.0601-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:07:38 PM:433.0627-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:38 PM:433.0630-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:38 PM:436.0642-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:38 PM:436.0645-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:39 PM:378.0672-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:39 PM:378.0675-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:41 PM:60.0687-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:41 PM:60.0690-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:42 PM:923.0778-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:42 PM:923.0781-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:43 PM:525.0808-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:43 PM:525.0811-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:43 PM:529.0823-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:43 PM:530.0826-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:48 PM:555.1020-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Deleted : user_pref("sfLog.10:07:53 PM:386.1058-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:53 PM:386.1061-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:57 PM:832.1366-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:07:57 PM:832.1369-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:247.0489-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:247.0492-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:253.0504-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:254.0507-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:419.0519-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:420.0522-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:50.0421-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:50.0424-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:51.0436-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:51.0437-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:08:20 PM:51.0438-wsEngine:::prepareAndInjectJs b4 --------------------------inj [...]
Deleted : user_pref("sfLog.10:08:20 PM:51.0439-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4 [...]
Deleted : user_pref("sfLog.10:08:20 PM:54.0468-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loca[...]
Deleted : user_pref("sfLog.10:08:20 PM:56.0470-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=h[...]
Deleted : user_pref("sfLog.10:08:20 PM:56.0471-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:08:20 PM:79.0474-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:20 PM:79.0477-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:21 PM:154.0534-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:21 PM:155.0537-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:23 PM:417.0625-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:23 PM:417.0628-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:25 PM:150.0655-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:25 PM:150.0658-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:27 PM:594.0761-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Deleted : user_pref("sfLog.10:08:29 PM:831.0910-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:29 PM:831.0913-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:30 PM:550.0975-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:08:30 PM:550.0978-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:550.0574-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:550.0577-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:551.0589-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:551.0590-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:15:39 AM:551.0591-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Deleted : user_pref("sfLog.10:15:39 AM:551.0592-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Deleted : user_pref("sfLog.10:15:39 AM:554.0621-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Deleted : user_pref("sfLog.10:15:39 AM:556.0623-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Deleted : user_pref("sfLog.10:15:39 AM:556.0624-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:15:39 AM:559.0627-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:559.0630-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:562.0642-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:39 AM:562.0645-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:49 AM:358.0897-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:49 AM:359.0900-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:49 AM:848.0912-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:49 AM:848.0915-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:50 AM:555.0992-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:50 AM:555.0995-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:51 AM:127.1037-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:51 AM:128.1040-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:53 AM:299.1105-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:53 AM:299.1108-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:53 AM:308.1120-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:53 AM:309.1123-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:54 AM:693.1150-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:54 AM:693.1153-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:15:55 AM:257.1165-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Deleted : user_pref("sfLog.10:16:54 AM:491.1821-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:492.1824-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:492.1836-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:493.1837-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:16:54 AM:493.1838-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Deleted : user_pref("sfLog.10:16:54 AM:493.1839-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Deleted : user_pref("sfLog.10:16:54 AM:497.1868-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Deleted : user_pref("sfLog.10:16:54 AM:499.1870-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Deleted : user_pref("sfLog.10:16:54 AM:499.1871-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:16:54 AM:515.1874-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:516.1877-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:696.1889-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:696.1892-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:953.1904-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:954.1907-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:992.1919-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:54 AM:992.1922-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:55 AM:69.1934-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:16:55 AM:69.1937-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:02 AM:150.1949-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:02 AM:151.1952-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:03 AM:846.2017-wsEngine:::myExtension 888888888888888888888888888888888888888[...]
Deleted : user_pref("sfLog.10:17:03 AM:89.2002-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:03 AM:89.2005-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:12 AM:556.2063-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:12 AM:557.2066-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:18 AM:571.2078-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:18 AM:572.2081-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:27 AM:980.2093-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:27 AM:981.2096-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:30 AM:588.2108-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:30 AM:589.2111-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:48 AM:602.2123-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:17:48 AM:602.2126-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:18:04 AM:37.2138-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:18:04 AM:38.2141-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:01 PM:913.17776-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:01 PM:914.17779-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:01 PM:915.17791-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:01 PM:915.17792-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:19:01 PM:915.17793-wsEngine:::prepareAndInjectJs b4 --------------------------in[...]
Deleted : user_pref("sfLog.10:19:01 PM:915.17794-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b[...]
Deleted : user_pref("sfLog.10:19:01 PM:920.17823-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.lo[...]
Deleted : user_pref("sfLog.10:19:01 PM:923.17825-wsEngine:::prepareAndInjectJs after inj aDomdocument.location[...]
Deleted : user_pref("sfLog.10:19:01 PM:923.17826-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:19:23 PM:456.17829-wsEngine:::onStateStopped 1 )))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:23 PM:456.17832-wsEngine:::onStateStopped 1 3))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:23 PM:458.17844-wsEngine:::prepareAndInjectJs 1 )))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:19:23 PM:458.17845-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:19:23 PM:459.17846-wsEngine:::prepareAndInjectJs b4 --------------------------in[...]
Deleted : user_pref("sfLog.10:19:23 PM:459.17847-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b[...]
Deleted : user_pref("sfLog.10:19:23 PM:467.17876-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.lo[...]
Deleted : user_pref("sfLog.10:19:23 PM:470.17878-wsEngine:::prepareAndInjectJs after inj aDomdocument.location[...]
Deleted : user_pref("sfLog.10:19:23 PM:470.17879-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:21:52 PM:656.2114-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:656.2117-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:657.2129-wsEngine:::prepareAndInjectJs 1 ))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:657.2130-wsEngine:::prepareAndInjectJs TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT[...]
Deleted : user_pref("sfLog.10:21:52 PM:657.2131-wsEngine:::prepareAndInjectJs b4 --------------------------inj[...]
Deleted : user_pref("sfLog.10:21:52 PM:657.2132-wsEngine:::prepareAndInjectJs aUtils.isPluginStateEnabled() b4[...]
Deleted : user_pref("sfLog.10:21:52 PM:661.2161-wsEngine:::jsInject 2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> doc.loc[...]
Deleted : user_pref("sfLog.10:21:52 PM:664.2163-wsEngine:::prepareAndInjectJs after inj aDomdocument.location=[...]
Deleted : user_pref("sfLog.10:21:52 PM:664.2164-wsEngine:::addSaveStatisticsWebPageEventListener ^^^^^^^^^^^^^[...]
Deleted : user_pref("sfLog.10:21:52 PM:667.2167-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:668.2170-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:671.2182-wsEngine:::onStateStopped 1 ))))))))))))))))))))))))))))))))))[...]
Deleted : user_pref("sfLog.10:21:52 PM:671.2185-wsEngine:::onStateStopped 1 3)))))))))))))))))))))))))))))))))[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [26899 octets] - [28/12/2012 15:37:21]
AdwCleaner[S1].txt - [27071 octets] - [30/12/2012 01:07:04]

########## EOF - C:\AdwCleaner[S1].txt - [27132 octets] ##########

#10 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 11:03 AM

OTL.Txt file is too large and Google Chrome keeps crashing the webpage every time I try to copy and paste it. Hm...


OTL Extras logfile created on: 12/30/2012 1:23:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vosz\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.11% Memory free
6.21 Gb Paging File | 4.79 Gb Available in Paging File | 77.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.71 Gb Total Space | 243.10 Gb Free Space | 53.23% Space Free | Partition Type: NTFS
Drive D: | 9.05 Gb Total Space | 0.90 Gb Free Space | 9.92% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: vosz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D596C77-8C00-4FE2-BF40-8DABA3B002D7}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv™ media server discovery |
"{161CA7BC-360B-4ACB-8E1B-A077357088B9}" = rport=139 | protocol=6 | dir=out | app=system |
"{1ED2D791-AC26-4BE3-9B62-D0F17D09FF42}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv™ media server upnp discovery |
"{4C91C913-8C1C-45BD-AE1D-7E25DCC3C04F}" = lport=138 | protocol=17 | dir=in | app=system |
"{5FAAF92F-BC0F-4DD5-99E0-6EC110B5AB19}" = lport=445 | protocol=6 | dir=in | app=system |
"{8079E77C-F046-4B92-BE77-87CB9D109A23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9558EBFC-A92E-4BC1-BF3A-6021B68DF890}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{959D7113-BE3E-4BBD-97F3-ECA621C84804}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9AE964BB-4DDA-4977-82D0-072F4D2BE88F}" = rport=138 | protocol=17 | dir=out | app=system |
"{CD552C3D-9615-44D5-B100-6FADC32F45EB}" = rport=445 | protocol=6 | dir=out | app=system |
"{D78A220C-A51C-4621-879B-7532C7899816}" = rport=137 | protocol=17 | dir=out | app=system |
"{DC9AA87E-2627-43CF-8976-BB5004E4D1B4}" = lport=137 | protocol=17 | dir=in | app=system |
"{EE9258D6-8333-4402-8572-1069C010891D}" = lport=139 | protocol=6 | dir=in | app=system |
"{F8C675BA-23AA-4180-8E25-E5C2C05F59E8}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A993EC-BA76-42B5-9414-B3F2E3C05533}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{0527CB09-2BC2-47B7-B011-EA73F79F33D9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0ABF0FC6-61FD-4E00-8E01-EE5D80302D8C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0B0153C3-4BE9-46F4-834B-15808FC4E469}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{0D6B3874-31D6-4ACC-BBAD-BB27B47629D5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{0E2AD1AC-2201-4C3F-9556-62EE8EF62A25}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{1911B5C5-DC97-4995-B75E-C0EE594D0481}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{21E7655B-8D38-4E6B-A561-65DFC8EAB713}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{24529872-4BFE-405C-98DE-06F943377ED1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{263554A4-9602-4824-A169-456BAAEEE246}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2697011C-7C45-4C55-828C-127C53A65262}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{2E2AC41B-C6A6-48F0-A9E2-290AC8963FA7}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{34B75B2E-ACD2-4190-AAE5-C84AE25CB85B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3AC07892-5CBD-4C0F-8F3D-8E423F4684BC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3D0017FB-FE56-4B08-809A-7846844D8CDF}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{3E92D1B7-E23C-45AA-8CD4-70972BAA08B1}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{488F9BCB-A4A8-4B3A-A9AE-4747877ED82C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{4A44AE59-3D7F-4013-9FEE-7E58EF5662A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{521742B2-C746-42CB-81F9-14254C7C0798}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{5223C32E-1F04-4976-B3F5-3D04A669DBE0}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{5B353278-1CDA-4742-8468-FEC2F78B436D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{606B9243-BF44-46E7-88F3-9344E7840004}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{62564648-C7EF-47BE-BC30-009B68939C48}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{6510870F-4360-49ED-96B2-5C89CD231EF6}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{690B5A1F-BED3-4D88-99DF-BC306428EA90}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{71053E66-A971-4D3B-A5AB-8CC0FE129D48}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{72AD63A7-9597-4A3F-A8FF-4E0F64D67900}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{74148C69-D87B-45A0-97DA-595AC833E94E}" = protocol=17 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
"{7A325085-D39F-4BDE-97D9-7C0640457DED}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{7F28ACA2-A946-48CC-8D59-B254A9B6E1DA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{81655ECA-55FE-4D26-B769-F3B7E71C7A0E}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{82408E6F-FC8C-4EA9-AB9F-1748593DBFB5}" = protocol=6 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
"{8818DFF9-165E-414A-8BAD-AB59979256B1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8C04A839-C843-49CE-944C-EA11FEEE1163}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{901C522F-3C1D-4C18-94A1-71329EF03724}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{9077BB87-CA58-46D2-AB9B-7BF445108DC8}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9D4C4060-07FA-45EE-90F8-CDA222E669BA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9E121A32-C568-46DB-B9A9-31733CF0594D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{9E35D132-FDB9-4B36-A340-DDE07EDE12B4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{9E63F931-2D8E-4CE4-BDBE-EFB5E48D15F5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{9FEC4D28-4313-4BE7-9A80-F7B83B856D45}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A80D9DF9-B97C-4D8F-8BC6-D6678CA9CFAE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AB4EC6ED-92DF-4D65-A1F7-49B94E79ADFB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B17E7C86-EA82-4C0F-A990-B71E89F2391A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B2289A52-9A3C-48AB-9F2C-673898AFBB39}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B23B3DEC-A841-427F-B5BB-8E1A778F1ABD}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B37864F9-C6D2-4857-B2A2-CA6D308895D0}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{B6DA95D3-81C3-414E-88ED-D8CAA6B4EA65}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BB03A07D-DFD6-423F-A71D-894B54B93A92}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{BC682AFC-BCC4-434E-91AB-4389162A62D4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C3C4E888-81F1-48A5-82E8-30E36C088150}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C5A5E946-027D-47B5-8CD3-A79993AC20E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{C957E975-8944-4FC2-9AAB-A2920BCA9366}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D078CD8C-C57E-4BD7-B5B9-34174E56D539}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{D12C503B-B329-4D13-ADBD-F9FF0EB35A05}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D282F648-7BC6-4E59-B2F6-13569F20592E}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{D44CF239-2578-4BC3-B3F1-AF744EDFA402}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E3ECE95A-3786-4C19-BB59-CE46D9B0DCA9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E703E613-1475-40D2-9F11-24560339E577}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{EFC0B64D-F0C8-44C1-B3B6-5208B5842E97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F1DACD24-584E-4A6F-A059-F8F258379B4E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{FA8E0001-F5C7-4628-94EB-1C861AC0AB4E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{12ED785F-D5BF-4E79-95C4-7A04EC635A47}C:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=6 | dir=in | app=c:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe |
"TCP Query User{1E18F529-A011-4C9E-9B64-FA5B7F7212D6}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{4A9FB18B-DAF5-4056-9FC9-C324016B6FED}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{4FE5A4FC-BDB3-4C9F-A4F2-9937897C8B2E}C:\users\vosz\desktop\launcher\anime\video\utorrent.exe" = protocol=6 | dir=in | app=c:\users\vosz\desktop\launcher\anime\video\utorrent.exe |
"TCP Query User{5D06686F-4475-43B6-B83A-8B071405134B}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=6 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"TCP Query User{61657C94-E7B0-4AF9-930C-966876922BB7}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{658F7B07-38EA-4945-96BE-4DB1BA0DDD82}C:\program files\activision\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"TCP Query User{6EDD5C95-D551-4963-8023-BF0377C6B3F4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{835D8143-34A6-4212-BEB2-D71A0E5C24DC}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=6 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"TCP Query User{9E47B9D8-CFDA-4D38-9909-875585734B31}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{B7C6F04D-B76F-40C4-92F9-D34DC7E7843C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{EBDF834E-C7CC-4FF1-A71A-8A65943D9B5F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F3D3C197-DBD0-459F-AFCA-2697A5760424}C:\program files\baldursgatetutu\bgmain.exe" = protocol=6 | dir=in | app=c:\program files\baldursgatetutu\bgmain.exe |
"UDP Query User{308F739D-B639-48BC-9326-0906A5A64EA9}C:\program files\activision\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"UDP Query User{35466D7D-C23D-4494-97FD-18935B9A5B8B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3D96D130-5F3C-4974-8BC3-AF458A62D485}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{5EF90B3C-B038-4718-8DC9-28ECE8D4358E}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=17 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"UDP Query User{68E3E6E4-715E-4B95-A8B6-8F8294D50D1C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{74400DF6-5130-434C-B895-5ACCAFEB8291}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{7959BA9A-BF1F-4E39-9476-8055BFBB0A43}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"UDP Query User{A19F3363-56DD-40DB-8734-CB68A0ADE796}C:\program files\baldursgatetutu\bgmain.exe" = protocol=17 | dir=in | app=c:\program files\baldursgatetutu\bgmain.exe |
"UDP Query User{B91C7AE4-A212-4220-B69E-56C5B349177D}C:\users\vosz\desktop\launcher\anime\video\utorrent.exe" = protocol=17 | dir=in | app=c:\users\vosz\desktop\launcher\anime\video\utorrent.exe |
"UDP Query User{C1918204-EFB7-4CF7-9405-3C2D0EC79255}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=17 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"UDP Query User{CE81B11A-488D-4324-8D86-84B698892EDF}C:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=17 | dir=in | app=c:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe |
"UDP Query User{F4985D16-830B-4760-BFDE-3E24862AB2F4}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{FC01BC33-697D-4189-AFDD-2F1FEA59D40D}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0283EDE1-D8A9-4F64-A035-5E35B4DD199A}_is1" = CLANNAD Full Voice 1.5
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}" = HP Total Care Advisor
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0FE6B77F-54CD-45ED-BB64-A99477B0A8F1}" = 5600
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{25F6C900-C138-4888-A56C-91D3D063023A}" = HP Update
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{335B1821-D274-4EFD-9EFE-3C0FD38EBE65}" = BN eReader
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galactic Adventures
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{750B354A-BF46-45E0-86D6-620026703B92}" = Nancy Drew: The Haunted Carousel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C9B562A-A7B8-4251-A0E1-638C1DF4C7D5}" = Neverwinter Nights Demo
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
"{A03DF2C3-F14C-4819-A328-77FA66B811CF}" = GeekBuddy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6B3DBA6-346F-4D06-B4C8-327F48AA701D}" = PeoplePC Accelerated
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate™ II - Throne of Bhaal ™
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200
"{BCD434CF-447A-42A8-A4C3-D929fE776EFD}" = Nancy Drew: The Deadly Device
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Creepy & Cute Parts Pack
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}" = Sins of a Solar Empire
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F26615EF-AF0A-486C-99C9-B65C8C401EBC}" = EuroTalk Talk Now!
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
"{FC7DA8F9-9AF6-4D55-B42D-B72CF88153E6}" = Election Day
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1001 Japanese Crosswords" = 1001 Japanese Crosswords
"1001 Tangram Puzzles" = 1001 Tangram Puzzles
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.12.00.803
"2002 Games" = 2002 Games
"2002 Kakuro Puzzles" = 2002 Kakuro Puzzles
"2002 Pentamino Puzzles" = 2002 Pentamino Puzzles
"2002 Space Out Games" = 2002 Space Out Games
"2002 Sudoku Games" = 2002 Sudoku Games
"500 Solitaire Games" = 500 Solitaire Games
"7-Zip" = 7-Zip 9.20
"ACD/Labs Software(1)" = ACD/Labs Software 5 (C:\ACDFREE5)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"avast" = avast! Free Antivirus
"Baldur's Gate" = Baldur's Gate
"Baldur's Gate Tutu" = Baldur's Gate Tutu
"BFGC" = Big Fish Games: Game Manager
"Brain Games Brain Teasers" = Brain Games Brain Teasers
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"Comodo Dragon" = Comodo Dragon
"DAEMON Tools Lite" = DAEMON Tools Lite
"Democracy 2 Demo_is1" = Democracy 2 Demo
"EA Download Manager" = EA Download Manager
"EASy68K" = EASy68K 5.12.5
"egamestoolbar" = eGames Toolbar
"Farm Frenzy 2" = Farm Frenzy 2
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.0
"Game Maker 7.0" = Game Maker 7.0
"GamesBar" = GamesBar 2.0.1.55
"GameSpy Arcade" = GameSpy Arcade
"Guild Wars" = Guild Wars
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"Immortal Lovers" = Immortal Lovers
"Impulse" = Impulse
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"Intel® Configuration Center" = Intel® Viiv™ Software
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMGWTFOTL" = OMGWTFOTL 1.0E
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"P4E8_DEMO_is1" = President Forever 2008 + Primaries Demo - v. 1.6.0.4
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PeoplePC Online" = PeoplePC Online
"Rhapsody" = Rhapsody
"Roads of Rome III" = Roads of Rome III
"RPGToolkit3" = RPGToolkit, Version 3.1.0
"RSKDL" = Risk (remove only)
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"SCRABBLE" = SCRABBLE
"Sega Smash Pack II" = Sega Smash Pack II
"SEGAGenesisClassics" = SEGA Genesis Classics
"Sins of a Solar Empire" = Sins of a Solar Empire
"Sins of a Solar Empire - Diplomacy" = Sins of a Solar Empire - Diplomacy
"Sins of a Solar Empire - Entrenchment" = Sins of a Solar Empire - Entrenchment
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Steam App 400" = Portal
"Steam App 620" = Portal 2
"Treasure Masters, Inc." = Treasure Masters, Inc.
"VLC media player" = VLC media player 1.1.5
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinGimp-2.0_is1" = GIMP 2.6.11
"WTA-23d9419f-0d3d-4924-ae7c-fa2f31586faa" = Cruel Games: Red Riding Hood
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Tales Of Worlds 1.6" = Tales Of Worlds 1.6

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/30/2012 12:01:41 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8096

Error - 12/30/2012 12:01:41 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8096

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9110

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9110

Error - 12/30/2012 2:06:51 AM | Computer Name = home-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module dthook.dll_unloaded, version 0.0.0.0, time stamp 0x462fad59,
exception code 0xc0000005, fault offset 0x03893112, process id 0xf84, application
start time 0x01cde5dbd3a2aa58.

Error - 12/30/2012 4:01:40 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 12/30/2012 4:01:43 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 12/30/2012 4:02:38 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 12/30/2012 4:02:42 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 1023
Description =

[ Media Center Events ]
Error - 6/9/2008 1:23:32 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/28/2008 9:45:50 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/27/2008 7:55:22 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/26/2008 10:47:12 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/9/2009 7:28:01 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 11:46:22 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/14/2009 7:26:32 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 1:58:34 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/11/2009 10:42:53 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2011 2:44:47 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 12/29/2012 6:55:09 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:56:30 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:59:00 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:59:32 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 8:35:28 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 11:53:58 PM | Computer Name = home-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 12/30/2012 2:17:04 AM | Computer Name = home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/30/2012 2:20:11 AM | Computer Name = home-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/30/2012 4:01:54 AM | Computer Name = home-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 12/30/2012 4:03:25 AM | Computer Name = home-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >

#11 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 11:26 AM

OTL logfile created on: 12/30/2012 1:23:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vosz\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.11% Memory free
6.21 Gb Paging File | 4.79 Gb Available in Paging File | 77.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.71 Gb Total Space | 243.10 Gb Free Space | 53.23% Space Free | Partition Type: NTFS
Drive D: | 9.05 Gb Total Space | 0.90 Gb Free Space | 9.92% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: vosz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/30 00:38:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
PRC - [2012/12/20 11:54:24 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012/12/19 09:03:44 | 001,868,432 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2012/12/19 08:01:24 | 000,200,400 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
PRC - [2012/12/19 08:01:24 | 000,190,672 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Comodo\GeekBuddy\unit.exe
PRC - [2012/12/19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files\Common Files\Comodo\launcher_service.exe
PRC - [2012/12/04 12:31:12 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/11/26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012/11/07 23:37:38 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2012/11/07 23:37:12 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 14:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/10/25 04:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/14 22:31:36 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/06/14 22:31:32 | 000,178,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/05/07 12:35:56 | 001,273,856 | ---- | M] () -- C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
PRC - [2007/04/25 11:36:36 | 000,280,064 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
PRC - [2007/04/25 11:34:44 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/04/25 11:33:58 | 000,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 06:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/20 11:56:30 | 000,647,168 | ---- | M] () -- C:\Program Files\Steam\sdl.dll
MOD - [2012/12/20 11:54:20 | 020,320,240 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/12/20 11:54:05 | 000,969,280 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/12/20 11:54:05 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/12/20 11:54:05 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/12/20 11:54:04 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/05/07 12:35:56 | 001,273,856 | ---- | M] () -- C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
MOD - [2007/04/25 11:34:50 | 000,163,840 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2007/04/25 11:34:46 | 000,077,824 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2007/04/25 11:33:54 | 000,102,400 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2007/04/24 09:49:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Drivers\di2c.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/12/20 11:54:24 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/19 09:03:44 | 001,868,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/12/19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012/12/11 16:22:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012/11/09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/07 23:37:38 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/16 08:38:26 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/02/02 11:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009/10/23 11:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/14 22:31:36 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/04/25 11:34:44 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2006/09/11 18:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 18:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 17:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 17:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 01:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 11:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/12/04 03:41:28 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
DRV - [2012/11/07 23:37:46 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012/11/07 23:37:46 | 000,042,264 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/11/07 23:37:44 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/10/30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 18:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/04/06 19:05:05 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008/09/10 03:48:20 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/09/10 03:46:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/09/04 02:34:34 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/12/14 12:48:16 | 000,005,120 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2006/11/16 16:20:48 | 000,015,920 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{132E17CB-6EAE-4007-A88C-EC519C1996C2}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{35DB0B3F-2ADA-44EA-A9C4-5E27B681F1DA}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.st...q={searchTerms}
IE - HKCU\..\SearchScopes\{7246D1A0-6DC6-49F6-B5E1-820F3B98AAA9}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\..\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}: "URL" = http://websearch.ask...D8-6C4E331E6861
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: pbupload@photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:6.0.1203
FF - prefs.js..extensions.enabledAddons: fmconverter@gmail.com:1.0.0
FF - prefs.js..extensions.enabledAddons: preciseclearhistory@vano:1.2
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120515
FF - prefs.js..extensions.enabledAddons: superfish@superfish.com:1.2.0.16
FF - prefs.js..extensions.enabledItems: superfish@superfish.com:1.2.0.12
FF - prefs.js..extensions.enabledItems: pbupload@photobucket.com:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: fmconverter@gmail.com:1.0.0
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\13\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\vosz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\vosz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/22 19:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/12/13 22:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/12/26 10:23:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/14 16:14:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/14 16:14:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/14 16:14:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/14 16:14:35 | 000,000,000 | ---D | M]

[2011/01/19 21:59:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Extensions
[2012/10/20 11:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions
[2011/01/20 22:58:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/08 20:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASH
[2012/05/17 23:43:32 | 000,000,000 | ---D | M] (WOT) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/12 21:58:46 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/11/16 22:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\nostmp
[2011/10/16 17:14:13 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:creator="Matthew David Kesack" em:description="Upload images from the web directly to your Photobucket account." em:homepageURL="http://www.photobucket.com/" em:iconURL="chrome://photobucket/content/images/pb-logo.png" em:id="pbupload@photobucket.com" em:name="Photobucket Uploader" em:version="1.3.3">) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\pbupload@photobucket.com
[2012/07/19 20:49:08 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\superfish@superfish.com
[2012/04/30 10:29:31 | 000,006,962 | ---- | M] () (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\preciseclearhistory@vano.xpi
[2012/01/05 18:19:54 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/03/19 20:56:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/22 19:45:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/13 22:55:04 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX
[2012/06/16 08:38:27 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/06 20:58:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/13 18:17:29 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/06 20:58:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/09/17 12:32:55 | 000,001,467 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober692270.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\vosz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Missing e = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
CHR - Extension: WOT = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\
CHR - Extension: YouTube = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: AdBlock = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: avast! WebRep = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RSS Subscription Extension (by Google) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\
CHR - Extension: Tumblr Savior = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip\0.4.3_0\
CHR - Extension: Gmail = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/12/28 14:45:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Accelerator Plugin) - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\PeoplePC Accelerated\prpl_IePopupBlocker.dll (Propel Software Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [*CA] File not found
O4 - HKLM..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe (PC-Doctor, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} https://www.peoplepc...oad/ppcwebi.cab (PeoplePC Web Installer)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futur...eivers/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052}: NameServer = 207.69.188.185,207.69.188.186
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\vosz\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\vosz\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/11 16:20:00 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (?)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/30 01:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Comodo
[2012/12/30 00:38:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
[2012/12/29 20:35:00 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\Absolutist
[2012/12/29 20:34:59 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\NVIDIA
[2012/12/29 20:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\CruelGamesRedRidingHood
[2012/12/28 14:50:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/28 14:27:14 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/12/28 14:20:32 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\vosz\Desktop\tdsskiller.exe
[2012/12/28 14:20:19 | 005,014,093 | R--- | C] (Swearware) -- C:\Users\vosz\Desktop\ComboFix.exe
[2012/12/27 18:44:48 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\vosz\Desktop\dds.com
[2012/12/24 17:59:28 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\The Deadly Device
[2012/12/24 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nancy Drew Prerequisites
[2012/12/24 17:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Her Interactive
[2012/12/24 17:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Her Interactive
[2012/12/22 09:59:49 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/22 09:59:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/15 15:10:04 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\MysteryAgency
[2012/12/14 16:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/14 16:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/14 16:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/14 16:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/12/14 16:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/14 16:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/12/13 11:50:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/13 11:50:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/13 11:50:14 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/13 11:50:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/13 11:50:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/13 11:50:12 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/13 11:50:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/13 11:50:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/13 11:47:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/13 11:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/12/13 11:47:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/13 11:47:11 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/13 11:47:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/13 11:47:06 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/12 12:56:56 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/12 12:56:55 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/12 12:56:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012/12/12 12:56:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/07 18:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\GoldenTrails3TheGuardiansCreedPremiumEdition
[2012/12/06 16:20:51 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\DominiGames
[2012/12/04 12:56:56 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\island_tribe_4_realore_wild_tangent_en
[2012/12/04 03:41:28 | 000,035,064 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2012/12/03 13:53:09 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Local\Farmington Tales
[2012/12/01 20:15:45 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\MysteryAgencyII
[2012/12/01 12:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\IslandTribe4
[1 C:\Users\Public\Desktop\*.tmp files -> C:\Users\Public\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/30 01:20:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/30 01:20:06 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2012/12/30 01:20:06 | 000,001,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/30 01:20:06 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2012/12/30 01:16:33 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/30 01:16:33 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/30 01:16:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/30 01:16:19 | 3219,611,648 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/30 01:06:21 | 000,551,997 | ---- | M] () -- C:\Users\vosz\Desktop\adwcleaner.exe
[2012/12/30 01:01:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001UA.job
[2012/12/30 00:38:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
[2012/12/29 23:01:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001Core.job
[2012/12/29 16:57:56 | 000,642,906 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/29 16:57:56 | 000,120,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/28 14:45:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/12/28 14:21:21 | 005,014,093 | R--- | M] (Swearware) -- C:\Users\vosz\Desktop\ComboFix.exe
[2012/12/28 14:21:01 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\vosz\Desktop\tdsskiller.exe
[2012/12/27 18:45:35 | 000,856,731 | ---- | M] () -- C:\Users\vosz\Desktop\SecurityCheck.exe
[2012/12/27 18:44:53 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\vosz\Desktop\dds.com
[2012/12/24 17:57:44 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Play The Deadly Device.lnk
[2012/12/24 17:57:44 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\Her Interactive.com.lnk
[2012/12/22 16:58:33 | 000,384,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/19 20:13:04 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2012/12/16 08:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/16 05:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/14 16:32:00 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/13 12:05:04 | 000,002,039 | ---- | M] () -- C:\Users\vosz\Desktop\Google Chrome.lnk
[2012/12/13 12:05:04 | 000,002,001 | ---- | M] () -- C:\Users\vosz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/11 16:22:09 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/11 16:22:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/12/09 16:41:19 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForvosz.job
[2012/12/04 03:41:28 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[1 C:\Users\Public\Desktop\*.tmp files -> C:\Users\Public\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/30 01:20:06 | 000,001,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/30 01:05:46 | 000,551,997 | ---- | C] () -- C:\Users\vosz\Desktop\adwcleaner.exe
[2012/12/27 18:45:22 | 000,856,731 | ---- | C] () -- C:\Users\vosz\Desktop\SecurityCheck.exe
[2012/12/24 17:57:44 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Play The Deadly Device.lnk
[2012/12/24 17:57:44 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\Her Interactive.com.lnk
[2012/12/13 11:47:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/13 11:47:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/09 12:15:50 | 000,002,880 | ---- | C] () -- C:\Users\vosz\.recently-used.xbel
[2012/08/26 13:24:31 | 000,000,032 | ---- | C] () -- C:\Users\vosz\jagex_cl_runescape_LIVE.dat
[2012/07/01 09:43:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/01 09:43:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/01 09:43:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/01 09:43:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/01 09:43:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/27 09:08:17 | 000,000,000 | ---- | C] () -- C:\Users\vosz\jagex__preferences3.dat
[2010/01/19 14:20:57 | 000,088,176 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/19 14:20:57 | 000,088,176 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/18 11:40:50 | 000,000,129 | ---- | C] () -- C:\Users\vosz\jagex_runescape_preferences2.dat
[2009/10/18 11:39:54 | 000,000,046 | ---- | C] () -- C:\Users\vosz\jagex_runescape_preferences.dat
[2009/08/19 16:24:34 | 000,000,092 | ---- | C] () -- C:\Users\vosz\AppData\Local\fusioncache.dat
[2008/11/01 10:59:17 | 000,009,268 | ---- | C] () -- C:\Users\vosz\AppData\Local\d3d9caps.dat
[2007/10/29 09:51:26 | 000,028,810 | ---- | C] () -- C:\Users\vosz\AppData\Roaming\wklnhst.dat
[2007/10/26 19:39:54 | 000,026,340 | ---- | C] () -- C:\Users\vosz\AppData\Roaming\UserTile.png
[2007/10/22 09:04:44 | 000,026,112 | ---- | C] () -- C:\Users\vosz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/12/28 15:38:03 | 000,026,899 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012/12/30 01:13:45 | 000,027,202 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2007/09/11 16:20:00 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/09/11 16:41:49 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/12/28 14:50:06 | 000,020,524 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009/07/22 17:49:32 | 000,000,745 | ---- | M] () -- C:\deltaStartup.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/12/30 01:16:19 | 3219,611,648 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/05/20 16:29:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/11/19 15:38:09 | 000,008,455 | ---- | M] () -- C:\JavaRa.log
[2008/05/20 16:29:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/11/08 12:31:32 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2008/11/08 12:31:32 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2008/11/08 12:31:32 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2008/11/08 12:31:32 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TM.blf
[2008/11/08 12:31:32 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TMContainer00000000000000000001.regtrans-ms
[2008/11/08 12:31:32 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TMContainer00000000000000000002.regtrans-ms
[2012/12/30 01:16:16 | 3533,451,264 | -HS- | M] () -- C:\pagefile.sys
[2007/10/22 15:01:25 | 000,000,173 | ---- | M] () -- C:\pdisdk.log
[2012/12/28 15:37:04 | 000,128,330 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_28.12.2012_15.35.31_log.txt
[2008/11/06 13:39:20 | 000,000,011 | ---- | M] () -- C:\trace.ini
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\*.* /mp /s >
[2005/09/22 23:07:24 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\atl80.dll
[2012/10/30 18:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2008/01/19 02:33:01 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012/12/30 01:16:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/31 15:05:27 | 000,024,064 | ---- | M] (Inprise Corporation) -- C:\Windows\borlndmm.dll
[2009/08/27 23:46:52 | 000,000,000 | ---- | M] () -- C:\Windows\CastleMalloy.INI
[2009/05/31 15:05:28 | 000,738,816 | ---- | M] (CodeGear) -- C:\Windows\cc3280mt.dll
[2007/09/11 15:56:01 | 000,000,012 | ---- | M] () -- C:\Windows\csup.txt
[2009/12/30 00:15:49 | 000,000,000 | ---- | M] () -- C:\Windows\Curses.INI
[2008/11/28 10:55:27 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2005/08/26 13:27:58 | 000,045,056 | ---- | M] () -- C:\Windows\devenum.exe
[2007/09/11 16:05:26 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2012/12/24 17:58:02 | 000,277,890 | ---- | M] () -- C:\Windows\DirectX.log
[2010/07/15 17:57:27 | 000,000,285 | ---- | M] () -- C:\Windows\DXError.log
[2008/11/06 13:38:19 | 000,000,384 | ---- | M] () -- C:\Windows\err.txt
[2012/03/14 12:54:32 | 000,057,237 | ---- | M] () -- C:\Windows\Escape The Museum 2 Uninstall Log.txt
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2008/01/19 02:33:11 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\fveupdate.exe
[2009/07/08 22:24:43 | 000,000,000 | ---- | M] () -- C:\Windows\Game.INI
[2005/04/08 12:46:02 | 001,645,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\gdiplus.dll
[2000/08/30 19:00:00 | 000,080,412 | ---- | M] () -- C:\Windows\grep.exe
[2008/01/19 02:33:11 | 000,498,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\HelpPane.exe
[2006/11/02 04:45:13 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\hh.exe
[2007/09/11 16:05:25 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2006/09/19 06:41:44 | 000,008,328 | ---- | M] () -- C:\Windows\HomePremium.xml
[2008/01/14 15:47:06 | 000,099,712 | ---- | M] () -- C:\Windows\HPBroker.dll
[2007/10/16 09:29:08 | 000,040,960 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\hpmonZ.exe
[2010/10/12 12:48:12 | 000,139,775 | ---- | M] () -- C:\Windows\hpoins15.dat
[2011/01/23 09:30:49 | 000,148,964 | ---- | M] () -- C:\Windows\hpoins19.dat
[2007/06/05 18:04:20 | 000,001,039 | ---- | M] () -- C:\Windows\hpomdl15.dat
[2007/03/13 14:52:57 | 000,026,952 | ---- | M] () -- C:\Windows\hpomdl19.dat
[2009/06/16 15:35:29 | 000,000,000 | ---- | M] () -- C:\Windows\hpqEmlSz.INI
[2007/09/11 16:12:11 | 000,107,026 | ---- | M] () -- C:\Windows\hpqins13.dat
[2011/04/10 09:19:07 | 000,002,856 | ---- | M] () -- C:\Windows\IE9_main.log
[2001/06/01 08:26:00 | 000,372,736 | ---- | M] (Intel Corporation) -- C:\Windows\ijl15.dll
[2005/08/26 13:28:18 | 000,005,694 | ---- | M] () -- C:\Windows\ispro.ico
[1998/10/29 16:45:06 | 000,306,688 | ---- | M] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010/11/07 12:20:24 | 000,208,896 | ---- | M] () -- C:\Windows\MBR.exe
[2012/08/11 08:04:07 | 192,560,282 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2002/01/05 04:48:16 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\mfc70.dll
[2005/09/23 01:16:14 | 001,093,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\mfc80.dll
[2005/09/23 01:16:14 | 001,079,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\mfc80u.dll
[2005/09/23 06:56:56 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\mfcm80.dll
[2005/09/23 06:56:34 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\mfcm80u.dll
[2006/11/02 02:46:49 | 000,043,131 | ---- | M] () -- C:\Windows\mib.bin
[2005/09/22 23:22:44 | 000,000,456 | ---- | M] () -- C:\Windows\Microsoft.VC80.ATL.manifest
[2005/09/22 23:22:40 | 000,000,522 | ---- | M] () -- C:\Windows\Microsoft.VC80.CRT.manifest
[2005/09/23 00:37:00 | 000,000,550 | ---- | M] () -- C:\Windows\Microsoft.VC80.MFC.manifest
[2006/09/18 16:30:37 | 000,001,405 | ---- | M] () -- C:\Windows\msdfmap.ini
[2004/08/04 00:56:44 | 001,392,671 | ---- | M] (Microsof

Edited by Mahvra, 30 December 2012 - 11:32 AM.


#12 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 11:31 AM

[2007/10/24 20:20:34 | 000,000,248 | ---- | M] () -- C:\Windows\RomeTW.ini
[2007/10/25 04:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2009/05/31 15:05:28 | 000,853,504 | ---- | M] (CodeGear) -- C:\Windows\rtl100.bpl
[2007/01/12 11:54:44 | 000,520,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2007/07/26 09:06:22 | 001,191,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
[2010/09/04 18:27:53 | 000,000,000 | ---- | M] () -- C:\Windows\Secrets.INI
[2000/08/30 19:00:00 | 000,098,816 | ---- | M] () -- C:\Windows\sed.exe
[2012/12/08 11:16:55 | 000,010,710 | ---- | M] () -- C:\Windows\setupact.log
[2010/01/08 05:50:59 | 000,000,000 | ---- | M] () -- C:\Windows\setuperr.log
[2010/11/10 17:00:46 | 000,000,000 | ---- | M] () -- C:\Windows\Shadow.INI
[2005/08/26 13:28:20 | 000,024,576 | ---- | M] () -- C:\Windows\shortcut.exe
[2000/08/30 19:00:00 | 000,518,144 | ---- | M] (SteelWerX) -- C:\Windows\SWREG.exe
[2000/08/30 19:00:00 | 000,406,528 | ---- | M] (SteelWerX) -- C:\Windows\SWSC.exe
[2000/08/30 19:00:00 | 000,212,480 | ---- | M] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2012/12/28 14:45:49 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2006/11/02 07:34:41 | 000,094,784 | ---- | M] (Twain Working Group) -- C:\Windows\twain.dll
[2006/11/02 07:34:41 | 000,050,688 | ---- | M] (Twain Working Group) -- C:\Windows\twain_32.dll
[2010/07/13 15:19:56 | 000,000,000 | ---- | M] () -- C:\Windows\Twister.INI
[2007/03/12 03:35:12 | 000,012,288 | R--- | M] (Hewlett-Packard Company) -- C:\Windows\Twunk_16.dll
[2006/11/02 07:34:41 | 000,049,680 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_16.exe
[2007/03/12 03:35:12 | 000,012,288 | R--- | M] (Hewlett-Packard Company) -- C:\Windows\Twunk_32.dll
[2006/11/02 07:34:41 | 000,031,232 | ---- | M] (Twain Working Group) -- C:\Windows\twunk_32.exe
[2005/08/26 13:28:34 | 000,143,360 | ---- | M] () -- C:\Windows\unzip.exe
[2009/05/31 15:05:29 | 001,874,944 | ---- | M] (CodeGear) -- C:\Windows\vcl100.bpl
[2009/11/07 00:03:14 | 000,000,000 | ---- | M] () -- C:\Windows\Waverly.INI
[2012/10/11 16:08:36 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini
[2008/10/15 22:00:19 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2012/12/30 01:23:21 | 002,028,392 | ---- | M] () -- C:\Windows\WindowsUpdate.log
[2006/09/18 16:43:37 | 000,256,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhelp.exe
[2006/11/02 04:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\winhlp32.exe
[2006/11/02 07:35:57 | 000,316,640 | ---- | M] () -- C:\Windows\WMSysPr9.prx
[2000/08/30 19:00:00 | 000,068,096 | ---- | M] () -- C:\Windows\zip.exe
[2006/09/18 16:43:58 | 000,000,707 | ---- | M] () -- C:\Windows\_default.pif
[2011/03/03 10:40:04 | 002,159,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcGenral.dll
[2011/03/03 10:40:05 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
[2008/01/19 02:33:41 | 000,237,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcRedir.dll
[2006/11/02 02:11:38 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcRes.dll
[2011/03/03 10:40:05 | 000,458,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcSpecfc.dll
[2011/03/03 10:40:07 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcXtrnal.dll
[2009/04/11 01:28:17 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\apihex86.dll
[2011/03/03 06:05:08 | 000,088,564 | ---- | M] () -- C:\Windows\AppPatch\drvmain.sdb
[2008/10/31 22:44:36 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\iebrshim.dll
[2011/03/03 06:05:08 | 001,617,202 | ---- | M] () -- C:\Windows\AppPatch\msimain.sdb
[2011/03/03 06:03:24 | 000,022,982 | ---- | M] () -- C:\Windows\AppPatch\pcamain.sdb
[2011/03/03 06:05:07 | 003,370,866 | ---- | M] () -- C:\Windows\AppPatch\sysmain.sdb
[2008/01/19 02:47:56 | 000,299,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\en-US\AcRes.dll.mui
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2010/11/27 11:39:01 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\PublisherPolicy.tme
[2009/07/31 13:48:06 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\pubpol20.dat
[2010/11/27 11:39:01 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\pubpol30.dat
[2009/08/19 16:22:57 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
[2009/08/19 16:23:47 | 000,000,204 | ---- | M] () -- C:\Windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2007/09/11 16:06:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC\AlertAddin\1.0.0.0__e371ac057e309d55\AlertAddin.dll
[2007/09/11 16:06:18 | 000,000,198 | ---- | M] () -- C:\Windows\assembly\GAC\AlertAddin\1.0.0.0__e371ac057e309d55\__AssemblyInfo__.ini
[2009/08/19 16:22:55 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
[2009/08/19 16:23:46 | 000,000,200 | ---- | M] () -- C:\Windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:57 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2009/08/19 16:23:47 | 000,000,207 | ---- | M] () -- C:\Windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:48 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
[2009/08/21 08:15:48 | 000,000,278 | ---- | M] () -- C:\Windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
[2009/08/21 08:15:54 | 000,000,266 | ---- | M] () -- C:\Windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:57 | 000,004,608 | ---- | M] () -- C:\Windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
[2009/08/19 16:23:49 | 000,000,198 | ---- | M] () -- C:\Windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2007/09/11 16:06:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.CCU_UIMgr\1.0.0.0__933db64ff4be54c5\Interop.CCU_Uimgr.dll
[2007/09/11 16:06:18 | 000,000,205 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.CCU_UIMgr\1.0.0.0__933db64ff4be54c5\__AssemblyInfo__.ini
[2009/08/19 16:22:57 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2009/08/19 16:23:49 | 000,000,202 | ---- | M] () -- C:\Windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2012/11/09 18:21:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
[2012/11/09 18:21:41 | 000,000,308 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:41 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
[2012/11/09 18:21:41 | 000,000,294 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:41 | 000,473,600 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
[2012/11/09 18:21:41 | 000,000,288 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:14 | 002,676,224 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:14 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:23 | 002,846,720 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:23 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:32 | 000,563,712 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:32 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:36 | 000,567,296 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:36 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:36 | 000,576,000 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:36 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:37 | 000,577,024 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:37 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:38 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:38 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:38 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:38 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:39 | 000,578,560 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:39 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:42 | 000,578,560 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2012/11/09 18:21:42 | 000,000,290 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:43 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
[2012/11/09 18:21:43 | 000,000,292 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:43 | 000,159,232 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
[2012/11/09 18:21:43 | 000,000,294 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:44 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
[2012/11/09 18:21:44 | 000,000,292 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:44 | 000,178,176 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
[2012/11/09 18:21:44 | 000,000,294 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2012/11/09 18:21:40 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
[2012/11/09 18:21:40 | 000,000,270 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2006/11/02 07:56:41 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll
[2006/11/02 07:56:41 | 000,000,325 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2006/11/02 07:56:41 | 000,516,096 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll
[2006/11/02 07:56:41 | 000,000,328 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini
[2009/08/21 08:15:59 | 000,720,896 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
[2009/08/21 08:15:59 | 000,000,288 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:54 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
[2009/08/19 16:23:46 | 000,000,216 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:54 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
[2009/08/21 08:15:54 | 000,000,296 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:55 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
[2009/08/19 16:23:46 | 000,000,208 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:55 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
[2009/08/19 16:23:40 | 000,000,224 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
[2009/08/19 16:23:46 | 000,000,204 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:54 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
[2009/08/19 16:23:45 | 000,000,206 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:57 | 001,564,672 | ---- | M] () -- C:\Windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
[2009/08/19 16:23:49 | 000,000,199 | ---- | M] () -- C:\Windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:57 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
[2009/08/21 08:15:57 | 000,000,268 | ---- | M] () -- C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:57 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
[2009/08/19 16:23:47 | 000,000,219 | ---- | M] () -- C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:56 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
[2009/08/21 08:15:56 | 000,000,302 | ---- | M] () -- C:\Windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2009/08/21 08:15:58 | 001,294,336 | ---- | M] () -- C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
[2009/08/21 08:15:58 | 000,000,276 | ---- | M] () -- C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2009/08/21 08:15:48 | 001,703,936 | ---- | M] () -- C:\Windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
[2009/08/21 08:15:48 | 000,000,280 | ---- | M] () -- C:\Windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:58 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
[2009/08/21 08:15:58 | 000,000,302 | ---- | M] () -- C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/19 16:22:58 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
[2009/08/19 16:23:47 | 000,000,212 | ---- | M] () -- C:\Windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2012/04/13 10:18:07 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
[2012/04/13 10:18:07 | 000,000,282 | ---- | M] () -- C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:54 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2009/08/21 08:15:54 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
[2009/08/21 08:15:54 | 000,000,304 | ---- | M] () -- C:\Windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:57 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
[2009/08/21 08:15:57 | 000,000,288 | ---- | M] () -- C:\Windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:59 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
[2009/08/21 08:15:59 | 000,000,286 | ---- | M] () -- C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:56 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
[2009/08/21 08:15:56 | 000,000,300 | ---- | M] () -- C:\Windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2009/08/21 08:15:55 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009/08/21 08:15:55 | 000,000,342 | ---- | M] () -- C:\Windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2012/01/11 00:15:36 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
[2012/01/11 00:15:36 | 000,000,284 | ---- | M] () -- C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:58 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
[2009/08/21 08:15:58 | 000,000,296 | ---- | M] () -- C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:46 | 000,819,200 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
[2009/08/21 08:15:46 | 000,000,288 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:54 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
[2009/08/21 08:15:54 | 000,000,312 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2009/08/21 08:15:50 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
[2009/08/21 08:15:50 | 000,000,292 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2012/01/11 00:15:37 | 001,269,760 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
[2012/01/11 00:15:37 | 000,000,274 | ---- | M] () -- C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2012/01/11 00:15:35 | 002,064,384 | ---- | M] () -- C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
[2012/01/11 00:15:35 | 000,000,294 | ---- | M] () -- C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2009/08/21 08:15:57 | 001,339,392 | ---- | M] () -- C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
[2009/08/21 08:15:57 | 000,000,274 | ---- | M] () -- C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2012/01/11 00:15:38 | 001,232,896 | ---- | M] () -- C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
[2012/01/11 00:15:38 | 000,000,266 | ---- | M] () -- C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini
[2009/04/11 01:29:29 | 000,144,384 | ---- | M] () -- C:\Windows\assembly\GAC_32\BDATunePIA\6.0.6000.0__31bf3856ad364e35\BDATunePIA.dll
[2010/11/27 11:38:29 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\GAC_32\cli_cppuhelper\1.0.20.0__ce2cb7e279207b9e\cli_cppuhelper.dll
[2009/03/29 23:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2009/03/29 23:42:12 | 000,072,192 | ---- | M] () -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2009/04/11 01:31:12 | 000,079,872 | ---- | M] () -- C:\Windows\assembly\GAC_32\mcstoredb\6.0.6000.0__31bf3856ad364e35\mcstoredb.dll
[2009/04/11 01:31:12 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\GAC_32\mcupdate\6.0.6000.0__31bf3856ad364e35\mcupdate.exe
[2009/04/11 01:31:12 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_32\Mcx2Dvcs\6.0.6000.0__31bf3856ad364e35\Mcx2Dvcs.dll
[2009/04/11 01:31:17 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2006/11/02 04:47:01 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2009/02/18 13:38:42 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2006/09/18 16:32:28 | 000,066,728 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2006/09/18 16:32:28 | 000,082,172 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2006/09/18 16:32:39 | 000,116,756 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2012/08/31 06:01:10 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2006/09/18 16:32:52 | 000,059,342 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2006/09/18 16:32:52 | 000,045,794 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2006/09/18 16:32:52 | 000,039,284 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2006/09/18 16:32:52 | 000,066,384 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2006/09/18 16:32:52 | 000,060,294 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2006/09/18 16:32:52 | 000,083,748 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2006/09/18 16:32:52 | 000,083,748 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2006/09/18 16:32:53 | 000,262,148 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2006/09/18 16:32:53 | 000,020,320 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2006/09/18 16:33:03 | 000,028,288 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2008/01/19 02:38:44 | 000,046,080 | ---- | M] () -- C:\Windows\assembly\GAC_32\napcrypt\6.0.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2008/01/19 02:38:45 | 000,103,936 | ---- | M] () -- C:\Windows\assembly\GAC_32\naphlpr\6.0.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2010/11/27 11:38:32 | 000,000,382 | ---- | M] () -- C:\Windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\20.0.0.0__ce2cb7e279207b9e\cli_cppuhelper.config
[2010/11/27 11:38:32 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\20.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
[2006/11/02 07:35:24 | 000,000,446 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
[2006/11/02 07:35:24 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
[2006/09/18 16:34:47 | 000,000,494 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2006/11/02 04:47:07 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2006/09/18 16:34:47 | 000,000,494 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2006/11/02 04:47:07 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2006/11/02 07:35:24 | 000,000,446 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
[2006/11/02 07:35:24 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.0.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
[2012/02/13 06:02:04 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2008/06/16 17:18:54 | 000,000,161 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2012/02/13 06:02:19 | 001,736,984 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2009/03/29 23:42:17 | 000,486,400 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2009/03/29 23:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2009/03/29 23:42:18 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2009/04/10 21:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2012/02/13 06:02:14 | 000,368,640 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009/03/29 23:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2011/12/26 21:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
[2009/03/29 23:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
[2009/03/29 23:42:10 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
[2010/11/27 11:38:17 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\cli_basetypes\1.0.17.0__ce2cb7e279207b9e\cli_basetypes.dll
[2010/11/27 11:38:29 | 000,856,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\cli_oootypes\1.0.6.0__ce2cb7e279207b9e\cli_oootypes.dll
[2010/11/27 11:38:17 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\cli_ure\1.0.20.0__ce2cb7e279207b9e\cli_ure.dll
[2010/11/27 11:38:17 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\cli_uretypes\1.0.6.0__ce2cb7e279207b9e\cli_uretypes.dll
[2009/02/18 13:38:41 | 000,166,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
[2009/03/29 23:42:11 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
[2009/03/29 23:42:12 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
[2006/11/02 07:35:34 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehCIR\6.0.6000.0__31bf3856ad364e35\ehCIR.dll
[2010/04/14 15:41:44 | 000,839,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll
[2008/01/19 02:38:16 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehepgdat\6.0.6000.0__31bf3856ad364e35\ehepgdat.dll
[2006/11/02 07:35:34 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehExtCOM\6.0.6000.0__31bf3856ad364e35\ehExtCOM.dll
[2009/04/11 01:30:19 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe
[2007/11/17 09:49:05 | 000,000,806 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe.config
[2006/11/02 07:35:28 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiExtCOM\6.0.6000.0__31bf3856ad364e35\ehiExtCOM.dll
[2006/11/02 07:35:28 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll
[2006/11/02 07:35:29 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiPlay\6.0.6000.0__31bf3856ad364e35\ehiPlay.dll
[2008/01/19 02:38:18 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiProxy\6.0.6000.0__31bf3856ad364e35\ehiProxy.dll
[2008/01/19 02:38:18 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiReplay\6.0.6000.0__31bf3856ad364e35\ehiReplay.dll
[2006/11/02 07:35:34 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiUserXp\6.0.6000.0__31bf3856ad364e35\ehiUserXp.dll
[2008/01/19 02:38:19 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.0.6000.0__31bf3856ad364e35\ehiVidCtl.dll
[2008/01/19 02:38:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiwmp\6.0.6000.0__31bf3856ad364e35\ehiwmp.dll
[2006/11/02 07:35:29 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehiWUapi\6.0.6000.0__31bf3856ad364e35\ehiWUapi.dll
[2010/04/14 15:42:14 | 000,532,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll
[2010/04/14 15:42:21 | 004,059,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll
[2009/04/11 01:38:06 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.0.0.0_en_31bf3856ad364e35\EventViewer.resources.dll
[2008/01/19 02:38:21 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\EventViewer\6.0.0.0__31bf3856ad364e35\EventViewer.dll
[2007/09/11 16:08:15 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
[2009/03/29 23:42:12 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
[2009/03/29 23:42:12 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
[2009/03/29 23:42:12 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
[2006/11/02 07:35:34 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\loadmxf\6.0.6000.0__31bf3856ad364e35\loadmxf.exe
[2010/04/14 15:42:56 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll
[2009/10/12 16:59:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
[2009/10/09 16:57:42 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
[2009/04/16 00:07:44 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
[2009/03/29 23:42:12 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
[2009/04/16 00:07:44 | 000,733,184 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
[2009/03/29 23:42:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
[2009/04/16 00:07:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
[2009/04/16 00:07:45 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
[2009/03/29 23:42:13 | 000,655,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
[2009/04/16 00:07:46 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
[2009/03/29 23:42:13 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
[2006/11/02 07:41:30 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.0.0.0_en_31bf3856ad364e35\Microsoft.Ink.Resources.dll
[2012/08/31 06:00:52 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
[2006/11/02 07:40:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_en_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
[2009/04/11 01:31:19 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll
[2010/04/14 15:43:18 | 001,249,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll
[2008/01/19 02:38:36 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll
[2010/04/14 15:43:21 | 001,970,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll
[2010/04/14 15:43:15 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
[2009/10/12 16:59:59 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
[2009/10/09 16:57:43 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
[2009/10/12 16:59:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll
[2009/10/09 16:57:44 | 000,262,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
[2009/10/12 16:59:59 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll
[2009/10/09 16:57:43 | 000,618,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
[2009/10/12 16:59:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll
[2009/10/09 16:57:43 | 000,200,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
[2009/10/12 16:59:59 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.Resources.dll
[2009/10/09 16:57:44 | 000,991,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
[2009/10/12 16:59:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll
[2009/10/09 16:57:43 | 000,651,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
[2009/10/12 16:59:59 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll
[2009/10/09 16:57:43 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
[2009/10/12 16:59:59 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll
[2009/10/09 16:57:44 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
[2008/01/19 02:49:03 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.0.0.0_en_31bf3856ad364e35\microsoft.tpm.resources.dll
[2006/11/02 04:47:02 | 000,200,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\6.0.0.0__31bf3856ad364e35\Microsoft.Tpm.dll
[2009/02/18 13:38:42 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
[2009/03/29 23:42:13 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
[2009/03/29 23:42:13 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
[2009/03/29 23:42:13 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
[2009/03/29 23:42:13 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
[2009/04/16 00:07:44 | 000,041,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
[2008/07/27 13:03:12 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
[2009/03/29 23:42:13 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
[2009/03/29 23:42:13 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
[2009/10/12 16:59:59 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
[2009/10/09 16:57:43 | 000,274,432 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
[2009/10/09 16:57:43 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
[2008/07/27 13:03:12 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll

#13 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 11:32 AM

[2008/01/19 02:49:05 | 001,499,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_en_31bf3856ad364e35\MIGUIControls.resources.dll
[2009/04/11 01:31:25 | 003,375,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll
[2006/11/02 07:40:50 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll
[2009/04/11 01:31:25 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
[2008/01/19 02:49:05 | 000,004,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_en_31bf3856ad364e35\MMCFxCommon.Resources.dll
[2009/04/11 01:31:26 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MMCFxCommon\3.0.0.0__31bf3856ad364e35\MMCFxCommon.dll
[2006/11/02 07:41:24 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\napinit.resources\6.0.0.0_en_31bf3856ad364e35\napinit.Resources.dll
[2008/01/19 02:38:45 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\napinit\6.0.0.0__31bf3856ad364e35\NAPINIT.DLL
[2009/04/11 01:38:24 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\napsnap.resources\6.0.0.0_en_31bf3856ad364e35\napsnap.resources.dll
[2008/01/19 02:38:45 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\napsnap\6.0.0.0__31bf3856ad364e35\NAPSNAP.DLL
[2006/11/02 04:47:04 | 000,991,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Narrator\6.0.0.0__31bf3856ad364e35\Narrator.exe
[2007/09/11 15:58:21 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PicassoAddIn\6.0.6000.0__5f1145cef3f48585\PicassoAddIn.dll
[2010/11/27 11:38:17 | 000,000,381 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\17.0.0.0__ce2cb7e279207b9e\cli_basetypes.config
[2010/11/27 11:38:17 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\17.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
[2010/11/27 11:38:32 | 000,000,378 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\6.0.0.0__ce2cb7e279207b9e\cli_oootypes.config
[2010/11/27 11:38:32 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\6.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
[2010/11/27 11:38:17 | 000,000,375 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_ure\20.0.0.0__ce2cb7e279207b9e\cli_ure.config
[2010/11/27 11:38:17 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_ure\20.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
[2010/11/27 11:38:17 | 000,000,378 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\6.0.0.0__ce2cb7e279207b9e\cli_uretypes.config
[2010/11/27 11:38:17 | 000,003,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\6.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
[2009/02/18 13:39:17 | 000,598,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
[2009/02/18 13:39:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
[2009/02/18 13:39:20 | 000,043,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
[2009/02/18 13:39:17 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
[2009/02/18 13:39:17 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
[2009/02/18 13:39:18 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
[2009/02/18 13:39:18 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
[2012/02/13 06:02:09 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
[2009/02/18 13:39:20 | 000,864,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
[2012/02/13 06:02:13 | 000,532,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
[2009/04/16 00:07:46 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
[2009/02/18 13:38:42 | 000,154,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe
[2010/04/12 07:21:14 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
[2009/02/18 13:38:43 | 000,129,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
[2006/11/02 07:35:33 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SonicMCEBurnEngine\6.0.6000.0__31bf3856ad364e35\SonicMCEBurnEngine.dll
[2009/03/29 23:42:17 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
[2009/04/16 00:07:46 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
[2012/05/13 10:27:19 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
[2009/04/16 00:07:51 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
[2009/03/29 23:42:17 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
[2009/03/29 23:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
[2009/04/16 00:07:47 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
[2009/04/16 00:07:47 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
[2009/04/16 00:07:47 | 000,229,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
[2009/04/16 00:07:47 | 002,879,488 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
[2009/04/16 00:07:44 | 000,684,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
[2009/04/16 00:08:49 | 000,294,912 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
[2009/04/16 00:07:43 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
[2009/04/16 00:08:49 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
[2009/03/29 23:42:18 | 000,745,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
[2009/03/29 23:42:18 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
[2012/03/22 06:02:33 | 005,062,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
[2009/04/16 00:07:44 | 000,286,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
[2009/03/29 23:42:18 | 000,188,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
[2009/03/29 23:42:18 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
[2009/03/29 23:42:18 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
[2012/04/23 06:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
[2009/02/18 13:38:39 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
[2010/04/12 07:20:59 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
[2009/02/18 13:38:39 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
[2009/10/12 16:59:59 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.Resources.dll
[2009/10/09 16:57:45 | 002,682,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
[2009/04/16 00:07:49 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
[2009/03/29 23:42:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
[2009/03/29 23:42:18 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
[2009/04/16 00:07:51 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
[2009/03/29 23:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
[2009/03/29 23:42:19 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/04/12 07:21:01 | 000,970,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2010/03/04 07:53:19 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
[2009/02/18 13:38:44 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
[2010/04/12 07:21:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
[2009/04/16 00:07:43 | 000,569,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
[2010/04/12 07:21:06 | 005,967,872 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
[2009/03/29 23:42:19 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
[2008/01/05 06:21:55 | 000,688,128 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
[2009/04/16 00:07:52 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
[2009/04/16 00:07:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
[2009/04/16 00:08:50 | 000,229,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
[2009/04/16 00:07:49 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
[2009/04/16 00:08:49 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
[2009/04/16 00:07:53 | 000,335,872 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
[2012/01/11 00:16:12 | 001,277,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
[2009/03/29 23:42:19 | 000,835,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
[2009/03/29 23:42:19 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
[2009/04/16 00:07:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
[2009/03/29 23:42:19 | 000,839,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
[2012/03/22 06:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
[2009/04/16 00:07:50 | 000,012,288 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
[2009/02/18 13:39:28 | 001,138,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
[2009/02/18 13:39:29 | 001,630,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
[2009/02/18 13:39:29 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
[2009/04/16 00:07:43 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
[2009/04/16 00:07:50 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
[2009/03/29 23:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
[2012/08/31 06:02:46 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
[2006/11/02 07:41:20 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.0.0.0_en_31bf3856ad364e35\TaskScheduler.resources.dll
[2008/01/19 02:39:26 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\TaskScheduler\6.0.0.0__31bf3856ad364e35\TaskScheduler.dll
[2009/02/18 13:39:19 | 000,167,936 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
[2009/02/18 13:39:19 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
[2009/02/18 13:39:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
[2009/02/18 13:39:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
[2012/02/13 06:02:15 | 001,249,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
[2009/02/18 13:39:19 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
[2009/02/18 13:38:45 | 000,150,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe
[2012/06/14 17:03:25 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\indexb08.dat
[2012/11/16 16:21:20 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\indexbd1.dat
[2012/11/16 16:21:22 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\indexbd2.dat
[2012/05/13 11:16:08 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
[2012/11/16 16:15:20 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\79f3661da2402c72b0bba0de1e55f4d1\Accessibility.ni.dll
[2012/11/16 16:15:21 | 000,842,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\1adbb80699dfa0b96db96d8872887010\AspNetMMCExt.ni.dll
[2012/06/14 17:00:51 | 000,842,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\1d74ae2dcd7231c5d122126f3e8e18a2\AspNetMMCExt.ni.dll
[2012/06/14 17:01:24 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AxInterop.Shockwave#\0d4bcdd78cc517642a176038a8a3881f\AxInterop.ShockwaveFlashObjects.ni.dll
[2012/11/16 16:16:15 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\AxInterop.Shockwave#\584e1f95ee2e5902601acfd702b751ba\AxInterop.ShockwaveFlashObjects.ni.dll
[2012/05/13 11:16:15 | 000,072,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BackWeb\50d116e95a4221fface70ef4977ef4ff\BackWeb.ni.dll
[2012/11/16 16:15:27 | 000,072,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BackWeb\d4ed66f511fb006c11781b4c0a813eb6\BackWeb.ni.dll
[2012/05/13 11:16:10 | 000,386,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e20f2a67e463b0096433b4473c5aedfe\BDATunePIA.ni.dll
[2012/11/16 16:15:22 | 000,386,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e8b775f784da336042b0ace0169a341e\BDATunePIA.ni.dll
[2012/05/13 11:16:15 | 000,058,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CeeWrtier\15d884476464af2edf8f3021786ad7da\CeeWrtier.ni.dll
[2012/11/16 16:15:28 | 000,058,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CeeWrtier\40b7f4a93a7e1df263d7cf4f576f4d9d\CeeWrtier.ni.dll
[2012/05/13 11:17:44 | 000,410,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\b434a5d366e71df6c19d51bfab284ed8\ComSvcConfig.ni.exe
[2012/11/16 16:17:06 | 000,410,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\bd03b7af21de68e981fa79f32e131b8d\ComSvcConfig.ni.exe
[2012/05/13 11:16:16 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Content\5202c139def1a20082998a972193a8d5\Content.ni.dll
[2012/11/16 16:15:29 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Content\ac9abc4d44dbfed5c8d0a18a20531dd6\Content.ni.dll
[2012/11/16 16:16:20 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\42c233e3c221682cfc56eb6eef4f401d\CustomMarshalers.ni.dll
[2012/05/13 11:17:05 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\8455a2be044530a091b714f5a6415d6b\CustomMarshalers.ni.dll
[2012/05/13 11:18:10 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\dfsvc\005dde0bf145dbbd30b5e832feb956e9\dfsvc.ni.exe
[2012/11/16 16:17:42 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d6892b408413fae7e056f33349413ad7\dfsvc.ni.exe
[2012/05/13 11:18:11 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehCIR\2794be5c73dd6a6efe1ec1c5e8396024\ehCIR.ni.dll
[2012/11/16 16:17:43 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehCIR\d881669197e0ee257d5b341e003793c9\ehCIR.ni.dll
[2012/05/13 11:18:14 | 002,130,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepg\00d9844d50e9752452263da331a3fd8c\ehepg.ni.dll
[2012/11/16 16:17:46 | 002,130,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepg\1add8ef2a60f2f370986aa336b18c25e\ehepg.ni.dll
[2012/05/13 11:18:19 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\7bb80e892853c7ddec7925a7278c03ea\ehepgdat.ni.dll
[2012/11/16 16:17:54 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\9a1f3ce1d42d978f035c1212645a8e78\ehepgdat.ni.dll
[2012/11/16 16:17:59 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\24786dfc1ebc5693e9f597d925aafb2a\ehExtCOM.ni.dll
[2012/05/13 11:18:20 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\8122af1ab8c449705ced9e8844f002bd\ehExtCOM.ni.dll
[2012/06/14 17:02:10 | 000,243,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\2f9da3b7d03b4485274ab117495e1208\ehExtHost.ni.exe
[2012/11/16 16:18:03 | 000,243,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\dfd72d2ab8684b8df09072c7d3bbe20e\ehExtHost.ni.exe
[2012/11/16 16:18:00 | 000,023,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtCOM\6f3140512aa4c66fe23e05a143e075eb\ehiExtCOM.ni.dll
[2012/05/13 11:18:20 | 000,023,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtCOM\bc07bf1aeb176548dde8971360cfa5a9\ehiExtCOM.ni.dll
[2012/05/13 11:18:22 | 000,160,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\07d99efbb39707d01236f56cb1299524\ehiExtens.ni.dll
[2012/11/16 16:18:03 | 000,160,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\2fba56cf6d82dae1a98e0bdd2bb1d735\ehiExtens.ni.dll
[2012/05/13 11:18:23 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiPlay\67ddb639b0e4210abaf7d19d72013cb5\ehiPlay.ni.dll
[2012/11/16 16:18:04 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiPlay\e33a6f8ef8d1bc5c8728536fc316bfe7\ehiPlay.ni.dll
[2012/11/16 16:17:43 | 000,965,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\0cff0807aae9070c7a71e9e47d5b30de\ehiProxy.ni.dll
[2012/05/13 11:18:11 | 000,965,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\286a98a691096f98d57f0f9cb9d03690\ehiProxy.ni.dll
[2012/11/16 16:18:05 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiReplay\9656939a16e1949e60b59bb8c4ee6b7d\ehiReplay.ni.dll
[2012/05/13 11:18:24 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiReplay\a3f7c7da452ed56ff97ddc37f1b3f60e\ehiReplay.ni.dll
[2012/05/13 11:18:18 | 000,057,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\255a7647cad0ec58c01053d7bdddd928\ehiUserXp.ni.dll
[2012/11/16 16:17:52 | 000,057,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\54eea151593b446436bdfbb45cbaff5a\ehiUserXp.ni.dll
[2012/11/16 16:18:06 | 000,797,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\424ae9e9db5a00639ecd0fa2bba1828f\ehiVidCtl.ni.dll
[2012/05/13 11:18:24 | 000,797,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\c087f58ad3956895cb7b0f51e3b19ccd\ehiVidCtl.ni.dll
[2012/11/16 16:18:07 | 000,338,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\2b1e9d5b6f7973a767840f332586e918\ehiwmp.ni.dll
[2012/05/13 11:18:25 | 000,338,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\7d7fb67c9ca0865f01c81615bfa39752\ehiwmp.ni.dll
[2012/05/13 11:18:25 | 000,103,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\026110bb02fb6ad6ca94b7b2fde54013\ehiWUapi.ni.dll
[2012/11/16 16:18:08 | 000,103,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\ea2cee5e71667a08516d6f9e39059d7a\ehiWUapi.ni.dll
[2012/11/16 16:18:10 | 001,732,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\9abcece839e32a5e9e85a70f8437cd45\ehRecObj.ni.dll
[2012/05/13 11:18:27 | 001,732,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\b7bef07ca1e5abb7a55dbbbc318903fe\ehRecObj.ni.dll
[2012/11/16 16:18:25 | 011,588,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehshell\122e32e6331df83280e58e53890f0933\ehshell.ni.dll
[2012/06/14 17:02:22 | 011,588,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ehshell\f3d7b447b976661b3fdc57795744160c\ehshell.ni.dll
[2012/06/14 17:02:23 | 000,543,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\EventViewer\11804905535690869865532b52f0454a\EventViewer.ni.dll
[2012/11/16 16:18:31 | 000,543,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\EventViewer\bdf08502e0b6258fbb046afc678f6d09\EventViewer.ni.dll
[2012/05/13 11:16:26 | 000,068,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HowToPillar\2562821baac6a5da400083a29f707103\HowToPillar.ni.dll
[2012/11/16 16:15:38 | 000,068,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HowToPillar\5695e7b1a42739e41739c0ed890a451e\HowToPillar.ni.dll
[2012/06/14 17:00:54 | 000,079,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor.Common.Wi#\1a33153d97021b2819175d994ac556ed\HPAdvisor.Common.Windows.ni.dll
[2012/11/16 16:15:29 | 000,079,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor.Common.Wi#\eb2de64a7cb13f2c43e9a3006c6c51c6\HPAdvisor.Common.Windows.ni.dll
[2012/11/16 16:15:31 | 001,853,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor\8c4f86bb9aac1bf6988a7fffbff52c1c\HPAdvisor.ni.exe
[2012/06/14 17:00:56 | 001,853,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor\936ade16f834e2a8cfe611487666245a\HPAdvisor.ni.exe
[2012/11/16 16:16:05 | 000,726,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\9527ef8002ee71bfaaeee82e3b1b9620\ICSharpCode.SharpZipLib.ni.dll
[2012/05/13 11:16:52 | 000,726,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\cf66c0c1a591066ea3dde2034ab28b41\ICSharpCode.SharpZipLib.ni.dll
[2012/06/14 17:01:41 | 006,896,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Impulse\3267d60d015724d2453f5ef4c634731b\Impulse.ni.exe
[2012/11/16 16:16:42 | 006,896,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Impulse\5efabaa07670d75bacacfd5168b65d3e\Impulse.ni.exe
[2012/11/16 16:15:32 | 000,087,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\InterfaceServices\4cfb50ae83d922e114872ea0a0d10271\InterfaceServices.ni.dll
[2012/05/13 11:16:20 | 000,087,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\InterfaceServices\a0c2fd8fff825cf7dae981566b554fbf\InterfaceServices.ni.dll
[2012/11/16 16:16:22 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\37b34a99f72617347345fe6be6f2eca5\Interop.IWshRuntimeLibrary.ni.dll
[2012/05/13 11:17:08 | 000,100,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\5318777e07575988facaec39026d1cc7\Interop.IWshRuntimeLibrary.ni.dll
[2012/11/16 16:16:16 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.ShockwaveFl#\13b4d57840cef34ce1e82f8aa08748fe\Interop.ShockwaveFlashObjects.ni.dll
[2012/05/13 11:17:02 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.ShockwaveFl#\5fbeee7696ba53ad247fd631e55531cf\Interop.ShockwaveFlashObjects.ni.dll
[2012/11/16 16:15:46 | 004,391,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\KeePass\986e159034c78496e625c3d56f495ebd\KeePass.ni.exe
[2012/06/14 17:01:05 | 004,391,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\KeePass\ca5831cc77305c5aa0635164597eee40\KeePass.ni.exe
[2012/11/16 16:18:27 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\loadmxf\0611892f6a1d80c94c8b067e661476ad\loadmxf.ni.exe
[2012/05/13 11:18:40 | 000,068,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\loadmxf\3713e414a1dade2bdd0ac8d8b6b621f6\loadmxf.ni.exe
[2012/11/16 16:15:35 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MarketPillar\2d7fbf62b82768242679007380746bd5\MarketPillar.ni.dll
[2012/05/13 11:16:23 | 000,050,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MarketPillar\ba0e73c32fa0bcb624873082b652d0e9\MarketPillar.ni.dll
[2012/11/16 16:18:14 | 000,642,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\82676568b59ee459d21a997ef404bfab\mcstore.ni.dll
[2012/05/13 11:18:29 | 000,642,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstore\cb292a571ceb92b81b41cf52eac16d83\mcstore.ni.dll
[2012/05/13 11:18:30 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\a49b94a226262de9fc167c662d9175e6\mcstoredb.ni.dll
[2012/11/16 16:18:15 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\cceb1899d3d5d10c55c1ce02daaa82c2\mcstoredb.ni.dll
[2012/11/16 16:18:43 | 000,254,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcupdate\405b5ffd76ec16c2eeb956127e15e997\mcupdate.ni.exe
[2012/05/13 11:18:48 | 000,254,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mcupdate\f6536b4c26373b75c1037433213d7fb0\mcupdate.ni.exe
[2012/11/16 16:18:26 | 000,238,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\0e11b888731b783713989ae77d492e3a\Mcx2Dvcs.ni.dll
[2012/05/13 11:18:39 | 000,238,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\d9ef7a0b14036b65f7d8b0c39542f679\Mcx2Dvcs.ni.dll
[2012/11/16 16:15:33 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingClients\363b7af44842c66a1d970f8b8783a9ca\MessagingClients.ni.dll
[2012/05/13 11:16:21 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingClients\9808183c0244ef6167479a2f2f0894da\MessagingClients.ni.dll
[2012/05/13 11:16:21 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingInterface\344e2dd979fea2dd1a10d82b9a223dd4\MessagingInterface.ni.dll
[2012/11/16 16:15:33 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingInterface\f351ee0ea8da9341a8c62b8db6b0d35d\MessagingInterface.ni.dll
[2012/05/13 11:16:22 | 000,054,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingMessages\e13b368f156eb4b25a6c5ad28d5308ea\MessagingMessages.ni.dll
[2012/11/16 16:15:34 | 000,054,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingMessages\f9ed457e4ba78f5269bfc9a70d6861d7\MessagingMessages.ni.dll
[2012/11/16 16:15:34 | 000,090,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingServer\2ffd471b99d56b188552378f96c64dfb\MessagingServer.ni.dll
[2012/05/13 11:16:23 | 000,090,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingServer\a2317f441d5997904cfe5fb3ea009114\MessagingServer.ni.dll
[2012/05/13 11:18:49 | 000,222,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\1e48dcddad33d81cd6e0c429c17094a1\Microsoft.Build.Conversion.v3.5.ni.dll
[2012/11/16 16:18:46 | 000,222,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\2ba9d14f7f3f162346d35b15c6321891\Microsoft.Build.Conversion.v3.5.ni.dll
[2012/11/16 16:18:47 | 000,888,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3bc0c7aa5d2b4deed478b53dde20a495\Microsoft.Build.Engine.ni.dll
[2012/05/13 11:17:42 | 001,888,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\452da9a588cd455890d8762dcae073af\Microsoft.Build.Engine.ni.dll
[2012/05/13 11:18:50 | 000,888,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c424f04095959cd8a5c03f2904cbd698\Microsoft.Build.Engine.ni.dll
[2012/11/16 16:17:04 | 001,888,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d02bb8674734a608a015f54b17440fce\Microsoft.Build.Engine.ni.dll
[2012/05/13 11:18:50 | 000,065,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c46d310587bd60cdc5a1e6a3bcdef27\Microsoft.Build.Framework.ni.dll
[2012/11/16 16:18:47 | 000,065,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\6d7592005f16f3cc90bce14ed748049e\Microsoft.Build.Framework.ni.dll
[2012/11/16 16:17:02 | 000,074,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c3e8ea9d1c59c1cfc22f0efdf674b928\Microsoft.Build.Framework.ni.dll
[2012/05/13 11:17:41 | 000,074,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\cf2240ba58c2d94b41a74344dc5f64a0\Microsoft.Build.Framework.ni.dll
[2012/11/16 16:18:49 | 001,620,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\2a2d939ee409231b87474a3a9b72f4b5\Microsoft.Build.Tasks.ni.dll
[2012/06/14 17:02:32 | 001,620,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\304acbf276a1820a1c11f6f923d52745\Microsoft.Build.Tasks.ni.dll
[2012/06/14 17:02:34 | 001,966,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\5ac593ad537e7dd735bdabba9d766e55\Microsoft.Build.Tasks.v3.5.ni.dll
[2012/11/16 16:18:51 | 001,966,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\621af1603a959590463ba914a85b61a8\Microsoft.Build.Tasks.v3.5.ni.dll
[2012/05/13 11:18:55 | 000,175,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\33d8c9635b28feaeb2711f402e1afac2\Microsoft.Build.Utilities.v3.5.ni.dll
[2012/05/13 11:18:55 | 000,144,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\66b5642e7fb6c41c7c9f320c39cc04ad\Microsoft.Build.Utilities.ni.dll
[2012/11/16 16:18:52 | 000,175,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a30d8434d7bb1d14edcd7e825e2c3045\Microsoft.Build.Utilities.v3.5.ni.dll
[2012/11/16 16:18:52 | 000,144,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\b5f5b7ef07ac0299e0c7539c405d8b1e\Microsoft.Build.Utilities.ni.dll
[2012/11/16 16:18:54 | 001,356,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\bc5910866f80305a6a19c4197e07f09c\Microsoft.Ink.ni.dll
[2012/06/14 17:02:36 | 001,356,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\c420edef488501ffe0a8bd56d9756955\Microsoft.Ink.ni.dll
[2012/05/13 11:16:59 | 002,332,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\47b205f629edc7e1065e1bd6c3d50834\Microsoft.JScript.ni.dll
[2012/11/16 16:16:12 | 002,333,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\ad8a35d249ed52c14f618ee6183c8b8c\Microsoft.JScript.ni.dll
[2012/11/16 16:18:32 | 000,558,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\a7285ee50136dc108010b27401f43c35\Microsoft.ManagementConsole.ni.dll
[2012/06/14 17:02:24 | 000,558,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\ef6a66d52d531be206ac416483aed2b8\Microsoft.ManagementConsole.ni.dll
[2012/05/13 11:18:28 | 000,227,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\40ed5b7a3dc409d4bfb5cbc22b2de3f9\Microsoft.MediaCenter.Shell.ni.dll
[2012/05/13 11:18:31 | 000,659,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\49708553beac29dc425492f9520f607b\Microsoft.MediaCenter.Sports.ni.dll
[2012/11/16 16:18:13 | 000,227,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\4ea4af3fcc1421c1b813306ec8bc2fd9\Microsoft.MediaCenter.Shell.ni.dll
[2012/11/16 16:17:51 | 005,486,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7357c781329fde346876c0666dec2221\Microsoft.MediaCenter.UI.ni.dll
[2012/06/14 17:02:08 | 005,486,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cf100c0c1510f5c7bb1e17f2f359883c\Microsoft.MediaCenter.UI.ni.dll
[2012/11/16 16:18:17 | 000,659,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\eaea2a8d3bc67cdf7123291906321854\Microsoft.MediaCenter.Sports.ni.dll
[2012/06/14 17:02:09 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\f22e7365e7527cd3c3f707218d8e3a10\Microsoft.MediaCenter.ni.dll
[2012/11/16 16:18:01 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\f5687866d47e9c37862a393a3b4c2a7b\Microsoft.MediaCenter.ni.dll
[2012/05/13 11:19:00 | 000,291,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\012d9816bed18f463f1a7997acdc3d15\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
[2012/05/13 11:19:11 | 000,515,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12925e39b3ba4256b20d62aa94df1043\Microsoft.PowerShell.ConsoleHost.ni.dll
[2012/11/16 16:19:16 | 003,722,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\2228550161bab391dbce0fdec78b0e15\Microsoft.PowerShell.Editor.ni.dll
[2012/11/16 16:19:30 | 000,729,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\28a6a989c4459bf2423f5bdc3ac91d00\Microsoft.PowerShell.GraphicalHost.ni.dll
[2012/06/14 17:02:41 | 001,609,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3b8420c7a228868290f2fc42358430d1\Microsoft.PowerShell.Commands.Utility.ni.dll
[2012/11/16 16:19:11 | 000,515,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\524bd65d06098ea8595bf1b79ba26757\Microsoft.PowerShell.ConsoleHost.ni.dll
[2012/11/16 16:19:36 | 000,156,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\6312b5ec4b26e43f5f9d1e74cef4d4cd\Microsoft.PowerShell.Security.ni.dll
[2012/05/13 11:19:08 | 000,737,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\74dbe658cfe06e384430fe5ae7d29310\Microsoft.PowerShell.Commands.Management.ni.dll
[2012/05/13 15:35:55 | 000,729,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a253fd3940797d138fc8c5974b7e1f7a\Microsoft.PowerShell.GraphicalHost.ni.dll
[2012/11/16 16:19:09 | 001,609,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\c24c6260a1294205b389a22556e7e54d\Microsoft.PowerShell.Commands.Utility.ni.dll
[2012/11/16 16:18:58 | 000,291,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d072d0600cb94e36cb0d1561b3a78f13\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
[2012/06/14 17:02:45 | 003,722,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dccb31198926976cfa435b90e64df749\Microsoft.PowerShell.Editor.ni.dll
[2012/05/13 15:35:56 | 000,156,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ece80059173e49adf749b12ab865d21e\Microsoft.PowerShell.Security.ni.dll
[2012/11/16 16:19:24 | 001,704,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f4ed413862dd13e23c98f92ae1d1a010\Microsoft.PowerShell.GPowerShell.ni.dll
[2012/06/14 17:02:48 | 001,704,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f75476a75fae8e8d445019dfa58402de\Microsoft.PowerShell.GPowerShell.ni.dll
[2012/11/16 16:19:06 | 000,737,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\f95269d8d7df814ce7324d53fc6660b0\Microsoft.PowerShell.Commands.Management.ni.dll
[2012/05/13 15:35:59 | 000,386,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\2561c194ae93e7d81c1921d7f8bc4d9d\Microsoft.Transactions.Bridge.Dtc.ni.dll
[2012/11/16 16:19:41 | 000,386,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\9cb79e330414a18d7305f352aa560a3c\Microsoft.Transactions.Bridge.Dtc.ni.dll
[2012/11/16 16:17:40 | 001,093,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c249b5f95a1c0642f6038543b31efbbc\Microsoft.Transactions.Bridge.ni.dll
[2012/05/13 11:18:10 | 001,093,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\e606f5aa1e01220753f6a032c07b43a7\Microsoft.Transactions.Bridge.ni.dll
[2012/06/14 17:01:23 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll
[2012/11/16 16:16:15 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll
[2012/05/13 11:16:10 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\be3c3ca8bfb03375bc89f799349b03f3\Microsoft.VisualC.ni.dll
[2012/11/16 16:15:22 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\dd0bbeeb318682fc03e1e1baef47163a\Microsoft.VisualC.ni.dll
[2012/11/16 16:16:13 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\b76bc8acf29798a03a76b4f07f654eb1\Microsoft.Vsa.ni.dll
[2012/05/13 11:16:59 | 000,055,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\fb2cc92e2aa127fefa1672c78a5c6aaa\Microsoft.Vsa.ni.dll
[2012/11/16 16:16:26 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\384aafb6002711959ca5cf7116adff19\Microsoft.WindowsAPICodePack.ni.dll
[2012/11/16 16:16:25 | 001,746,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\66b07e62d4169767599546433e10a2dc\Microsoft.WindowsAPICodePack.Shell.ni.dll
[2012/06/14 17:01:30 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\7544ad58d9563dcd1b20486e6f4f6730\Microsoft.WindowsAPICodePack.ni.dll
[2012/06/14 17:01:30 | 001,746,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WindowsAP#\f5eb50810decebf033bd0fa56872b58a\Microsoft.WindowsAPICodePack.Shell.ni.dll
[2012/11/16 16:19:48 | 000,508,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\281da2f2479d6cd13132efe310ad80e9\Microsoft.WSMan.Management.ni.dll
[2012/05/13 15:36:01 | 000,508,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\ee837f53d1dfa574e7f908907cde5762\Microsoft.WSMan.Management.ni.dll
[2012/11/16 16:19:50 | 000,017,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\a8ac4cd1069370a36feee764f6b6e2ac\Microsoft.WSMan.Runtime.ni.dll
[2012/05/13 15:36:01 | 000,017,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\e48756c89aad809db34274b048f8630a\Microsoft.WSMan.Runtime.ni.dll

#14 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 30 December 2012 - 11:33 AM

And this single log has already gone on for more than two posts, so I am going to assume I did something wrong and not post the rest of it after this part until I get further instructions, because I think it would take at least a good 20 or so posts worth of content to post all of OTL.Txt. Sorry, what did I do wrong?

[2012/11/16 16:18:39 | 006,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\07a3828ff668667628b150570ebdd397\MIGUIControls.ni.dll
[2012/06/14 17:02:27 | 006,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\82a54c1a86466437495ab3dd91c58b63\MIGUIControls.ni.dll
[2012/11/16 16:19:53 | 001,536,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\55917b33eb7c87e43ddff9939d3a7554\MMCEx.ni.dll
[2012/06/14 17:02:53 | 001,536,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCEx\cb2db8c862e11358d3bb1b92f85d86bd\MMCEx.ni.dll
[2012/11/16 16:18:34 | 000,285,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\84fb6a6d8fa02047f9d65edfdc5d6923\MMCFxCommon.ni.dll
[2012/06/14 17:02:24 | 000,285,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\9621076f8f44240e769dd03177d0c47f\MMCFxCommon.ni.dll
[2012/11/16 16:17:02 | 000,133,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\82f32475edb2ccddb0a4d163a5266598\MSBuild.ni.exe
[2012/05/13 11:17:40 | 000,133,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MSBuild\91ba322c3cb72f03d15016e81f2f08e8\MSBuild.ni.exe
[2012/11/16 16:10:37 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
[2012/05/13 10:47:56 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
[2012/11/16 16:16:18 | 000,326,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\6c02e582bd2fbff61036cea8e5ea44bb\MyDock.Util.ni.dll
[2012/06/14 17:01:24 | 000,326,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\fc02619cc20040824c8e60a3bd63585e\MyDock.Util.ni.dll
[2012/11/16 16:19:54 | 000,079,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napcrypt\9dc9826c70b2c5fae84ecfd21e53d77a\napcrypt.ni.dll
[2012/05/13 15:36:05 | 000,079,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napcrypt\f35ea215449a9b2f3d1c281a83bf8db6\napcrypt.ni.dll
[2012/11/16 16:19:54 | 000,115,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\naphlpr\e99ac9ab9a8a27579befa5738b71d614\naphlpr.ni.dll
[2012/05/13 15:36:05 | 000,115,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\naphlpr\fafb8f5ecc491637dd61c7efd321a68a\naphlpr.ni.dll
[2012/11/16 16:19:55 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napinit\15f8bceaa7ca66d2f44541b60d8897a9\napinit.ni.dll
[2012/06/14 17:02:54 | 000,110,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napinit\8530fa5ec0de4f6d60ef2557c2554a67\napinit.ni.dll
[2012/11/16 16:19:56 | 000,724,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napsnap\1ad3a43083862cb5bb49768466a433e8\napsnap.ni.dll
[2012/06/14 17:02:55 | 000,724,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\napsnap\cf031a6c23df5e7d9101cd986a2558c1\napsnap.ni.dll
[2012/06/14 17:02:57 | 002,538,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Narrator\0ca1358d590145adbb095f6916d28994\Narrator.ni.exe
[2012/11/16 16:19:59 | 002,538,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Narrator\9a38b51a8c7b83bbd0f7a1df1a613034\Narrator.ni.exe
[2012/11/16 16:15:36 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCAlertsPillar\1279c1d2dc232891153b89833b01dc4c\PCAlertsPillar.ni.dll
[2012/05/13 11:16:24 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCAlertsPillar\3755275d8d443c04a1cbeea4e0535474\PCAlertsPillar.ni.dll
[2012/11/16 16:15:37 | 000,355,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCHealthSecurityPil#\24aaf96ff0d4fe5c7b6f67a6ce126445\PCHealthSecurityPillar.ni.dll
[2012/05/13 11:16:25 | 000,355,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PCHealthSecurityPil#\a40d00375a2116b41bb8fbf4b5e4836d\PCHealthSecurityPillar.ni.dll
[2012/05/13 11:16:26 | 000,020,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PreferenceExecutable\d6ca7015531df152332c7995fc64335e\PreferenceExecutable.ni.exe
[2012/11/16 16:15:39 | 000,020,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PreferenceExecutable\fd019286c78898ef4c7cbcf675755e6e\PreferenceExecutable.ni.exe
[2012/11/16 16:20:00 | 001,451,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\3aaad12dd7560a3a86df6f0d7d6892fe\PresentationBuildTasks.ni.dll
[2012/05/13 15:36:12 | 001,451,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\fc59920e9bbba90d812714c1748e2cec\PresentationBuildTasks.ni.dll
[2012/11/16 16:16:27 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\644d50ac21e1ae4b341c5494a0cfae16\PresentationCFFRasterizer.ni.dll
[2012/05/13 11:17:12 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6e1aa62b07ad7a0f21448099927d3de2\PresentationCFFRasterizer.ni.dll
[2012/11/16 16:11:31 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\09ab834223f9c860f08de8d58688b1a3\PresentationCore.ni.dll
[2012/06/14 15:02:17 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
[2012/11/16 16:20:02 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b20e66766880c58b91c5fee13c22bd59\PresentationFontCache.ni.exe
[2012/05/13 15:36:14 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b57a0cd0fae107256365e988c9fe3395\PresentationFontCache.ni.exe
[2012/05/13 10:49:21 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\00112c66cb7cb4c8f8a284320a2fa2b1\PresentationFramework.Royale.ni.dll
[2012/11/16 16:11:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\39cc0e726e5b80a46337fa969cde2b66\PresentationFramework.Aero.ni.dll
[2012/06/14 15:03:19 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
[2012/11/16 16:11:54 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aa7bbf0a622f152f7c7599a823ccf0a7\PresentationFramework.Royale.ni.dll
[2012/05/13 10:49:20 | 000,539,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bbfbadb527a3ce339eef5f304a12f0c7\PresentationFramework.Luna.ni.dll
[2012/05/13 10:49:18 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
[2012/05/13 10:49:19 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
[2012/11/16 16:11:53 | 000,539,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e0e20718e6915f660d9dc64a3fcde694\PresentationFramework.Luna.ni.dll
[2012/11/16 16:11:52 | 000,224,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fa35926bc5deb5d7dff45331f9c169c8\PresentationFramework.Classic.ni.dll
[2012/11/16 16:11:50 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fb15c044e4e7d611a5cbe5a1aa6db455\PresentationFramework.ni.dll
[2012/11/16 16:16:29 | 001,657,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\aa0fab0e3e7264886d98fd54fc52bffb\PresentationUI.ni.dll
[2012/06/14 17:01:32 | 001,657,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\f42d14201dfb29938d5c07468ae91df6\PresentationUI.ni.dll
[2012/06/14 17:01:35 | 002,146,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3b1507e086784fb78e3d5e671aab1b0d\ReachFramework.ni.dll
[2012/11/16 16:16:33 | 002,146,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\7138bad7c15e96d3874c5d1021321fd2\ReachFramework.ni.dll
[2012/05/13 11:16:26 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\RemotingClient\50ed5ffbdff5fc889fb97b81f3552db6\RemotingClient.ni.dll
[2012/11/16 16:15:39 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\RemotingClient\de1b216dba84a8b3e0b4c98ecc70aca6\RemotingClient.ni.dll
[2012/11/16 16:16:48 | 000,373,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive.#\363f85376dcdae108e647bb232045af1\Sd.Central.Archive.XmlSerializers.ni.dll
[2012/06/14 17:01:45 | 000,373,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive.#\c85ff4bc412151706f15285e3ef117dd\Sd.Central.Archive.XmlSerializers.ni.dll
[2012/06/14 17:01:26 | 000,129,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive\1379a60f8629120796f557a125edfa68\Sd.Central.Archive.ni.dll
[2012/11/16 16:16:21 | 000,129,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Central.Archive\d9bb68965598301aba48bf25132cc9a1\Sd.Central.Archive.ni.dll
[2012/05/13 11:17:03 | 000,899,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\sd.central.cvp.serv#\2fe8e412979c0e7d66b74ec1123cac81\sd.central.cvp.server.ni.dll
[2012/11/16 16:16:17 | 000,899,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\sd.central.cvp.serv#\eac1d5611eda51c2bf2534a2d4947c62\sd.central.cvp.server.ni.dll
[2012/11/16 16:16:51 | 000,889,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common.XmlSerial#\cb261b1e25f527e3d361fa7958156e04\Sd.Common.XmlSerializers.ni.dll
[2012/05/13 11:17:31 | 000,889,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common.XmlSerial#\ee70565665c8539545c72915bd6ba1c2\Sd.Common.XmlSerializers.ni.dll
[2012/11/16 16:16:09 | 001,663,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common\6940e542594e5f21df7cc9f918770cbd\Sd.Common.ni.dll
[2012/06/14 17:01:22 | 001,663,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Common\7c38cc08b8e5e91805bf888cf62936b6\Sd.Common.ni.dll
[2012/06/14 17:01:27 | 000,351,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.InstallManager\3d77d37b93e5e4939a18f40c7e0771f2\Sd.InstallManager.ni.dll
[2012/11/16 16:16:22 | 000,351,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.InstallManager\4115b5c0ed92d0dff1b13e010b58e017\Sd.InstallManager.ni.dll
[2012/06/14 17:01:25 | 000,804,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Irc\92e09c1462d8596b10e134adffd8c0f0\Sd.Irc.ni.dll
[2012/11/16 16:16:19 | 000,804,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Irc\fda4a32e645e93fcc877c03d3498e674\Sd.Irc.ni.dll
[2012/11/16 16:16:19 | 000,155,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.UI\c901d52ebb5230d7e1331feaa6e36def\Sd.UI.ni.dll
[2012/06/14 17:01:25 | 000,155,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.UI\e47872960c57ce65e398f1cd2a040bb0\Sd.UI.ni.dll
[2012/11/16 16:16:23 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Uninstall\0786185da2905da40ff1ac916b1569e3\Sd.Uninstall.ni.dll
[2012/06/14 17:01:28 | 000,098,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Uninstall\bcf33b7555d9eef16973d50b7c720e27\Sd.Uninstall.ni.dll
[2012/11/16 16:16:36 | 000,516,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Web\36b0ce06027ed470dfe649386333022e\Sd.Web.ni.dll
[2012/06/14 17:01:37 | 000,516,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Web\ad9a4ff36799dbe2e8bc76e87c1494c1\Sd.Web.ni.dll
[2012/11/16 16:16:57 | 000,459,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Zip\8a583db7135fd8762e9291b6c23dc613\Sd.Zip.ni.dll
[2012/05/13 11:17:36 | 000,459,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd.Zip\e4178dc7e6efe9045597adb7f6f25f8e\Sd.Zip.ni.dll
[2012/11/16 16:16:20 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd\11a6bae2dd1744777f5dd66f6d957005\Sd.ni.dll
[2012/06/14 17:01:26 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Sd\15e6651c4cb4ad3e0a94ddce4a9d9876\Sd.ni.dll
[2012/05/13 15:36:19 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\90ee142ef8d567092c7afdf3c79c814b\ServiceModelReg.ni.exe
[2012/11/16 16:20:04 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\d2983ad0174149cbbd13f153d5526580\ServiceModelReg.ni.exe
[2012/11/16 16:16:58 | 000,130,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SharpBITS.Base\01affbf283dbd48870c9509018430d27\SharpBITS.Base.ni.dll
[2012/05/13 11:17:37 | 000,130,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SharpBITS.Base\e9a67a467666ce49bef7151b7f4fce84\SharpBITS.Base.ni.dll
[2012/05/13 11:18:03 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll
[2012/11/16 16:17:31 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\949339bed597380b8fb6dd2dc97d8006\SMDiagnostics.ni.dll
[2012/05/13 15:36:21 | 000,366,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\5d10dacced9bb34b5e0e6e0bdd0f7631\SMSvcHost.ni.exe
[2012/11/16 16:20:06 | 000,366,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\a8c31e36414925f0614839781433c597\SMSvcHost.ni.exe
[2012/05/13 11:17:00 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Stardock.Central.Se#\48d1293a1bfbb38a7c32927b7247d257\Stardock.Central.Security.ni.dll
[2012/11/16 16:16:13 | 000,056,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Stardock.Central.Se#\ea05a104a202564a3186b567d7c5bab7\Stardock.Central.Security.ni.dll
[2012/11/16 16:16:37 | 000,050,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\StardockCentralDSkin\09a8f68d1533120b63d322e9b021d87d\StardockCentralDSkin.ni.dll
[2012/06/14 17:01:38 | 000,050,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\StardockCentralDSkin\7c3ddbbadb5ceefdde006ab313df16ee\StardockCentralDSkin.ni.dll
[2012/05/13 15:37:23 | 000,232,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\sysglobl\4440dde36b8d3ba20512beb05505451b\sysglobl.ni.dll
[2012/11/16 16:21:03 | 000,232,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\sysglobl\9c90035029b3ad950e432e588cf11a16\sysglobl.ni.dll
[2012/05/13 15:36:23 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\5739f9bcab6a880ce911252751579918\System.AddIn.Contract.ni.dll
[2012/11/16 16:20:08 | 000,082,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\8bd3d01898892e008ae14cfa660bb9f7\System.AddIn.Contract.ni.dll
[2012/05/13 15:36:22 | 000,634,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\b32235cc55d7463b62692b3fb5f79273\System.AddIn.ni.dll
[2012/11/16 16:20:08 | 000,634,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\e0e2d343ee6cdd45a071ac5fe23e2f19\System.AddIn.ni.dll
[2012/05/13 15:36:23 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\8346ba5de36fcea2fe0397e8126f1e7d\System.ComponentModel.DataAnnotations.ni.dll
[2012/11/16 16:20:09 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\ac66adc7f5cf1159c8c13ed82a528926\System.ComponentModel.DataAnnotations.ni.dll
[2012/06/14 17:01:17 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\559eb472944e19bca4d034eda4bdfcb7\System.Configuration.Install.ni.dll
[2012/11/16 16:16:04 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\d28951fd0cae58a45977ef797e332aa5\System.Configuration.Install.ni.dll
[2012/11/16 16:15:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll
[2012/05/13 11:16:11 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
[2012/05/13 10:49:24 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll
[2012/11/16 16:11:57 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0fe45f0908e1c17f9aca39670d35e3a7\System.Core.ni.dll
[2012/11/16 16:20:10 | 000,135,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d87f31b1f93142f197a12cda0e3e9952\System.Data.DataSetExtensions.ni.dll
[2012/05/13 15:36:24 | 000,135,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\fcda8e8e987949b85a1fe6ce03ecba9b\System.Data.DataSetExtensions.ni.dll
[2012/11/16 16:20:43 | 000,756,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\1f4090d50f3167857043e3b6dfe1cb6f\System.Data.Entity.Design.ni.dll
[2012/05/13 15:37:00 | 000,756,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\6f763ae9a8467a9871dd6780d4d2c6a7\System.Data.Entity.Design.ni.dll
[2012/11/16 16:20:41 | 009,924,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\45be904a60f6fed761b73499f5e37180\System.Data.Entity.ni.dll
[2012/05/13 15:36:58 | 009,924,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\5a93198249be78f582fc89d835403fe8\System.Data.Entity.ni.dll
[2012/05/13 10:49:35 | 002,516,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\25cbbaeba2e4efdca4bee27760ffb36d\System.Data.Linq.ni.dll
[2012/11/16 16:12:07 | 002,516,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\4e8e1846ea93d2635d8a996d820ad88b\System.Data.Linq.ni.dll
[2012/05/13 11:16:49 | 001,119,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\35930a8bda01bcaa3f992622bc63e17a\System.Data.OracleClient.ni.dll
[2012/11/16 16:16:02 | 001,119,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\69e184e9313a7ad8efa82a7e2c32bd08\System.Data.OracleClient.ni.dll
[2012/05/13 15:37:08 | 000,354,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0213b2a09139aa03e485fd4b66753809\System.Data.Services.Design.ni.dll
[2012/11/16 16:20:48 | 000,354,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\471e76b8ab0f0219eb539147f419a547\System.Data.Services.Design.ni.dll
[2012/05/13 15:37:07 | 000,939,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\72714f72a04c6233a2b50324eec8cc4a\System.Data.Services.Client.ni.dll
[2012/11/16 16:20:47 | 000,939,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\dcc2a311021c9df89c4366f17b95a008\System.Data.Services.Client.ni.dll
[2012/05/13 15:37:05 | 001,328,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\7080e56dddae7f08a2dacf0451a27d54\System.Data.Services.ni.dll
[2012/11/16 16:20:46 | 001,328,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\8d3e8e485d4d8a70178fbd211a004b90\System.Data.Services.ni.dll
[2012/05/13 11:16:13 | 002,510,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\761fe0d0364a9a9515b8fd20b72150af\System.Data.SqlXml.ni.dll
[2012/11/16 16:15:26 | 002,510,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\ea13b520c0804e388330c7dd615f22cc\System.Data.SqlXml.ni.dll
[2012/05/13 10:49:31 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
[2012/11/16 16:12:03 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll
[2012/06/14 17:01:06 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\18050fc0ebf2c4835d05ffd337aa1616\System.Deployment.ni.dll
[2012/11/16 16:15:48 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\95c08b4a90593cb0ee59d51223dd28b4\System.Deployment.ni.dll
[2012/06/14 15:03:48 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\02ccd8236a942b3f89411fab5d2b594a\System.Design.ni.dll
[2012/11/16 16:12:16 | 010,683,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\2e4fdf9504741254b2f3dcca3fedb057\System.Design.ni.dll
[2012/11/16 16:20:50 | 000,881,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\0e5c035921c0ea2153a0db7a73996fa3\System.DirectoryServices.AccountManagement.ni.dll
[2012/05/13 11:16:46 | 001,116,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\2352398c304c3cb6c0909099e39cfb19\System.DirectoryServices.ni.dll
[2012/11/16 16:16:03 | 000,455,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\4a14aa2cd9479022a7c6497e4fb58bdb\System.DirectoryServices.Protocols.ni.dll
[2012/11/16 16:15:59 | 001,116,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6082261ca7c89e5c073a073fdd851572\System.DirectoryServices.ni.dll
[2012/05/13 11:16:50 | 000,455,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\99e4eb6fb13794d1a0b10e4f2b14d106\System.DirectoryServices.Protocols.ni.dll
[2012/05/13 15:37:10 | 000,881,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\dc66ec040f382fef55b98e1f20ea783f\System.DirectoryServices.AccountManagement.ni.dll
[2012/06/14 15:03:51 | 000,208,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\86d95330e670761c503f6f2e8cbe66b9\System.Drawing.Design.ni.dll
[2012/11/16 16:12:20 | 000,208,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ad0e4350e446ee970b8902e021dd071e\System.Drawing.Design.ni.dll
[2012/06/14 15:03:50 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
[2012/11/16 16:12:18 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll
[2012/11/16 16:15:58 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\1f0ff07c7fa3ef235a9e2b3b6a49db04\System.EnterpriseServices.ni.dll
[2012/11/16 16:15:58 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\1f0ff07c7fa3ef235a9e2b3b6a49db04\System.EnterpriseServices.Wrapper.dll
[2012/05/13 11:16:45 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
[2012/05/13 11:16:45 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
[2012/05/13 11:18:09 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll
[2012/11/16 16:17:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\eca677743544906340bc26d89c2538e4\System.IdentityModel.Selectors.ni.dll
[2012/05/13 11:18:07 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll
[2012/11/16 16:17:35 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\6be544795f68114304a2efdd502a52f0\System.IdentityModel.ni.dll
[2012/05/13 15:37:12 | 000,381,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\998dfe1266cf798e1ff574eb7fd2bfa8\System.IO.Log.ni.dll
[2012/11/16 16:20:52 | 000,381,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\b6e1628f056541854c2df7e62c84376c\System.IO.Log.ni.dll
[2012/05/13 11:19:06 | 008,365,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\6a54f9f4af6fd2a19111200f0082349d\System.Management.Automation.ni.dll
[2012/11/16 16:19:04 | 008,365,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\a15eb062b9da2b152b3be6043fc50d96\System.Management.Automation.ni.dll
[2012/11/16 16:20:53 | 000,330,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\54db76d85fd2cd6312d82ba8c79b62b0\System.Management.Instrumentation.ni.dll
[2012/05/13 15:37:13 | 000,330,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d33a548d929f66fe400903ffe768d0f0\System.Management.Instrumentation.ni.dll
[2012/11/16 16:16:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll
[2012/05/13 11:16:57 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
[2012/11/16 16:17:37 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\26d890dcf26aea886a08eb4243d1e887\System.Messaging.ni.dll
[2012/06/14 17:02:02 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\8ad39a1c48ba36b5210abe02ef03bc2a\System.Messaging.ni.dll
[2012/05/13 15:37:14 | 000,621,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Net\934c97ed4999b35cb0b81bf8aba085bd\System.Net.ni.dll
[2012/11/16 16:20:55 | 000,621,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Net\b9a95db7c9ec42deadb1f8452694a83b\System.Net.ni.dll
[2012/06/14 17:01:36 | 001,035,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\36fbb8064216ef11bd87afae6ee774dd\System.Printing.ni.dll
[2012/11/16 16:16:34 | 001,035,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\c582544eb32f42ec1fd9cfea01854827\System.Printing.ni.dll
[2012/11/16 16:15:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
[2012/05/13 11:16:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
[2012/05/13 11:18:06 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll
[2012/05/13 11:16:33 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1ee6b56dc9985fbbdeb373b611ac4fb3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/11/16 16:15:46 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2978e98454f6426a289ec510c668ee97\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/11/16 16:17:33 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\68c89abe0ec8381863d6bb18539504f9\System.Runtime.Serialization.ni.dll
[2012/05/13 11:16:14 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\442135bc0b503b42ab2d752c23bea631\System.Security.ni.dll
[2012/11/16 16:15:26 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\745f8d2fc35dc54e3aea2b0365679250\System.Security.ni.dll
[2012/05/13 15:37:20 | 001,705,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6546e0f4253ce30900e5ff902672a8bc\System.ServiceModel.Web.ni.dll
[2012/11/16 16:21:00 | 001,705,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6f2e56a075850e333280ce8e24edb7c4\System.ServiceModel.Web.ni.dll
[2012/05/13 11:18:03 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll
[2012/11/16 16:17:26 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2d737eebab3321e31bf20296d04a0e1a\System.ServiceModel.ni.dll
[2012/11/16 16:16:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
[2012/06/14 17:01:17 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8bbcd31ecc8edc7d1f9cdd83ef2bb2d3\System.ServiceProcess.ni.dll
[2012/05/13 15:37:23 | 001,917,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Speech\7ed29e11a515872908672cb05b7ff4d3\System.Speech.ni.dll
[2012/11/16 16:21:02 | 001,917,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Speech\ef4172eb1dae6dc0cbb7e3ab3ee5207c\System.Speech.ni.dll
[2012/11/16 16:15:57 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\850a371af19c00078a8cfbee763fb449\System.Transactions.ni.dll
[2012/05/13 11:16:44 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
[2012/11/16 16:21:04 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\60af17daa8a95ab03962e3fcc0fb600c\System.Web.Abstractions.ni.dll
[2012/06/14 17:03:11 | 000,141,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\eea5acc1ea4e07e4a4b9a21e1b07f883\System.Web.Abstractions.ni.dll
[2012/06/14 17:03:15 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1162a907e6d1d374b525380608bfb2a6\System.Web.DynamicData.Design.ni.dll
[2012/06/14 17:03:15 | 000,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3ad3981fb32b96a86d338333b07f31a2\System.Web.DynamicData.ni.dll
[2012/11/16 16:21:08 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\60c1d47342e753aa6ae7683ec9e8dc49\System.Web.DynamicData.Design.ni.dll
[2012/11/16 16:21:07 | 000,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\8224345e23edf7ec195a57185bc3f30c\System.Web.DynamicData.ni.dll
[2012/06/14 17:03:17 | 000,301,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\490be62e9be427143daf3a572d72df85\System.Web.Entity.Design.ni.dll
[2012/11/16 16:21:10 | 000,301,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\4c198a0cf70620cb427310a526f493e9\System.Web.Entity.Design.ni.dll
[2012/06/14 17:03:16 | 000,328,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\a9fa931c4eec22decd76f92d67cc1878\System.Web.Entity.ni.dll
[2012/11/16 16:21:09 | 000,328,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e6576105d1e8daf71b3ec4f0958ea8ad\System.Web.Entity.ni.dll
[2012/06/14 17:03:19 | 000,859,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\0ff88c169f441986d6580fa1240f4968\System.Web.Extensions.Design.ni.dll
[2012/11/16 16:21:06 | 002,405,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\5d852095edc7eb7898fb73d4cfa36548\System.Web.Extensions.ni.dll
[2012/11/16 16:21:12 | 000,859,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\a3326c3109cf331de3a65413e7dc9b2b\System.Web.Extensions.Design.ni.dll
[2012/06/14 17:03:14 | 002,405,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\dff4f7fc41647063e0e8f50b699be985\System.Web.Extensions.ni.dll
[2012/06/14 17:03:21 | 002,209,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0b90f82645cbd8de45ef8f5e467af156\System.Web.Mobile.ni.dll
[2012/11/16 16:21:14 | 002,209,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\b7aab561a356a867af1d00c67c32f78a\System.Web.Mobile.ni.dll
[2012/11/16 16:16:03 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\0abe37e27e6601607b38e7b90f23933d\System.Web.RegularExpressions.ni.dll
[2012/05/13 11:16:49 | 000,202,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b12e6b3c3c29fdcfd7675deb0286c51\System.Web.RegularExpressions.ni.dll
[2012/06/14 17:03:11 | 000,129,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\8c1dcf702af2709ab4571c884c93e066\System.Web.Routing.ni.dll
[2012/11/16 16:21:05 | 000,129,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\a144151cd171ca2bef8726c4dadba33f\System.Web.Routing.ni.dll
[2012/06/14 17:01:16 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\663112d3002034cf5126be253efff60d\System.Web.Services.ni.dll
[2012/11/16 16:16:01 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\7844c1ae91c8f584025756ad72e65176\System.Web.Services.ni.dll
[2012/06/14 17:01:14 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
[2012/11/16 16:15:56 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll
[2012/11/16 16:12:30 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll
[2012/06/14 15:04:04 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
[2012/05/13 15:37:40 | 000,037,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\0af2dd40095d8b7708511cc97bfca449\System.Windows.Presentation.ni.dll
[2012/11/16 16:21:15 | 000,037,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\3ab50ddf18838ba476b4a12309151956\System.Windows.Presentation.ni.dll
[2012/11/16 16:12:39 | 002,992,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\44add925c7533fa8085acf225a5a758e\System.Workflow.Activities.ni.dll
[2012/06/14 15:04:12 | 002,992,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\57a2f3b78edc0f5f088b210fabfe3bdc\System.Workflow.Activities.ni.dll
[2012/11/16 16:12:44 | 004,514,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\597b088b9fac7e05086e5942078fb033\System.Workflow.ComponentModel.ni.dll
[2012/06/14 15:04:18 | 004,514,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\865be11ce86f1882176810a3f909511b\System.Workflow.ComponentModel.ni.dll
[2012/11/16 16:12:47 | 001,911,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\634e18bacfef709929056433364c5378\System.Workflow.Runtime.ni.dll
[2012/06/14 15:04:22 | 001,911,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\e5b517ac742be27954c3093cfe6d1dd6\System.Workflow.Runtime.ni.dll
[2012/11/16 16:21:17 | 001,356,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\eafa864e21bf6856df65de965794e085\System.WorkflowServices.ni.dll
[2012/06/14 17:03:24 | 001,356,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\f26b580d09e9a6805ad7ad56ce4e44b0\System.WorkflowServices.ni.dll
[2012/11/16 16:21:18 | 000,400,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\6f6cc39ae5e2c648c61a7a5aad785cfe\System.Xml.Linq.ni.dll
[2012/05/13 15:37:48 | 000,400,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f925b35bd6833e57067ad1f5c1bb5f17\System.Xml.Linq.ni.dll
[2012/11/16 16:12:53 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll
[2012/05/13 10:50:28 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
[2012/05/13 10:48:38 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
[2012/11/16 16:11:15 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
[2012/11/16 16:15:40 | 000,273,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SystemStatus\5cf27e963d47e3bcaa8450e63f22d552\SystemStatus.ni.dll
[2012/06/14 17:01:00 | 000,273,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SystemStatus\ff8a03f7282232eb67e3aa6ec0bc6459\SystemStatus.ni.dll
[2012/11/16 16:21:19 | 000,235,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\4246068ec1911e281a8822712488cc8e\TaskScheduler.ni.dll
[2012/06/14 17:03:25 | 000,235,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\dff98b9115ba5b0f796550c3604f3ac2\TaskScheduler.ni.dll
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2011/08/11 14:13:07 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7473.tmp\System.dll
[2012/11/16 16:19:18 | 000,447,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\172628cb3f1c6660e81b7cfd5d81bc7c\UIAutomationClient.ni.dll
[2012/05/13 11:19:15 | 000,447,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\2250edc2c1512efa1c5788b787c93420\UIAutomationClient.ni.dll
[2012/05/13 15:37:51 | 001,049,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\5554cc3dcd06e8820c9db3d509d9fae7\UIAutomationClientsideProviders.ni.dll
[2012/11/16 16:21:20 | 001,049,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\d1d171c66e1191a9656fdae932201df2\UIAutomationClientsideProviders.ni.dll
[2012/05/13 11:17:12 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5fd0071c259b92078ced7cd752a14730\UIAutomationProvider.ni.dll
[2012/11/16 16:16:27 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b89f37b1536ccd0c4eecad499536f278\UIAutomationProvider.ni.dll
[2012/11/16 16:16:27 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\2e666a09039cce094499de7d5cb7aaf0\UIAutomationTypes.ni.dll
[2012/05/13 11:17:12 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\5ebaa15cccc356bc3afba0c8f56977f7\UIAutomationTypes.ni.dll
[2012/06/14 17:01:43 | 000,485,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VDialog\c192659f09622f2275e504a51861ab01\VDialog.ni.dll
[2012/11/16 16:16:44 | 000,485,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VDialog\f46bd7fbe4c8225ae3939f34ca44b30b\VDialog.ni.dll
[2012/05/13 11:16:28 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VersionManager\6666b75029e4f2e85b1ff49b6175b06a\VersionManager.ni.exe
[2012/11/16 16:15:41 | 000,047,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VersionManager\d2f10eb8829d55546be746644a9ee66d\VersionManager.ni.exe
[2012/11/16 16:15:42 | 000,017,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VersionUtility\745473d32b16cd6cd777664fbe74bb73\VersionUtility.ni.dll
[2012/05/13 11:16:29 | 000,017,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VersionUtility\a7c526191e8235e91dc0b664af6e963f\VersionUtility.ni.dll
[2012/11/16 16:16:43 | 000,284,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\00f4635ddef0ff030ad98df2c3c99338\VistaBridgeLibrary.ni.dll
[2012/06/14 17:01:42 | 000,284,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\c006694b153e102446c764ac128de734\VistaBridgeLibrary.ni.dll
[2012/11/16 16:16:42 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WBOCXLib\3c031e4356bbc97487d2a2b64dd89877\WBOCXLib.ni.dll
[2012/05/13 11:17:24 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WBOCXLib\cb5af70389486aee4657b0e28dce8631\WBOCXLib.ni.dll
[2012/11/16 16:11:19 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\0e3cff5f58a9a75de7fcac112c8bbca0\WindowsBase.ni.dll
[2012/05/13 10:48:42 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
[2012/06/14 17:01:37 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\9104e78d8897df008eed3a2af3bda6a2\WindowsFormsIntegration.ni.dll
[2012/11/16 16:16:35 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\fce0a2d2af95e18d481be2bdf4b58c15\WindowsFormsIntegration.ni.dll
[2012/11/16 16:21:22 | 000,321,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\df4b837fdbd322a92a10e5c7ccad5be3\WsatConfig.ni.exe
[2012/05/13 15:37:54 | 000,321,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\fbf74afe74e81261415b050305c2a870\WsatConfig.ni.exe
[2012/11/16 16:24:31 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\index42f.dat
[2012/11/16 16:24:33 | 000,000,000 | RH-- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\index430.dat
[2012/11/16 16:21:23 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\5528d332c662a879514630cbee174ada\Accessibility.ni.dll
[2012/11/16 16:21:27 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\9ce0e579c5cccbd1db1d1d982aa1887c\CustomMarshalers.ni.dll
[2012/11/16 16:21:24 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\dfsvc\c96dc683fff9dca7dfe5defbd1aed727\dfsvc.ni.exe
[2012/11/16 11:08:50 | 001,616,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\0bfa0f0420c7b93aaa68e1f98007ee2d\Microsoft.CSharp.ni.dll
[2012/11/16 16:23:49 | 002,464,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\ad68d97f8f99562364dd61d5a612fc28\Microsoft.JScript.ni.dll
[2012/11/16 16:21:30 | 001,085,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\9d94bcd863a041435d8c59f93b6905c9\Microsoft.Transactions.Bridge.ni.dll
[2012/11/16 16:21:31 | 000,418,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\f0180431e47d884879a6fc16896bef39\Microsoft.Transactions.Bridge.Dtc.ni.dll
[2012/11/16 16:21:40 | 000,219,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\72a77e44baced088c64725fa6a2272ba\Microsoft.VisualBasic.Compatibility.Data.ni.dll
[2012/11/16 16:21:36 | 001,172,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8ed85ce1ad817160649c6466fcd42cf0\Microsoft.VisualBasic.Activities.Compiler.ni.dll
[2012/11/16 16:21:38 | 001,136,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\d6a46e3e497c783e186e6ec948b42a97\Microsoft.VisualBasic.Compatibility.ni.dll
[2012/11/16 16:21:34 | 001,838,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\da70ab23582f4ebf61a2d551a390afcf\Microsoft.VisualBasic.ni.dll
[2012/11/16 16:21:40 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\6a502d715c2341f032267b20f9d21e73\Microsoft.VisualC.ni.dll
[2012/11/16 11:08:18 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
[2012/11/16 11:12:33 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
[2012/11/16 11:12:13 | 000,755,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\0d7bd2fd67c87fa5bbe712b1e9accd11\PresentationFramework.Luna.ni.dll
[2012/11/16 11:12:16 | 000,387,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\73a229d458b06d50f824480e2b725dd5\PresentationFramework.Royale.ni.dll
[2012/11/16 11:12:48 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll
[2012/11/16 11:12:17 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll
[2012/11/16 11:12:19 | 000,309,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cf039332cd01f52dc5acd2966ebb4487\PresentationFramework.Classic.ni.dll
[2012/11/16 16:21:45 | 001,641,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3227407f1a9eaa09e7014663795f1629\PresentationUI.ni.dll
[2012/11/16 16:22:12 | 002,906,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\bc4a5d9898a6c903baafbecacf6010b3\ReachFramework.ni.dll
[2012/11/16 16:21:52 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\0dd39ca15b3d56a03a31fbf671c80cfe\SMDiagnostics.ni.dll
[2012/11/16 16:21:27 | 000,317,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\b76121fa06569121815ba089d15c20ae\SMSvcHost.ni.exe
[2012/11/16 16:22:20 | 001,546,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\fa69349b6e3790321cb52019ada01a9e\System.Activities.Core.Presentation.ni.dll
[2012/11/16 16:22:22 | 000,411,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\0c414ac8b75b2ee4d52c5d68db80fd55\System.Activities.DurableInstancing.ni.dll
[2012/11/16 16:22:25 | 003,757,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\0233f9e5e8c2571681836bcd502a459f\System.Activities.Presentation.ni.dll
[2012/11/16 16:22:17 | 004,129,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Activities\be31f73c94bbbedb623ed88a1e705ffa\System.Activities.ni.dll
[2012/11/16 16:22:27 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\cd0e4f7f951ed1476e1a75dd554b72be\System.AddIn.Contract.ni.dll
[2012/11/16 16:22:27 | 000,624,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\9cc65f7541f56a4092f119199175a52c\System.AddIn.ni.dll
[2012/11/16 16:22:28 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\8f9b494a4ed04ad8d2c5989fc7d706fa\System.ComponentModel.DataAnnotations.ni.dll
[2012/11/16 11:08:47 | 000,693,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\d53442e6482ee6cdfc35d6dea7eeca36\System.ComponentModel.Composition.ni.dll
[2012/11/16 16:22:29 | 000,148,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\b078e9299fa1ffe96412d2e7ee47a0bb\System.Configuration.Install.ni.dll
[2012/11/16 11:08:51 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
[2012/11/16 11:08:35 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
[2012/11/16 16:22:30 | 000,134,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\620ad622156f4a3f34a46248ec6a3a03\System.Data.DataSetExtensions.ni.dll
[2012/11/16 16:23:36 | 013,345,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\b44bc0f669f6a03f9662baf928987d10\System.Data.Entity.ni.dll
[2012/11/16 11:08:46 | 002,517,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\df6307904c34b42871857eb60ceb338f\System.Data.Linq.ni.dll
[2012/11/16 16:23:39 | 001,343,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\4fbb98583609dd09bae5210ed74c9265\System.Data.Services.Client.ni.dll
[2012/11/16 11:08:54 | 002,550,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\3dbcfc473b62377e15d734da1b3cd20f\System.Data.SqlXml.ni.dll
[2012/11/16 11:08:40 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\90f1acbd79e2a5fabfb8c516d6be36a3\System.Data.ni.dll
[2012/11/16 16:22:05 | 001,880,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\7b9e229466be7e0bc584ea7b3de23523\System.Deployment.ni.dll
[2012/11/16 16:23:40 | 000,112,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Device\f3bd76b38d8d0575cf4fff1dff5d568d\System.Device.ni.dll
[2012/11/16 16:21:58 | 001,172,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\37898e97826dbcd8da46a3285f2eebec\System.DirectoryServices.ni.dll
[2012/11/16 16:23:42 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\3b0abcc5f0c24fbe1d384f66e296cd93\System.DirectoryServices.Protocols.ni.dll
[2012/11/16 16:23:41 | 000,913,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\74220295070b6a2866df55eec7a43074\System.DirectoryServices.AccountManagement.ni.dll
[2012/11/16 11:08:28 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
[2012/11/16 11:08:56 | 000,377,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\7fb790da2d169e9472c57927a53e3c2a\System.Dynamic.ni.dll
[2012/11/16 16:21:56 | 000,787,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6fc86a3e1d07ea824cd49b0c0b19d2f5\System.EnterpriseServices.ni.dll
[2012/11/16 16:21:56 | 000,236,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6fc86a3e1d07ea824cd49b0c0b19d2f5\System.EnterpriseServices.Wrapper.dll
[2012/11/16 16:23:44 | 000,229,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\305e3c3dad0f396cabdbd7d26fab1a6f\System.IdentityModel.Selectors.ni.dll
[2012/11/16 16:23:43 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\59353156806745822ad61a40de8fb631\System.IdentityModel.ni.dll
[2012/11/16 16:23:45 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\455946d047dd2c68bcb730be37277313\System.IO.Log.ni.dll
[2012/11/16 16:23:46 | 000,395,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\124e47191f1b2afabcb48691a9d377d4\System.Management.Instrumentation.ni.dll
[2012/11/16 16:23:47 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d0dc33658e23a6f960c46a5beab7ecf\System.Management.ni.dll
[2012/11/16 16:23:50 | 000,626,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\2e31b1fb7c36a6eb0f1c74d2d078b506\System.Messaging.ni.dll
[2012/11/16 16:23:51 | 000,657,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net\c50e573e4838e19495fa9806518ca7b0\System.Net.ni.dll
[2012/11/16 11:08:22 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4356fe490600dd3d31969f31f59a6892\System.Numerics.ni.dll
[2012/11/16 16:22:08 | 001,060,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Printing\c5c98ce1c754e6213e57c1f3f3e07453\System.Printing.ni.dll
[2012/11/16 16:21:54 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\bb404633d24f5098f9d7f5f5a1d234c3\System.Runtime.DurableInstancing.ni.dll
[2012/11/16 16:21:59 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\4209aa9559e29ce30e4e92f31ac3472f\System.Runtime.Remoting.ni.dll
[2012/11/16 16:21:52 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
[2012/11/16 16:22:00 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\87ac195467372a8cee1c388028e15606\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012/11/16 11:08:55 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\e450f586600c27379b52c1058292cfd9\System.Security.ni.dll
[2012/11/16 16:24:16 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1971d6726582c8566f9aaee24a158aa9\System.ServiceModel.Discovery.ni.dll
[2012/11/16 16:24:13 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\281dddf3da7b196de1df640829a4bcc6\System.ServiceModel.Activities.ni.dll
[2012/11/16 16:24:14 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d0eed8f474f789e8e5b41b88193805ab\System.ServiceModel.Channels.ni.dll
[2012/11/16 16:24:17 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d60ccefe0beca0de7cdd30d3881be61e\System.ServiceModel.Routing.ni.dll
[2012/11/16 16:24:11 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a27582afda5c9a9258ed2cd787352773\System.ServiceModel.ni.dll
[2012/11/16 16:24:17 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0284e2e0afcfd7ce09094b30c0486d46\System.ServiceProcess.ni.dll
[2012/11/16 16:24:19 | 002,012,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Speech\7b371ddf770a59d0608ed3bc066456f3\System.Speech.ni.dll
[2012/11/16 16:21:55 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\102cfe160aeb1e16a35890004a421ec9\System.Transactions.ni.dll
[2012/11/16 16:24:20 | 000,071,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\6fffb3a3f32684eebc4b699a20dab9bd\System.Web.ApplicationServices.ni.dll
[2012/11/16 16:24:22 | 001,885,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\ae614e1069c57f64c93b5dd3553965fd\System.Web.Services.ni.dll
[2012/11/16 16:24:26 | 004,587,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\3ad4677f111386087ccec0977a69b893\System.Windows.Forms.DataVisualization.ni.dll
[2012/11/16 11:09:08 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll
[2012/11/16 16:22:03 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\590352c10307d311bf4dc1addb801791\System.Windows.Input.Manipulations.ni.dll
[2012/11/16 16:24:28 | 000,035,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\226a04294bfd50f3254cfa8bd9ad79ec\System.Windows.Presentation.ni.dll
[2012/11/16 16:21:47 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll
[2012/11/16 16:21:48 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d6dc54d6b4aadbc921d00c3b76647e61\System.Xml.Linq.ni.dll
[2012/11/16 16:24:28 | 000,009,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\e245e7c9819fa2e66c0403b82c2897d7\System.Xml.Serialization.ni.dll
[2012/11/16 11:08:33 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
[2012/11/16 11:08:26 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
[2012/11/16 16:24:29 | 000,484,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\6d8d0a942a1087201b1c9401fba37c22\UIAutomationClient.ni.dll
[2012/11/16 16:24:31 | 001,063,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\1233447a08db99522d16a82120a6e26a\UIAutomationClientsideProviders.ni.dll
[2012/11/16 16:22:01 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\9fedec1f005f9e39f8dde611c4c27cab\UIAutomationProvider.ni.dll
[2012/11/16 16:22:01 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\ae40aeae573219a0439def61b1d48b49\UIAutomationTypes.ni.dll
[2012/11/16 11:12:22 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
[2012/11/16 16:24:33 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll
[2012/01/11 00:15:46 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_68a54356\CustomMarshalers.dll
[2012/01/11 00:15:46 | 000,000,090 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_68a54356\__AssemblyInfo__.ini
[2012/01/11 00:16:08 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c085d26a\CustomMarshalers.dll
[2012/01/11 00:16:08 | 000,000,091 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c085d26a\__AssemblyInfo__.ini
[2012/01/11 00:16:01 | 003,391,488 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1e7afab1\mscorlib.dll
[2012/01/11 00:16:01 | 000,000,091 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1e7afab1\__AssemblyInfo__.ini
[2012/01/11 00:16:21 | 008,908,800 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_60337026\mscorlib.dll
[2012/01/11 00:16:21 | 000,000,092 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_60337026\__AssemblyInfo__.ini
[2012/01/11 00:15:57 | 001,470,464 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2b7b0517\System.Design.dll
[2012/01/11 00:15:57 | 000,000,090 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2b7b0517\__AssemblyInfo__.ini
[2012/04/13 10:18:27 | 001,470,464 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_787b73d9\System.Design.dll
[2012/04/13 10:18:27 | 000,000,090 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_787b73d9\__AssemblyInfo__.ini
[2012/04/13 10:18:49 | 003,395,584 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b29e881c\System.Design.dll
[2012/04/13 10:18:49 | 000,000,091 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_b29e881c\__AssemblyInfo__.ini
[2012/01/11 00:16:16 | 003,395,584 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c4fe891b\System.Design.dll
[2012/01/11 00:16:16 | 000,000,091 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_c4fe891b\__AssemblyInfo__.ini
[2012/04/13 10:18:43 | 000,192,512 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_2a397244\System.Drawing.Design.dll
[2012/04/13 10:18:43 | 000,000,091 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_2a397244\__AssemblyInfo__.ini
[2012/01/11 00:15:47 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_2d2a9f64\System.Drawing.Design.dll

Edited by Mahvra, 30 December 2012 - 11:37 AM.


#15 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 31 December 2012 - 04:40 AM

And this single log has already gone on for more than two posts, so I am going to assume I did something wrong and not post the rest of it after this part until I get further instructions, because I think it would take at least a good 20 or so posts worth of content to post all of OTL.Txt. Sorry, what did I do wrong?


I'm very sorry - there was a typo in my instructions.

Please do another OTL scan using the following instructions. The log should be much shorter this time.

Please download OTL.exe by OldTimer to your Desktop.
  • Close all windows and double click OTL.exe.
  • In the "Custom Scans/Fixes" window (under the light green bar) paste the content of the following the codebox:
    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    %systemdrive%\Qoobox\Quarantine\*.* /s /md5
    
  • Click Run Scan and let the program run uninterrupted.
  • When the scan completes, it will open a Notepad window. Please post the log in this thread.

====

I did the scans. And sorry, I just wanted to ask: So have you figured out from the scans if Avast's weird behavior was caused by a malware infection? Or was my computer clean?


The tools did not show a severe infection. I'll give instructions to run some further scans - just in case something is hiding. I will give you a more detailed report once I've checked the OTL log :thumbup:

#16 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 31 December 2012 - 11:49 AM

OTL logfile created on: 12/31/2012 11:28:38 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vosz\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 60.05% Memory free
6.21 Gb Paging File | 4.83 Gb Available in Paging File | 77.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.71 Gb Total Space | 244.98 Gb Free Space | 53.64% Space Free | Partition Type: NTFS
Drive D: | 9.05 Gb Total Space | 0.90 Gb Free Space | 9.92% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: vosz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/30 00:38:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
PRC - [2012/12/20 11:54:24 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012/12/19 09:03:44 | 001,868,432 | ---- | M] () -- C:\Program Files\Comodo\Dragon\dragon_updater.exe
PRC - [2012/12/19 08:01:24 | 000,200,400 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Comodo\GeekBuddy\unit_manager.exe
PRC - [2012/12/19 08:01:24 | 000,190,672 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Comodo\GeekBuddy\unit.exe
PRC - [2012/12/19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files\Common Files\Comodo\launcher_service.exe
PRC - [2012/12/04 12:31:12 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/11/26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012/11/07 23:37:38 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2012/11/07 23:37:12 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cfp.exe
PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 14:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/10/25 04:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/14 22:31:36 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/06/14 22:31:32 | 000,178,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/05/07 12:35:56 | 001,273,856 | ---- | M] () -- C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
PRC - [2007/04/25 11:36:36 | 000,280,064 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files\Portrait Displays\HP My Display\dthtml.exe
PRC - [2007/04/25 11:34:44 | 000,073,728 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2007/04/25 11:33:58 | 000,110,592 | ---- | M] (Portrait Displays Inc.) -- C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 06:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/20 11:56:30 | 000,647,168 | ---- | M] () -- C:\Program Files\Steam\sdl.dll
MOD - [2012/12/20 11:54:20 | 020,320,240 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012/12/20 11:54:05 | 000,969,280 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/12/20 11:54:05 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/12/20 11:54:05 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/12/20 11:54:04 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/05/07 12:35:56 | 001,273,856 | ---- | M] () -- C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
MOD - [2007/04/25 11:34:50 | 000,163,840 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\DThook.dll
MOD - [2007/04/25 11:34:46 | 000,077,824 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Plugins\CC\gui.dll
MOD - [2007/04/25 11:33:54 | 000,102,400 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Shared\PresetsCOM.dll
MOD - [2007/04/24 09:49:34 | 000,188,416 | ---- | M] () -- C:\Program Files\Common Files\Portrait Displays\Drivers\di2c.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/12/20 11:54:24 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/12/19 09:03:44 | 001,868,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/12/19 08:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012/12/11 16:22:11 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/04 10:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/26 13:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012/11/09 12:21:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/11/07 23:37:38 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/16 08:38:26 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/02/02 11:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009/10/23 11:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/14 22:31:36 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/04/25 11:34:44 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2006/09/11 18:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 18:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 17:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 17:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 12:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 01:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 11:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/12/04 03:41:28 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\System32\drivers\CFRMD.sys -- (CFRMD)
DRV - [2012/11/07 23:37:46 | 000,082,952 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2012/11/07 23:37:46 | 000,042,264 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/11/07 23:37:44 | 000,494,416 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012/10/30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 18:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/04/06 19:05:05 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2008/09/10 03:48:20 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/09/10 03:46:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/09/04 02:34:34 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/12/14 12:48:16 | 000,005,120 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2006/11/16 16:20:48 | 000,015,920 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PdiPorts.sys -- (PdiPorts)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.majorgeeks.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{132E17CB-6EAE-4007-A88C-EC519C1996C2}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}: "URL" = http://search.avg.co...e}&iy=&ychte=us
IE - HKCU\..\SearchScopes\{35DB0B3F-2ADA-44EA-A9C4-5E27B681F1DA}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.st...q={searchTerms}
IE - HKCU\..\SearchScopes\{7246D1A0-6DC6-49F6-B5E1-820F3B98AAA9}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\..\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}: "URL" = http://websearch.ask...D8-6C4E331E6861
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: pbupload@photobucket.com:1.3.3
FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:6.0.1203
FF - prefs.js..extensions.enabledAddons: fmconverter@gmail.com:1.0.0
FF - prefs.js..extensions.enabledAddons: preciseclearhistory@vano:1.2
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120515
FF - prefs.js..extensions.enabledAddons: superfish@superfish.com:1.2.0.16
FF - prefs.js..extensions.enabledItems: superfish@superfish.com:1.2.0.12
FF - prefs.js..extensions.enabledItems: pbupload@photobucket.com:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:6.0.1203
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: fmconverter@gmail.com:1.0.0
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.4.0
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\13\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\vosz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\vosz\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/22 19:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011/12/13 22:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012/12/26 10:23:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/14 16:14:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/14 16:14:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/14 16:14:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/14 16:14:35 | 000,000,000 | ---D | M]

[2011/01/19 21:59:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Extensions
[2012/10/20 11:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions
[2011/01/20 22:58:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/08 20:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASH
[2012/05/17 23:43:32 | 000,000,000 | ---D | M] (WOT) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/03/12 21:58:46 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/11/16 22:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\nostmp
[2011/10/16 17:14:13 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:creator="Matthew David Kesack" em:description="Upload images from the web directly to your Photobucket account." em:homepageURL="http://www.photobucket.com/" em:iconURL="chrome://photobucket/content/images/pb-logo.png" em:id="pbupload@photobucket.com" em:name="Photobucket Uploader" em:version="1.3.3">) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\pbupload@photobucket.com
[2012/07/19 20:49:08 | 000,000,000 | ---D | M] (WindowShopper) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\superfish@superfish.com
[2012/04/30 10:29:31 | 000,006,962 | ---- | M] () (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\preciseclearhistory@vano.xpi
[2012/01/05 18:19:54 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/03/19 20:56:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/22 19:45:11 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/12/13 22:55:04 | 000,000,000 | ---D | M] (Freemake Video Converter Plugin) -- C:\PROGRAM FILES\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX
[2012/06/16 08:38:27 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/02/06 20:58:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/13 18:17:29 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/02/06 20:58:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/09/17 12:32:55 | 000,001,467 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober692270.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\vosz\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Missing e = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
CHR - Extension: WOT = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\
CHR - Extension: YouTube = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: AdBlock = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\
CHR - Extension: avast! WebRep = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: RSS Subscription Extension (by Google) = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.0_0\
CHR - Extension: Tumblr Savior = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip\0.4.3_0\
CHR - Extension: Gmail = C:\Users\vosz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/12/28 14:45:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Accelerator Plugin) - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\PeoplePC Accelerated\prpl_IePopupBlocker.dll (Propel Software Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DT HPW] C:\Program Files\Portrait Displays\HP My Display\DTHtml.exe (Portrait Displays, Inc)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe (PC-Doctor, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} https://www.peoplepc...oad/ppcwebi.cab (PeoplePC Web Installer)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futur...eivers/FMSI.cab (Futuremark SystemInfo)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18E0DE6B-F98C-4384-B81D-04BE4BFF0052}: NameServer = 207.69.188.185,207.69.188.186
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\vosz\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\vosz\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/11 16:20:00 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (?)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/30 01:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Comodo
[2012/12/30 00:38:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
[2012/12/29 20:35:00 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\Absolutist
[2012/12/29 20:34:59 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\NVIDIA
[2012/12/28 14:50:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/28 14:27:14 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/12/28 14:20:32 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\vosz\Desktop\tdsskiller.exe
[2012/12/28 14:20:19 | 005,014,093 | R--- | C] (Swearware) -- C:\Users\vosz\Desktop\ComboFix.exe
[2012/12/27 18:44:48 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\vosz\Desktop\dds.com
[2012/12/24 17:59:28 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\The Deadly Device
[2012/12/24 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nancy Drew Prerequisites
[2012/12/24 17:49:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Her Interactive
[2012/12/24 17:49:11 | 000,000,000 | ---D | C] -- C:\Program Files\Her Interactive
[2012/12/22 09:59:49 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/22 09:59:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/15 15:10:04 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\MysteryAgency
[2012/12/14 16:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/14 16:31:02 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/14 16:30:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/14 16:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/12/14 16:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/12/14 16:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/12/13 11:50:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/13 11:50:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/13 11:50:14 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/13 11:50:14 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/13 11:50:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/13 11:50:12 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/13 11:50:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/13 11:50:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/13 11:47:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/13 11:47:14 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012/12/13 11:47:12 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/13 11:47:11 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/13 11:47:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/13 11:47:06 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/12 12:56:56 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/12 12:56:55 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/12 12:56:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012/12/12 12:56:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/07 18:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\GoldenTrails3TheGuardiansCreedPremiumEdition
[2012/12/06 16:20:51 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\DominiGames
[2012/12/04 12:56:56 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Roaming\island_tribe_4_realore_wild_tangent_en
[2012/12/04 03:41:28 | 000,035,064 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[2012/12/03 13:53:09 | 000,000,000 | ---D | C] -- C:\Users\vosz\AppData\Local\Farmington Tales
[2012/12/01 20:15:45 | 000,000,000 | ---D | C] -- C:\Users\vosz\Documents\MysteryAgencyII
[2012/12/01 12:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\IslandTribe4
[1 C:\Users\Public\Desktop\*.tmp files -> C:\Users\Public\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/31 11:20:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/31 11:01:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001UA.job
[2012/12/31 10:59:55 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/31 10:59:55 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/31 10:59:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/31 10:59:39 | 3217,534,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/30 23:01:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2992315687-346107145-2984242248-1001Core.job
[2012/12/30 01:20:06 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\AntiError.lnk
[2012/12/30 01:20:06 | 000,001,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/30 01:20:06 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2012/12/30 01:06:21 | 000,551,997 | ---- | M] () -- C:\Users\vosz\Desktop\adwcleaner.exe
[2012/12/30 00:38:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vosz\Desktop\OTL.exe
[2012/12/29 16:57:56 | 000,642,906 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/29 16:57:56 | 000,120,096 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/28 14:45:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/12/28 14:21:21 | 005,014,093 | R--- | M] (Swearware) -- C:\Users\vosz\Desktop\ComboFix.exe
[2012/12/28 14:21:01 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\vosz\Desktop\tdsskiller.exe
[2012/12/27 18:45:35 | 000,856,731 | ---- | M] () -- C:\Users\vosz\Desktop\SecurityCheck.exe
[2012/12/27 18:44:53 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\vosz\Desktop\dds.com
[2012/12/24 17:57:44 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Play The Deadly Device.lnk
[2012/12/24 17:57:44 | 000,001,699 | ---- | M] () -- C:\Users\Public\Desktop\Her Interactive.com.lnk
[2012/12/22 16:58:33 | 000,384,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/19 20:13:04 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\Windows\System32\certsentry.dll
[2012/12/16 08:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/16 05:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/14 16:32:00 | 000,001,626 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/13 12:05:04 | 000,002,039 | ---- | M] () -- C:\Users\vosz\Desktop\Google Chrome.lnk
[2012/12/13 12:05:04 | 000,002,001 | ---- | M] () -- C:\Users\vosz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/12/11 16:22:09 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/11 16:22:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/12/09 16:41:19 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForvosz.job
[2012/12/04 03:41:28 | 000,035,064 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\Windows\System32\drivers\CFRMD.sys
[1 C:\Users\Public\Desktop\*.tmp files -> C:\Users\Public\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/30 01:20:06 | 000,001,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2012/12/30 01:05:46 | 000,551,997 | ---- | C] () -- C:\Users\vosz\Desktop\adwcleaner.exe
[2012/12/27 18:45:22 | 000,856,731 | ---- | C] () -- C:\Users\vosz\Desktop\SecurityCheck.exe
[2012/12/24 17:57:44 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Play The Deadly Device.lnk
[2012/12/24 17:57:44 | 000,001,699 | ---- | C] () -- C:\Users\Public\Desktop\Her Interactive.com.lnk
[2012/12/13 11:47:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/13 11:47:33 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/09 12:15:50 | 000,002,880 | ---- | C] () -- C:\Users\vosz\.recently-used.xbel
[2012/08/26 13:24:31 | 000,000,032 | ---- | C] () -- C:\Users\vosz\jagex_cl_runescape_LIVE.dat
[2012/07/01 09:43:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/01 09:43:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/01 09:43:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/01 09:43:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/01 09:43:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/27 09:08:17 | 000,000,000 | ---- | C] () -- C:\Users\vosz\jagex__preferences3.dat
[2010/01/19 14:20:57 | 000,088,176 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/19 14:20:57 | 000,088,176 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/18 11:40:50 | 000,000,129 | ---- | C] () -- C:\Users\vosz\jagex_runescape_preferences2.dat
[2009/10/18 11:39:54 | 000,000,046 | ---- | C] () -- C:\Users\vosz\jagex_runescape_preferences.dat
[2009/08/19 16:24:34 | 000,000,092 | ---- | C] () -- C:\Users\vosz\AppData\Local\fusioncache.dat
[2008/11/01 10:59:17 | 000,009,268 | ---- | C] () -- C:\Users\vosz\AppData\Local\d3d9caps.dat
[2007/10/29 09:51:26 | 000,028,810 | ---- | C] () -- C:\Users\vosz\AppData\Roaming\wklnhst.dat
[2007/10/26 19:39:54 | 000,026,340 | ---- | C] () -- C:\Users\vosz\AppData\Roaming\UserTile.png
[2007/10/22 09:04:44 | 000,026,112 | ---- | C] () -- C:\Users\vosz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/12/28 15:38:03 | 000,026,899 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2012/12/30 01:13:45 | 000,027,202 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2007/09/11 16:20:00 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/09/11 16:41:49 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/12/28 14:50:06 | 000,020,524 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2009/07/22 17:49:32 | 000,000,745 | ---- | M] () -- C:\deltaStartup.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/12/31 10:59:39 | 3217,534,976 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2008/05/20 16:29:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/11/19 15:38:09 | 000,008,455 | ---- | M] () -- C:\JavaRa.log
[2008/05/20 16:29:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/11/08 12:31:32 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2008/11/08 12:31:32 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2008/11/08 12:31:32 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2008/11/08 12:31:32 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TM.blf
[2008/11/08 12:31:32 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TMContainer00000000000000000001.regtrans-ms
[2008/11/08 12:31:32 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{b744a142-adb6-11dd-abae-001d60724a36}.TMContainer00000000000000000002.regtrans-ms
[2012/12/31 10:59:35 | 3533,451,264 | -HS- | M] () -- C:\pagefile.sys
[2007/10/22 15:01:25 | 000,000,173 | ---- | M] () -- C:\pdisdk.log
[2012/12/28 15:37:04 | 000,128,330 | ---- | M] () -- C:\TDSSKiller.2.8.15.0_28.12.2012_15.35.31_log.txt
[2008/11/06 13:39:20 | 000,000,011 | ---- | M] () -- C:\trace.ini
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-12-31 16:11:55

< %systemdrive%\Qoobox\Quarantine\*.* /s /md5 >
[2012/12/28 14:31:34 | 000,000,124 | ---- | M] () MD5=60B51DFCECBF67246BCA015DCC347923 -- C:\Qoobox\Quarantine\catchme.log
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) MD5=520A6D1CBCC9CF642C625FE814C93C58 -- C:\Qoobox\Quarantine\C\install.exe.vir
[2012/07/01 10:12:14 | 000,000,090 | ---- | M] () MD5=66C7A13A6C0809864C1BFFFEA9E53795 -- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ISW.reg.dat
[2012/12/28 14:47:09 | 000,000,178 | ---- | M] () MD5=4F29120614F0751F6CD11FCC601F2A0E -- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-tvncontrol.reg.dat
[2012/12/28 14:47:09 | 000,000,281 | ---- | M] () MD5=9CD2D0C808C868E19455CC1FFF431BBA -- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-ZoneAlarm Installer.reg.dat
[2012/12/28 14:47:18 | 000,000,534 | ---- | M] () MD5=2C91C93593550D637474DB42EF465A2D -- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfPf.reg.dat
[2012/12/28 14:47:18 | 000,000,534 | ---- | M] () MD5=743E549FE6034DCFF7CA2FE10C34F390 -- C:\Qoobox\Quarantine\Registry_backups\SafeBoot-WudfRd.reg.dat
[2012/12/28 14:40:21 | 000,003,968 | ---- | M] () MD5=0B99E4D315596501590189087DB23247 -- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg

========== Alternate Data Streams ==========

@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:AECF4772
@Alternate Data Stream - 175 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 169 bytes -> C:\ProgramData\TEMP:177313FB
@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:8BE7A048
@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:BE40C8A2
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:B845F669
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:0EC7A545
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:737160C1
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5F280981
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:05773093
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E50C1642
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6972373C
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:5C446484
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:2EF99E25
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:0C19FC3F
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9943177D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:5BB2BD38
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:6B181B84
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:22A44AC3
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5D32EBFF
@Alternate Data Stream - 1014 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\View Baldur's Gate: Tales of The Sword Coast Readme.lnk
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3EA10C5C

< End of report >



OTL Extras logfile created on: 12/30/2012 1:23:46 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vosz\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.65 Gb Available Physical Memory | 55.11% Memory free
6.21 Gb Paging File | 4.79 Gb Available in Paging File | 77.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.71 Gb Total Space | 243.10 Gb Free Space | 53.23% Space Free | Partition Type: NTFS
Drive D: | 9.05 Gb Total Space | 0.90 Gb Free Space | 9.92% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: vosz | Logged in as Administrator.
Boot Mode

Edited by Mahvra, 31 December 2012 - 11:52 AM.


#17 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 31 December 2012 - 11:51 AM

regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D596C77-8C00-4FE2-BF40-8DABA3B002D7}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv™ media server discovery |
"{161CA7BC-360B-4ACB-8E1B-A077357088B9}" = rport=139 | protocol=6 | dir=out | app=system |
"{1ED2D791-AC26-4BE3-9B62-D0F17D09FF42}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv™ media server upnp discovery |
"{4C91C913-8C1C-45BD-AE1D-7E25DCC3C04F}" = lport=138 | protocol=17 | dir=in | app=system |
"{5FAAF92F-BC0F-4DD5-99E0-6EC110B5AB19}" = lport=445 | protocol=6 | dir=in | app=system |
"{8079E77C-F046-4B92-BE77-87CB9D109A23}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9558EBFC-A92E-4BC1-BF3A-6021B68DF890}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{959D7113-BE3E-4BBD-97F3-ECA621C84804}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9AE964BB-4DDA-4977-82D0-072F4D2BE88F}" = rport=138 | protocol=17 | dir=out | app=system |
"{CD552C3D-9615-44D5-B100-6FADC32F45EB}" = rport=445 | protocol=6 | dir=out | app=system |
"{D78A220C-A51C-4621-879B-7532C7899816}" = rport=137 | protocol=17 | dir=out | app=system |
"{DC9AA87E-2627-43CF-8976-BB5004E4D1B4}" = lport=137 | protocol=17 | dir=in | app=system |
"{EE9258D6-8333-4402-8572-1069C010891D}" = lport=139 | protocol=6 | dir=in | app=system |
"{F8C675BA-23AA-4180-8E25-E5C2C05F59E8}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A993EC-BA76-42B5-9414-B3F2E3C05533}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{0527CB09-2BC2-47B7-B011-EA73F79F33D9}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0ABF0FC6-61FD-4E00-8E01-EE5D80302D8C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0B0153C3-4BE9-46F4-834B-15808FC4E469}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{0D6B3874-31D6-4ACC-BBAD-BB27B47629D5}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{0E2AD1AC-2201-4C3F-9556-62EE8EF62A25}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{1911B5C5-DC97-4995-B75E-C0EE594D0481}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{21E7655B-8D38-4E6B-A561-65DFC8EAB713}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{24529872-4BFE-405C-98DE-06F943377ED1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{263554A4-9602-4824-A169-456BAAEEE246}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{2697011C-7C45-4C55-828C-127C53A65262}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{2E2AC41B-C6A6-48F0-A9E2-290AC8963FA7}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{34B75B2E-ACD2-4190-AAE5-C84AE25CB85B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3AC07892-5CBD-4C0F-8F3D-8E423F4684BC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3D0017FB-FE56-4B08-809A-7846844D8CDF}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{3E92D1B7-E23C-45AA-8CD4-70972BAA08B1}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{488F9BCB-A4A8-4B3A-A9AE-4747877ED82C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{4A44AE59-3D7F-4013-9FEE-7E58EF5662A9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{521742B2-C746-42CB-81F9-14254C7C0798}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{5223C32E-1F04-4976-B3F5-3D04A669DBE0}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{5B353278-1CDA-4742-8468-FEC2F78B436D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{606B9243-BF44-46E7-88F3-9344E7840004}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire entrenchment.exe |
"{62564648-C7EF-47BE-BC30-009B68939C48}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{6510870F-4360-49ED-96B2-5C89CD231EF6}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{690B5A1F-BED3-4D88-99DF-BC306428EA90}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{71053E66-A971-4D3B-A5AB-8CC0FE129D48}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{72AD63A7-9597-4A3F-A8FF-4E0F64D67900}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{74148C69-D87B-45A0-97DA-595AC833E94E}" = protocol=17 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
"{7A325085-D39F-4BDE-97D9-7C0640457DED}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{7F28ACA2-A946-48CC-8D59-B254A9B6E1DA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{81655ECA-55FE-4D26-B769-F3B7E71C7A0E}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{82408E6F-FC8C-4EA9-AB9F-1748593DBFB5}" = protocol=6 | dir=in | app=c:\program files\common files\comodo\geekbuddyrsp.exe |
"{8818DFF9-165E-414A-8BAD-AB59979256B1}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8C04A839-C843-49CE-944C-EA11FEEE1163}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{901C522F-3C1D-4C18-94A1-71329EF03724}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire diplomacy.exe |
"{9077BB87-CA58-46D2-AB9B-7BF445108DC8}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9D4C4060-07FA-45EE-90F8-CDA222E669BA}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{9E121A32-C568-46DB-B9A9-31733CF0594D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{9E35D132-FDB9-4B36-A340-DDE07EDE12B4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{9E63F931-2D8E-4CE4-BDBE-EFB5E48D15F5}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{9FEC4D28-4313-4BE7-9A80-F7B83B856D45}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A80D9DF9-B97C-4D8F-8BC6-D6678CA9CFAE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AB4EC6ED-92DF-4D65-A1F7-49B94E79ADFB}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B17E7C86-EA82-4C0F-A990-B71E89F2391A}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B2289A52-9A3C-48AB-9F2C-673898AFBB39}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B23B3DEC-A841-427F-B5BB-8E1A778F1ABD}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B37864F9-C6D2-4857-B2A2-CA6D308895D0}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{B6DA95D3-81C3-414E-88ED-D8CAA6B4EA65}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BB03A07D-DFD6-423F-A71D-894B54B93A92}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{BC682AFC-BCC4-434E-91AB-4389162A62D4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C3C4E888-81F1-48A5-82E8-30E36C088150}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C5A5E946-027D-47B5-8CD3-A79993AC20E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\portal 2\portal2.exe |
"{C957E975-8944-4FC2-9AAB-A2920BCA9366}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D078CD8C-C57E-4BD7-B5B9-34174E56D539}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{D12C503B-B329-4D13-ADBD-F9FF0EB35A05}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D282F648-7BC6-4E59-B2F6-13569F20592E}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{D44CF239-2578-4BC3-B3F1-AF744EDFA402}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E3ECE95A-3786-4C19-BB59-CE46D9B0DCA9}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E703E613-1475-40D2-9F11-24560339E577}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{EFC0B64D-F0C8-44C1-B3B6-5208B5842E97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F1DACD24-584E-4A6F-A059-F8F258379B4E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{FA8E0001-F5C7-4628-94EB-1C861AC0AB4E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{12ED785F-D5BF-4E79-95C4-7A04EC635A47}C:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=6 | dir=in | app=c:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe |
"TCP Query User{1E18F529-A011-4C9E-9B64-FA5B7F7212D6}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{4A9FB18B-DAF5-4056-9FC9-C324016B6FED}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"TCP Query User{4FE5A4FC-BDB3-4C9F-A4F2-9937897C8B2E}C:\users\vosz\desktop\launcher\anime\video\utorrent.exe" = protocol=6 | dir=in | app=c:\users\vosz\desktop\launcher\anime\video\utorrent.exe |
"TCP Query User{5D06686F-4475-43B6-B83A-8B071405134B}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=6 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"TCP Query User{61657C94-E7B0-4AF9-930C-966876922BB7}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{658F7B07-38EA-4945-96BE-4DB1BA0DDD82}C:\program files\activision\rome - total war\rometw.exe" = protocol=6 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"TCP Query User{6EDD5C95-D551-4963-8023-BF0377C6B3F4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{835D8143-34A6-4212-BEB2-D71A0E5C24DC}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=6 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"TCP Query User{9E47B9D8-CFDA-4D38-9909-875585734B31}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{B7C6F04D-B76F-40C4-92F9-D34DC7E7843C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{EBDF834E-C7CC-4FF1-A71A-8A65943D9B5F}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F3D3C197-DBD0-459F-AFCA-2697A5760424}C:\program files\baldursgatetutu\bgmain.exe" = protocol=6 | dir=in | app=c:\program files\baldursgatetutu\bgmain.exe |
"UDP Query User{308F739D-B639-48BC-9326-0906A5A64EA9}C:\program files\activision\rome - total war\rometw.exe" = protocol=17 | dir=in | app=c:\program files\activision\rome - total war\rometw.exe |
"UDP Query User{35466D7D-C23D-4494-97FD-18935B9A5B8B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3D96D130-5F3C-4974-8BC3-AF458A62D485}C:\program files\turbine\ddo unlimited\dndclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\ddo unlimited\dndclient.exe |
"UDP Query User{5EF90B3C-B038-4718-8DC9-28ECE8D4358E}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=17 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"UDP Query User{68E3E6E4-715E-4B95-A8B6-8F8294D50D1C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{74400DF6-5130-434C-B895-5ACCAFEB8291}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{7959BA9A-BF1F-4E39-9476-8055BFBB0A43}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"UDP Query User{A19F3363-56DD-40DB-8734-CB68A0ADE796}C:\program files\baldursgatetutu\bgmain.exe" = protocol=17 | dir=in | app=c:\program files\baldursgatetutu\bgmain.exe |
"UDP Query User{B91C7AE4-A212-4220-B69E-56C5B349177D}C:\users\vosz\desktop\launcher\anime\video\utorrent.exe" = protocol=17 | dir=in | app=c:\users\vosz\desktop\launcher\anime\video\utorrent.exe |
"UDP Query User{C1918204-EFB7-4CF7-9405-3C2D0EC79255}C:\program files\netbattle supremacy\pokebattle.exe" = protocol=17 | dir=in | app=c:\program files\netbattle supremacy\pokebattle.exe |
"UDP Query User{CE81B11A-488D-4324-8D86-84B698892EDF}C:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe" = protocol=17 | dir=in | app=c:\users\vosz\desktop\launcher\downloads and cds\yuleech-runes_of_magic_3_0_5_2262.exe |
"UDP Query User{F4985D16-830B-4760-BFDE-3E24862AB2F4}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{FC01BC33-697D-4189-AFDD-2F1FEA59D40D}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0283EDE1-D8A9-4F64-A035-5E35B4DD199A}_is1" = CLANNAD Full Voice 1.5
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}" = HP Total Care Advisor
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0FE6B77F-54CD-45ED-BB64-A99477B0A8F1}" = 5600
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{15733AD1-1CEF-459A-9245-0924FC63BDD5}" = HP My Display
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{25F6C900-C138-4888-A56C-91D3D063023A}" = HP Update
"{2605461E-AB2E-49F5-8A16-64B7F3595030}" = 5600Trb
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{335B1821-D274-4EFD-9EFE-3C0FD38EBE65}" = BN eReader
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galactic Adventures
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{750B354A-BF46-45E0-86D6-620026703B92}" = Nancy Drew: The Haunted Carousel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7DCBC3D8-8954-491D-A1B9-8C61C563B004}" = 5600_Help
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C9B562A-A7B8-4251-A0E1-638C1DF4C7D5}" = Neverwinter Nights Demo
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.0 beta 1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
"{A03DF2C3-F14C-4819-A328-77FA66B811CF}" = GeekBuddy
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A59BB15D-51B7-F12B-4548-8C0368243441}" = EA Download Manager UI
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6B3DBA6-346F-4D06-B4C8-327F48AA701D}" = PeoplePC Accelerated
"{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate™ II - Throne of Bhaal ™
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200
"{BCD434CF-447A-42A8-A4C3-D929fE776EFD}" = Nancy Drew: The Deadly Device
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Creepy & Cute Parts Pack
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E62381A7-B1C1-4121-8262-84D38C77786C}" = COMODO Internet Security
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}" = Sins of a Solar Empire
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F26615EF-AF0A-486C-99C9-B65C8C401EBC}" = EuroTalk Talk Now!
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
"{FC7DA8F9-9AF6-4D55-B42D-B72CF88153E6}" = Election Day
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1001 Japanese Crosswords" = 1001 Japanese Crosswords
"1001 Tangram Puzzles" = 1001 Tangram Puzzles
"15b35190-c6f9-11d9-9669-0800200c9a66_is1" = Dungeons & Dragons Online ®: Eberron Unlimited ™ v01.12.00.803
"2002 Games" = 2002 Games
"2002 Kakuro Puzzles" = 2002 Kakuro Puzzles
"2002 Pentamino Puzzles" = 2002 Pentamino Puzzles
"2002 Space Out Games" = 2002 Space Out Games
"2002 Sudoku Games" = 2002 Sudoku Games
"500 Solitaire Games" = 500 Solitaire Games
"7-Zip" = 7-Zip 9.20
"ACD/Labs Software(1)" = ACD/Labs Software 5 (C:\ACDFREE5)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"avast" = avast! Free Antivirus
"Baldur's Gate" = Baldur's Gate
"Baldur's Gate Tutu" = Baldur's Gate Tutu
"BFGC" = Big Fish Games: Game Manager
"Brain Games Brain Teasers" = Brain Games Brain Teasers
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"Comodo Dragon" = Comodo Dragon
"DAEMON Tools Lite" = DAEMON Tools Lite
"Democracy 2 Demo_is1" = Democracy 2 Demo
"EA Download Manager" = EA Download Manager
"EASy68K" = EASy68K 5.12.5
"egamestoolbar" = eGames Toolbar
"Farm Frenzy 2" = Farm Frenzy 2
"Freemake Video Converter_is1" = Freemake Video Converter version 3.0.0
"Game Maker 7.0" = Game Maker 7.0
"GamesBar" = GamesBar 2.0.1.55
"GameSpy Arcade" = GameSpy Arcade
"Guild Wars" = Guild Wars
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"Immortal Lovers" = Immortal Lovers
"Impulse" = Impulse
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War™
"Intel® Configuration Center" = Intel® Viiv™ Software
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.14
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Monopoly Here & Now Edition" = Monopoly Here & Now Edition
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OMGWTFOTL" = OMGWTFOTL 1.0E
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"P4E8_DEMO_is1" = President Forever 2008 + Primaries Demo - v. 1.6.0.4
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PeoplePC Online" = PeoplePC Online
"Rhapsody" = Rhapsody
"Roads of Rome III" = Roads of Rome III
"RPGToolkit3" = RPGToolkit, Version 3.1.0
"RSKDL" = Risk (remove only)
"Sandlot Games Client Services_is1" = Sandlot Games Client Services
"SCRABBLE" = SCRABBLE
"Sega Smash Pack II" = Sega Smash Pack II
"SEGAGenesisClassics" = SEGA Genesis Classics
"Sins of a Solar Empire" = Sins of a Solar Empire
"Sins of a Solar Empire - Diplomacy" = Sins of a Solar Empire - Diplomacy
"Sins of a Solar Empire - Entrenchment" = Sins of a Solar Empire - Entrenchment
"SpywareBlaster_is1" = SpywareBlaster 4.6
"Steam App 400" = Portal
"Steam App 620" = Portal 2
"Treasure Masters, Inc." = Treasure Masters, Inc.
"VLC media player" = VLC media player 1.1.5
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinGimp-2.0_is1" = GIMP 2.6.11
"WTA-23d9419f-0d3d-4924-ae7c-fa2f31586faa" = Cruel Games: Red Riding Hood
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Tales Of Worlds 1.6" = Tales Of Worlds 1.6

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/30/2012 12:01:41 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8096

Error - 12/30/2012 12:01:41 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8096

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9110

Error - 12/30/2012 12:01:42 AM | Computer Name = home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9110

Error - 12/30/2012 2:06:51 AM | Computer Name = home-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module dthook.dll_unloaded, version 0.0.0.0, time stamp 0x462fad59,
exception code 0xc0000005, fault offset 0x03893112, process id 0xf84, application
start time 0x01cde5dbd3a2aa58.

Error - 12/30/2012 4:01:40 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 12/30/2012 4:01:43 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 1023
Description =

Error - 12/30/2012 4:02:38 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 11706
Description =

Error - 12/30/2012 4:02:42 AM | Computer Name = home-PC | Source = MsiInstaller | ID = 1023
Description =

[ Media Center Events ]
Error - 6/9/2008 1:23:32 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/28/2008 9:45:50 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/27/2008 7:55:22 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/26/2008 10:47:12 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/9/2009 7:28:01 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/9/2009 11:46:22 AM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 7/14/2009 7:26:32 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 1:58:34 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/11/2009 10:42:53 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2011 2:44:47 PM | Computer Name = home-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 12/29/2012 6:55:09 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:56:30 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:59:00 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 6:59:32 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 8:35:28 PM | Computer Name = home-PC | Source = DCOM | ID = 10016
Description =

Error - 12/29/2012 11:53:58 PM | Computer Name = home-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 12/30/2012 2:17:04 AM | Computer Name = home-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/30/2012 2:20:11 AM | Computer Name = home-PC | Source = Service Control Manager | ID = 7024
Description =

Error - 12/30/2012 4:01:54 AM | Computer Name = home-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 12/30/2012 4:03:25 AM | Computer Name = home-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >

#18 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 04 January 2013 - 03:22 AM

Hi Mahvra,

The OTL log does not show signs of an infection. The following instructions will remove some leftovers.

How often does avast show these disable notifications? Do you recognize any pattern?


Please run OTL.exe.
  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL
    SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    IE - HKCU\..\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}: "URL" = http://search.avg.co...e}&iy=&ychte=us
    IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.st...q={searchTerms}
    IE - HKCU\..\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}: "URL" = http://websearch.ask...D8-6C4E331E6861
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 8118
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
    [2011/03/08 20:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASH
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
    O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe File not found
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
    
    :Files
    type C:\autoexec.bat /c
    
    :Commands
    [EmptyTemp]
    
  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

====

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the Posted Image to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
====

In your next post, please include
  • The OTL fix log
  • The ESET log file


#19 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 06 January 2013 - 12:18 PM

Avast seems to show these notifications very infrequently, and I'm not sure of any pattern. I think maybe it might be usually happening soon after the computer is turned on? Though it doesn't always happen under those circumstances, so I really don't know.

 

I think it started happening after I did a major update to avast, so like I said in the original post it might just be a glitch. Though I would think they'd have fixed it with another update by now, since that was at least a month ago... 

 

I just wanted to make sure it wasn't malware causing the problem, since that's usually what would attempt to shut an anti-virus down like that. Thanks for confirming that my computer isn't infected!

As for the fixes and scans, OTL.exe stopped responding in the middle of the scan and I had to reboot the computer (not because the program prompted me, but because the program seemed to have shut down windows explorer so I couldn't do anything until I rebooted). Should I run it again? When I rebooted it all I got was this in a notepad file:

 

 

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...


#20 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 07 January 2013 - 11:33 AM

As for the fixes and scans, OTL.exe stopped responding in the middle of the scan and I had to reboot the computer (not because the program prompted me, but because the program seemed to have shut down windows explorer so I couldn't do anything until I rebooted). Should I run it again?

Yes, please try it again. Let me know if OTL stalls again.

====

Please open Notepad.
  • Copy the text in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    type "%PROGRAMDATA%\AVAST Software\Avast\log\EventLog.log" > "%USERPROFILE%\Desktop\log.txt"
    "%WINDIR%\notepad.exe" "%USERPROFILE%\Desktop\log.txt"
    
  • Return to Notepad, right click and choose Paste.
  • Click File->Save As and save it to script.bat to your Desktop.
  • Double click script.bat on your Desktop to execute it.
  • A Notepad window will appear. Copy the contents of the log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.


#21 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 27 January 2013 - 05:42 PM

I'm really sorry, my semester of college started, and that completely distracted me from this. Anyway, ESET detected no threats, and the OTL log: (I'll do the Avast part, too, once I have the chance)



All processes killed
Error: Unable to interpret <:OTLSRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\vosz\AppData\Local\Temp\catchme.sys -- (catchme)DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)IE - HKCU\..\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}: "URL" = http://search.avg.co...> in the current context!
Error: Unable to interpret <e}&iy=&ychte=usIE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://mumbojumbo.st...{searchTerms}IE - HKCU\..\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}: "URL" = http://websearch.ask...-6C4E331E6861IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.localFF - prefs.js..network.proxy.http: "127.0.0.1"FF - prefs.js..network.proxy.http_port: 8118FF - prefs.js..network.proxy.no_proxies_on: "*.local"FF - prefs.js..network.proxy.type: 0FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found[2011/03/08 20:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASHO2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value fo> in the current context!
Error: Unable to interpret <und.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not foundO4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe File not foundO15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.:Filestype C:\autoexec.bat /c:Commands[EmptyTemp]> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 01272013_120244
 
Files\Folders moved on Reboot...
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...

 

Edited by Mahvra, 27 January 2013 - 05:43 PM.


#22 ler

ler

    SWI Junkie

  • Helper Trainee+
  • PipPipPipPip
  • 318 posts

Posted 30 January 2013 - 04:50 AM

I'm really sorry, my semester of college started, and that completely distracted me from this.

 
No problem :thumbup:

Unfortunately the board messed up the OTL fix. Here is the fix correctly formatted:

====

Please run OTL.exe.
  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    :OTL
    IE - HKCU\..\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}: "URL" = [url=http://search.avg.co...e}&iy=&ychte=us]http://search.avg.co...e}&iy=&ychte=us[/url]
    IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = [url=http://mumbojumbo.st...q={searchTerms}]http://mumbojumbo.st...q={searchTerms}[/url]
    IE - HKCU\..\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}: "URL" = [url=http://websearch.ask...D8-6C4E331E6861]http://websearch.ask...D8-6C4E331E6861[/url]
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
    FF - prefs.js..network.proxy.http: "127.0.0.1"
    FF - prefs.js..network.proxy.http_port: 8118
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
    [2011/03/08 20:29:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASH
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
    O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\Gamesbar\SearchEngineProtection.exe File not found
    O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
    
    :Files
    type C:\autoexec.bat /c
    
    :Commands
    [EmptyTemp]
    
  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
  • If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


#23 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 02 March 2013 - 09:40 PM

I actually haven't noticed any symptoms in the last few weeks, oddly enough, thus why I completely forgot about this until now. Anyway, here's the log:

(Edit: And of course a single day after I post this log, I notice the symptoms again. So nevermind, this computer still has a problem. Sigh...)



All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{20715055-D3F1-423F-BC63-BEE51C90F40C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20715055-D3F1-423F-BC63-BEE51C90F40C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF5EDCAD-1E68-4347-B96B-2D0D6F5FA42D}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "127.0.0.1" removed from network.proxy.http
Prefs.js: 8118 removed from network.proxy.http_port
Prefs.js: "*.local" removed from network.proxy.no_proxies_on
Prefs.js: 0 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ not found.
Folder C:\Users\vosz\AppData\Roaming\Mozilla\Firefox\Profiles\a2e7wxeq.default\extensions\{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}-TRASH\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CCUTRAYICON not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SearchEngineProtection not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
< type C:\autoexec.bat /c >
REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
C:\Users\vosz\Desktop\cmd.bat deleted successfully.
C:\Users\vosz\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: IUSR_NMPR
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: vosz
->Temp folder emptied: 125416756 bytes
->Temporary Internet Files folder emptied: 429329005 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 385169063 bytes
->Flash cache emptied: 16529 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 91459021 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4810759 bytes
 
Total Files Cleaned = 988.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 03022013_203007
 
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\nmsmc_DQLWinService.log scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...

Edited by Mahvra, 03 March 2013 - 12:37 PM.


#24 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Administrators
  • PipPipPipPipPip
  • 15,821 posts

Posted 10 March 2013 - 11:36 AM

Hi,

 

ler is currently unavailable so I will be answering you.

 

And of course a single day after I post this log, I notice the symptoms again. So nevermind, this computer still has a problem.

 

To assist me in catching up, please describe the symptoms to me as precisely as you can.

Thanks.

 

jedi


jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#25 Mahvra

Mahvra

    Member

  • Full Member
  • Pip
  • 54 posts

Posted 10 March 2013 - 08:26 PM

I'm not sure if I have a malware infection or if my anti-virus is just being glitchy, but my Avast antivirus has lately been occasionally displaying a pop-up window saying that something is trying to shut it down, and that if I am not responsible, I should say "no." I obviously do not tell Avast to shut down.

This usually displays soon after I turn on the computer.



#26 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Administrators
  • PipPipPipPipPip
  • 15,821 posts

Posted 11 March 2013 - 06:12 AM

Hi,

 

Looking over the topic it doesn't look like this is caused by malware, but I would like to run one further check, please go here:

http://www.bleepingc...s-anti-rootkit/

 

and follow the instructions to scan your computer with MBAM Anti-Rootkit.

 

Please read the Introduction section, then follow the steps in the How to use Malwarebytes Anti-Rootkit to remove Rootkits section. Please post the resultant log, which can be found in the MBAR - version number folder on your desktop, and is named mbar-log.

 

Next, open Avast by clicking on the orange Avast icon in your system-tray. Click on the Maintenance tab. Click on About and please tell me the Program Version number.

Next, click on Scan Logs and tell me the date on the last completed scan, assuming there are any.

 

jedi


jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.

#27 jedi

jedi

    aequam memento rebus in arduis servare mentem

  • Administrators
  • PipPipPipPipPip
  • 15,821 posts

Posted 22 May 2013 - 06:40 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
jedi

My help is free, but if you wish to help keep these forums running please consider a donation, see This Topic for details.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button