Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirection


  • This topic is locked This topic is locked
30 replies to this topic

#1 RestoChesto

RestoChesto

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 24 July 2012 - 05:59 PM

Hello, I have a Google redirect virus, and I've noticed a lot of people here mentioning it. I've followed all these constant steps, and nothing has worked, not even ComboFix. That said, the one thing that did stop it was a delfiles.bat script I saw in one of the threads, but after rebooting my computer this morning, the virus is back. Can anyone help me?

Avast sees nothing. MalwareBytes sees nothing. ESRT (or whatever that online one is) sees nothing. OTL, nothing.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,012 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:21 PM

Posted 24 July 2012 - 10:15 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,744 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 29 July 2012 - 06:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/462313 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 31 July 2012 - 08:47 PM

I still need assistance. The problem seemed to go away, but now is happening as often as every seven links or so. Attached is the DDS log. I'm on 64-bit Windows 7, so no GMER log.

Attached Files



#5 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 01 August 2012 - 10:11 AM

Hi RestoChesto,

My name is etavares and I'll be helping you with this thread. The ZIP file you attached appears to be corrupted. First, please re-run DDS and copy/paste the contents of the DDS.txt directly into your reply. You can attach attach.txt as before, but please do not compress or ZIP it. Just attach the TXT file directly.

Now that we are working together, please try to respond in 1-2 days. Please only follow my instructions and do not do any changes that I do not instruct you do to. Otherwise, I won't know the current state of your system and we may even work against each other unknowlingly and damage your computer.

THanks,
-etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#6 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 04 August 2012 - 02:07 PM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_32
Run by Owner at 15:00:49 on 2012-08-04
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7928.4968 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\AltDrag\AltDrag.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\GmoteServer\GmoteServer.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\system32\conhost.exe
C:\Users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Users\Owner\Downloads\Xpadder [5.7]\Xpadder [5.7].exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Qbyrd Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Qbyrd Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: TextAloud: {f053c368-5458-45b2-9b4d-d8914bdddbff} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [googletalk] C:\Users\Owner\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [MusicManager] "C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [AltDrag] "C:\Program Files (x86)\AltDrag\AltDrag.exe"
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GMOTES~1.LNK - C:\Program Files (x86)\GmoteServer\GmoteServer.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERS~1.LNK - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38e51477-ddb4-4aed-9d61-d0c193e10749}\inprocserver32 does not exist!
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F389F118-AFF0-4ACC-ABBD-6009B97747A0} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F389F118-AFF0-4ACC-ABBD-6009B97747A0}\365737865697 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F389F118-AFF0-4ACC-ABBD-6009B97747A0}\A45627F6D656 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F389F118-AFF0-4ACC-ABBD-6009B97747A0}\C696E6B6379737 : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO-X64: HelloWorldBHO - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Qbyrd Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Qbyrd Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: Qbyrd Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: TextAloud: {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun-x64: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\SmileyCentral_1vEI\Installr\5.bin\NP1vEISb.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - 9d780170-1ce7-4c9e-9dc5-b7b099eaf104
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,DropDownDeals,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-7-14 8704]
R0 ahcix64s;ahcix64s;C:\Windows\system32\DRIVERS\ahcix64s.sys --> C:\Windows\system32\DRIVERS\ahcix64s.sys [?]
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\system32\Drivers\BtHidBus.sys --> C:\Windows\system32\Drivers\BtHidBus.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2011-3-26 401920]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-6-27 365568]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-3-16 122880]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-7-23 44808]
R2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-6-4 143467]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2009-9-26 819600]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]
R2 HOSTNT;HOSTNT;\??\C:\Windows\system32\drivers\hostnt.sys --> C:\Windows\system32\drivers\hostnt.sys [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-23 655944]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
R2 OxygenAudioDevMon;Oxygen Audio Device Monitor;C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [2010-3-4 1632776]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-9-23 447848]
R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-20 2666880]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-3-19 127272]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 CamdAudio;CamdAudio;C:\Windows\system32\drivers\CamdAudio.sys --> C:\Windows\system32\drivers\CamdAudio.sys [?]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\system32\DRIVERS\vrtaucbl.sys --> C:\Windows\system32\DRIVERS\vrtaucbl.sys [?]
R3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\system32\Drivers\IvtBtBus.sys --> C:\Windows\system32\Drivers\IvtBtBus.sys [?]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\system32\DRIVERS\mcvidrv_x64.sys --> C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\system32\drivers\mcaudrv_x64.sys --> C:\Windows\system32\drivers\mcaudrv_x64.sys [?]
R3 OXYGEN;Service for M-Audio Oxygen;C:\Windows\system32\DRIVERS\MAudioOxygen.sys --> C:\Windows\system32\DRIVERS\MAudioOxygen.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
R3 sftfs;sftfs;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys [2009-9-23 712536]
R3 sftplay;sftplay;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-9-23 261480]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 sftvol;sftvol;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys [2009-9-23 17752]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-9-23 203608]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-25 135664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-18 250056]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-5-6 1030600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-25 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-28 113120]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-9-26 4924336]
S3 SMServer;SMServer;C:\Windows\SysWOW64\snmvtsvc.exe [2010-6-29 237568]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2073-10-27 14:55:34 2404352 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\haloce.exe
2073-10-27 14:55:34 1835008 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\haloceded.exe
2073-10-27 14:55:34 1118208 ----a-w- C:\Program Files (x86)\Microsoft Games\Halo Custom Edition\Strings.dll
2012-08-04 18:11:46 -------- d-----w- C:\Program Files\Microsoft Xbox 360 Accessories
2012-08-02 20:04:59 -------- d-----w- C:\Users\Owner\com.moo.android.inputmethod.latin.free-26-1.0.15.2
2012-08-02 20:04:13 69 ----a-w- C:\Windows\apktool.bat
2012-08-02 20:04:13 5445617 ----a-w- C:\Windows\aapt.exe
2012-07-27 15:00:16 -------- d-----w- C:\Program Files\iPod
2012-07-27 15:00:15 -------- d-----w- C:\Program Files\iTunes
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-27 14:55:40 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-07-27 00:58:55 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\offreg.dll
2012-07-23 19:24:59 -------- d-----w- C:\Program Files (x86)\ESET
2012-07-23 19:03:15 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes
2012-07-23 19:03:05 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-23 19:03:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-23 19:03:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-23 17:16:26 -------- d-----w- C:\$RECYCLE.BIN
2012-07-23 15:57:30 98816 ----a-w- C:\Windows\sed.exe
2012-07-23 15:57:30 518144 ----a-w- C:\Windows\SWREG.exe
2012-07-23 15:57:30 256000 ----a-w- C:\Windows\PEV.exe
2012-07-23 15:57:30 208896 ----a-w- C:\Windows\MBR.exe
2012-07-23 15:48:42 -------- d-----w- C:\ComboFix
2012-07-23 14:26:47 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-07-23 14:25:26 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-07-22 18:02:23 53248 ----a-r- C:\Users\Owner\AppData\Roaming\Microsoft\Installer\{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}\ARPPRODUCTICON.exe
2012-07-20 14:52:38 -------- d-----w- C:\Users\Owner\AppData\Local\{9B67A214-D20E-4FA7-A624-FBE415950D75}
2012-07-20 14:52:04 -------- d-----w- C:\Users\Owner\AppData\Local\{579A4486-6163-4266-81F8-98D344282480}
2012-07-20 13:14:36 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\mpengine.dll
2012-07-19 17:17:27 -------- d-----w- C:\Users\Owner\AppData\Local\Electronic Arts
2012-07-19 14:15:45 -------- d-----w- C:\Users\Owner\AppData\Local\{73717872-29DE-4D3F-881F-5D0A003DCA09}
2012-07-19 14:15:11 -------- d-----w- C:\Users\Owner\AppData\Local\{EAE1067E-AF43-4D82-9789-C6C1146C86AD}
2012-07-18 14:38:08 -------- d-----w- C:\Users\Owner\AppData\Local\{0BA196A3-29D9-408C-968C-4AF5A63D5A9B}
2012-07-18 14:37:33 -------- d-----w- C:\Users\Owner\AppData\Local\{DB148354-A08B-4CED-BE55-FF17B313ACF9}
2012-07-17 19:31:09 -------- d-----w- C:\Users\Owner\AppData\Local\{7544579E-14D5-4591-BB77-C2A9440EC82D}
2012-07-17 19:30:37 -------- d-----w- C:\Users\Owner\AppData\Local\{5837DE28-5537-431C-981F-0DBD3967A86C}
2012-07-16 16:13:42 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe
2012-07-16 15:11:09 -------- d-----w- C:\Users\Owner\AppData\Local\{F5B66657-6EEB-4CAD-AC9B-5BF67986E794}
2012-07-16 15:10:57 -------- d-----w- C:\Users\Owner\AppData\Local\{A41BD798-6A0E-416F-B8D6-022CE0B21973}
2012-07-16 14:55:48 -------- d-----w- C:\Windows\en
2012-07-16 14:51:39 19736 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-16 14:47:32 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2012-07-16 14:47:32 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2012-07-16 14:47:31 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
2012-07-16 14:47:31 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2012-07-16 14:42:56 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\DSETUP.dll
2012-07-16 14:42:56 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\DXSETUP.exe
2012-07-16 14:42:56 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\dsetup32.dll
2012-07-16 14:42:49 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\DXSETUP.exe
2012-07-16 14:42:48 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\DSETUP.dll
2012-07-16 14:42:48 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\dsetup32.dll
2012-07-16 14:41:32 -------- d-----w- C:\Users\Owner\AppData\Local\Windows Live
2012-07-14 16:09:30 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2012-07-14 16:05:40 -------- d-----w- C:\ProgramData\Hi-Rez Studios
2012-07-14 16:05:23 -------- d-----w- C:\Program Files (x86)\Hi-Rez Studios
2012-07-12 02:34:44 3147264 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 13:44:39 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-08 21:21:57 737329 ----a-w- C:\Windows\SysWow64\C2.DLL
2012-07-08 21:21:57 667697 ----a-w- C:\Windows\SysWow64\C1.DLL
2012-07-08 21:21:57 65536 ----a-w- C:\Windows\SysWow64\CL.EXE
2012-07-08 21:21:57 282624 ----a-w- C:\Windows\SysWow64\HexEdit.ocx
2012-07-08 21:21:57 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-07-08 21:21:57 180276 ----a-w- C:\Windows\SysWow64\MSPDB60.DLL
2012-07-08 21:21:57 176128 ----a-w- C:\Windows\SysWow64\RC_GrandLocal.dll
2012-07-08 21:21:57 163840 ----a-w- C:\Windows\SysWow64\RC_Err_Info.dll
2012-07-08 21:21:47 76968 ----a-w- C:\Windows\System32\drivers\GrandUsb.sys
2012-07-08 21:21:46 13864 ----a-w- C:\Windows\System32\drivers\hostnt.sys
2012-07-08 21:21:46 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Dog
2012-07-08 21:17:33 -------- d-----w- C:\PENTAVISION
.
==================== Find3M ====================
.
2012-08-02 19:04:31 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-02 19:04:31 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-20 16:45:20 282472 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-07-20 16:45:20 282472 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-07-20 16:44:25 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-07-16 16:21:13 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr
2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-06-01 20:41:08 4608 ----a-w- C:\Windows\SysWow64\w95inf32.dll
2012-06-01 20:41:08 2272 ----a-w- C:\Windows\SysWow64\w95inf16.dll
2012-05-31 22:24:59 66728 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys
2012-05-31 16:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-26 02:31:10 0 ----a-w- C:\Windows\SysWow64\sho806D.tmp
2012-05-16 21:30:58 338432 ------w- C:\Windows\SysWow64\REX Shared Library.dll
2012-05-16 21:30:57 406528 ----a-w- C:\Windows\SysWow64\ReWire.dll
.
============= FINISH: 15:05:27.85 ===============

#7 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 05 August 2012 - 08:32 AM

Hello, RestoChesto.









Ask Toolbar Warning"

I see you have the Ask.Com toolbar installed. This often comes bundled with spyware and is recommended you remove.

Please see here for more information:
http://www.bleepingcomputer.com/uninstall/94/Ask-Toolbar.html

If you would like to remove it, please go to add/Remove Programs and uninstall it.







Step 1


Please delete your copy of Combofix and download a new one following the instructions below.

Also, which browser are you redirected in? Firefox, Chrome and/or IE? All of the above?



Next, please download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop as etavaresCF.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on etavaresCF.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply, along with any symptoms that are present after it runs.

Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#8 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 07 August 2012 - 11:01 AM

You say I can uninstall the toolbar (wasn't even aware I had it), but I don't see it anywhere in Add/Remove Programs, hm.

In any case, C:\ComboFix.txt:


ComboFix 12-08-07.02 - Owner 08/07/2012 10:39:13.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7928.5538 [GMT -4:00]
Running from: c:\users\Owner\Desktop\etavaresCF.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\AppData\Local\Temp\jna364620080546846517.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5AEB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5B98.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM600D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM60BB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM60FB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM615B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM61DA.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM621A.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM626A.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM629B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM62FB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6473.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM64B3.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM66F7.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6949.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM69F7.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6AF3.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6B33.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6C2F.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6CAD.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6E74.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6EE3.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM702D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM71F4.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM733E.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7487.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7600.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM77A7.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM78F0.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7A1B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7AE8.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7BD4.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7D1D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7E67.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7F53.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM808D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM81A8.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM82B3.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM83ED.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8575.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM870C.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8808.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM89DF.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8A4E.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8AAE.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8C07.tmp
c:\users\Owner\AppData\Local\Temp\YTMP7MC8AA\TAAA6F3.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-07 to 2012-08-07 )))))))))))))))))))))))))))))))
.
.
2073-10-27 14:55 . 2009-10-03 22:32 1118208 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\Strings.dll
2073-10-27 14:55 . 2009-10-03 22:32 1835008 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\haloceded.exe
2073-10-27 14:55 . 2009-10-03 22:31 2404352 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\haloce.exe
2012-08-07 15:07 . 2012-08-07 15:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-07 15:07 . 2012-08-07 15:07 -------- d-----w- c:\users\Alex\AppData\Local\temp
2012-08-04 18:11 . 2012-08-04 18:11 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2012-08-02 20:04 . 2012-08-02 20:05 -------- d-----w- c:\users\Owner\com.moo.android.inputmethod.latin.free-26-1.0.15.2
2012-08-02 20:04 . 2011-05-15 15:23 5445617 ----a-w- c:\windows\aapt.exe
2012-08-02 20:04 . 2010-09-03 16:13 69 ----a-w- c:\windows\apktool.bat
2012-07-27 15:00 . 2012-07-27 15:00 -------- d-----w- c:\program files\iPod
2012-07-27 15:00 . 2012-07-27 15:01 -------- d-----w- c:\program files\iTunes
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-07-27 00:58 . 2012-08-07 14:17 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\offreg.dll
2012-07-23 19:24 . 2012-07-23 19:24 -------- d-----w- c:\program files (x86)\ESET
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-23 19:03 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-23 15:48 . 2012-07-23 15:57 -------- d-----w- C:\ComboFix
2012-07-23 14:26 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-23 14:25 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-23 14:25 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-22 18:02 . 2012-07-22 18:02 53248 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}\ARPPRODUCTICON.exe
2012-07-20 13:14 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\mpengine.dll
2012-07-19 17:17 . 2012-07-19 17:17 -------- d-----w- c:\users\Owner\AppData\Local\Electronic Arts
2012-07-16 16:13 . 2012-07-08 16:16 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-07-16 14:55 . 2012-07-16 14:55 -------- d-----w- c:\windows\en
2012-07-16 14:51 . 2012-07-16 14:51 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-16 14:47 . 2010-08-11 05:13 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-07-16 14:47 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\SysWow64\UIRibbonRes.dll
2012-07-16 14:47 . 2010-08-11 05:19 3860992 ----a-w- c:\windows\system32\UIRibbon.dll
2012-07-16 14:47 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\SysWow64\UIRibbon.dll
2012-07-16 14:42 . 2012-07-16 14:42 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\DSETUP.dll
2012-07-16 14:42 . 2012-07-16 14:42 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\DXSETUP.exe
2012-07-16 14:42 . 2012-07-16 14:42 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\47b730cb1cd636108\dsetup32.dll
2012-07-16 14:42 . 2012-07-16 14:42 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\DXSETUP.exe
2012-07-16 14:42 . 2012-07-16 14:42 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\dsetup32.dll
2012-07-16 14:42 . 2012-07-16 14:42 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\41d696831cd636107\DSETUP.dll
2012-07-16 14:41 . 2012-07-20 14:52 -------- d-----w- c:\users\Owner\AppData\Local\Windows Live
2012-07-14 16:09 . 2012-07-14 16:09 -------- d-----w- c:\program files (x86)\Microsoft Chart Controls
2012-07-14 16:05 . 2012-07-14 16:10 -------- d-----w- c:\programdata\Hi-Rez Studios
2012-07-14 16:05 . 2012-07-14 16:07 -------- d-----w- c:\program files (x86)\Hi-Rez Studios
2012-07-12 02:34 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 13:44 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-07-08 21:21 . 2008-01-14 13:14 176128 ----a-w- c:\windows\SysWow64\RC_GrandLocal.dll
2012-07-08 21:21 . 2008-01-11 20:18 65536 ----a-w- c:\windows\SysWow64\CL.EXE
2012-07-08 21:21 . 2008-01-11 20:18 282624 ----a-w- c:\windows\SysWow64\HexEdit.ocx
2012-07-08 21:21 . 2008-01-11 20:18 180276 ----a-w- c:\windows\SysWow64\MSPDB60.DLL
2012-07-08 21:21 . 2008-01-11 20:18 163840 ----a-w- c:\windows\SysWow64\RC_Err_Info.dll
2012-07-08 21:21 . 2008-01-11 20:18 737329 ----a-w- c:\windows\SysWow64\C2.DLL
2012-07-08 21:21 . 2008-01-11 20:18 667697 ----a-w- c:\windows\SysWow64\C1.DLL
2012-07-08 21:21 . 2001-07-30 21:40 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-07-08 21:21 . 2012-07-08 21:21 76968 ----a-w- c:\windows\system32\drivers\GrandUsb.sys
2012-07-08 21:21 . 2012-07-08 21:21 13864 ----a-w- c:\windows\system32\drivers\hostnt.sys
2012-07-08 21:21 . 2012-07-08 21:21 -------- d-----w- c:\program files (x86)\Common Files\SafeNet Dog
2012-07-08 21:17 . 2012-07-08 21:17 -------- d-----w- C:\PENTAVISION
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:04 . 2012-04-18 19:19 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-02 19:04 . 2011-05-20 11:19 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-20 16:45 . 2010-07-29 16:41 282472 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-20 16:45 . 2010-01-04 20:30 282472 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-20 16:44 . 2010-01-04 20:30 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-16 16:21 . 2010-01-04 20:30 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-03 16:21 . 2009-12-21 23:37 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2009-12-21 23:37 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2009-12-21 23:37 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2009-12-21 23:37 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-11-20 15:11 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2009-12-21 23:37 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-02 22:19 . 2012-06-24 13:20 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 13:21 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 13:21 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 13:21 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 13:20 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 13:21 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 13:20 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-24 13:20 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-24 13:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-01 20:41 . 2012-06-01 20:41 4608 ----a-w- c:\windows\SysWow64\w95inf32.dll
2012-06-01 20:41 . 2012-06-01 20:41 2272 ----a-w- c:\windows\SysWow64\w95inf16.dll
2012-05-31 22:24 . 2012-05-31 22:24 66728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2012-05-31 16:25 . 2009-12-21 22:55 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 02:31 . 2012-05-26 02:31 0 ----a-w- c:\windows\SysWow64\sho806D.tmp
2012-05-16 21:30 . 2012-05-16 21:30 338432 ------w- c:\windows\SysWow64\REX Shared Library.dll
2012-05-16 21:30 . 2012-05-16 21:30 406528 ----a-w- c:\windows\SysWow64\ReWire.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-23_16.30.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-08-07 15:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-23 16:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-07 15:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-23 16:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-07 15:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-23 16:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-03 16:22 . 2012-07-27 00:58 91432 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-07 15:13 33366 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-21 22:43 . 2012-08-07 15:13 23474 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3415995535-3686741152-2621498028-1001_UserData.bin
- 2009-07-14 05:30 . 2012-07-21 19:28 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2009-07-14 05:30 . 2012-08-02 20:42 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-02-15 15:01 . 2012-02-15 15:01 52736 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_509d7a31d0ee45f2\usbaapl64.sys
+ 2011-08-02 20:38 . 2011-08-02 20:38 22528 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_bf785db627c6d127\netaapl64.sys
+ 2011-08-15 16:21 . 2011-07-20 07:46 95416 c:\windows\system32\drivers\ssudbus.sys
- 2009-12-21 22:37 . 2012-07-23 13:03 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-21 22:37 . 2012-08-06 14:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-21 22:37 . 2012-07-23 13:03 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-12-21 22:37 . 2012-08-06 14:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-23 13:03 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-06 14:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-08-07 14:17 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-08-04 18:11 . 2012-08-04 18:11 25214 c:\windows\Installer\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}\AUSetting.exe
- 2012-07-23 15:49 . 2012-07-23 16:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-26 19:17 . 2012-08-07 15:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-23 15:49 . 2012-07-23 16:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-26 19:17 . 2012-08-07 15:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-02 19:04 . 2012-08-02 19:04 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe
+ 2012-08-02 18:04 . 2012-08-02 18:04 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
+ 2012-08-02 18:04 . 2012-08-02 18:04 466632 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll
+ 2012-04-18 19:19 . 2012-08-02 19:04 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-18 19:19 . 2012-07-11 19:04 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2011-08-15 16:21 . 2011-07-20 07:46 708168 c:\windows\system32\WinUSBCoInstaller.dll
- 2009-07-14 02:36 . 2012-07-23 15:57 735244 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-08-07 14:20 735244 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-23 15:57 150158 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-08-07 14:20 150158 c:\windows\system32\perfc009.dat
+ 2012-08-02 19:04 . 2012-08-02 19:04 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_270_Plugin.exe
+ 2012-08-02 18:04 . 2012-08-02 18:04 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_270_ActiveX.exe
+ 2012-08-02 18:04 . 2012-08-02 18:04 513224 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_270_ActiveX.dll
+ 2009-07-14 05:30 . 2012-08-02 20:42 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-21 19:28 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-21 19:28 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-07-27 14:57 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2011-08-15 16:21 . 2011-07-20 07:46 203320 c:\windows\system32\drivers\ssudmdm.sys
+ 2012-08-04 18:11 . 2012-08-04 18:11 439926 c:\windows\Installer\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}\XBoxStat.exe
+ 2012-07-27 15:01 . 2012-07-27 15:01 380928 c:\windows\Installer\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}\iTunesIco.exe
+ 2012-05-24 17:29 . 2012-05-24 17:29 236904 c:\windows\Installer\$PatchCache$\Managed\FAEB67A6F1D637247AB9AD48012A5EB6\5.2.0\OutlookChangeNotifierAddIn_x64.dll
+ 2012-05-24 17:29 . 2012-05-24 17:29 227176 c:\windows\Installer\$PatchCache$\Managed\FAEB67A6F1D637247AB9AD48012A5EB6\5.2.0\OutlookChangeNotifierAddIn.dll
+ 2012-08-02 19:04 . 2012-08-02 19:04 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
+ 2012-08-02 19:04 . 2012-08-02 19:04 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
+ 2009-07-31 03:46 . 2009-07-31 03:46 1436920 c:\windows\system32\WdfCoInstaller01009.dll
+ 2012-02-15 15:01 . 2012-02-15 15:01 4547944 c:\windows\system32\DriverStore\FileRepository\usbaapl64.inf_amd64_neutral_509d7a31d0ee45f2\usbaaplrc.dll
+ 2010-04-20 00:29 . 2010-04-20 00:29 1721576 c:\windows\system32\DriverStore\FileRepository\netaapl64.inf_amd64_neutral_bf785db627c6d127\wdfcoinstaller01009.dll
+ 2009-09-30 21:57 . 2009-09-30 21:57 1219584 c:\windows\Installer\f0b8ed.msi
+ 2009-07-14 02:34 . 2012-08-07 14:28 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
- 2009-07-14 02:34 . 2012-07-23 16:08 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-08-02 19:04 . 2012-08-02 19:04 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll
+ 2012-07-27 14:56 . 2012-07-27 14:56 52033024 c:\windows\Installer\3d55083.msi
+ 2012-07-27 14:56 . 2012-07-27 14:56 11071488 c:\windows\Installer\3d544b3.msi
+ 2012-07-27 14:56 . 2012-07-27 14:56 20403200 c:\windows\Installer\3d54481.msi
+ 2012-07-27 14:54 . 2012-07-27 14:54 26820096 c:\windows\Installer\3d54465.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-03-10 1395664]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-03-10 23:33 1395664 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-03-10 1395664]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-25 39408]
"googletalk"="c:\users\Owner\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-06-01 13806592]
"AltDrag"="c:\program files (x86)\AltDrag\AltDrag.exe" [2011-02-01 34304]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2012-06-06 2160536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"BtTray"="c:\program files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [2008-06-05 231424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-27 336384]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
GmoteServer.lnk - c:\program files (x86)\GmoteServer\GmoteServer.exe [2011-7-17 451584]
Launch Utility Application.lnk - c:\users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2010-12-15 491520]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-5-23 113664]
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 135664]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-07-20 95416]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-05-07 1030600]
R3 GPU-Z;GPU-Z;c:\users\Owner\AppData\Local\Temp\GPU-Z.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 135664]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4924336]
R3 SMServer;SMServer;c:\windows\SysWOW64\snmvtsvc.exe [2009-03-02 237568]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-07-20 203320]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-01-30 18216]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-13 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2009-07-31 237936]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-01-21 25480]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-11 272448]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-06-27 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-27 365568]
S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 BsMobileCS;BsMobileCS;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 HOSTNT;HOSTNT;c:\windows\system32\drivers\hostnt.sys [2012-07-08 13864]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe [2010-03-04 1632776]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447848]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-07-15 5414184]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-07-15 127272]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-06-27 9883136]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-06-27 307712]
S3 CamdAudio;CamdAudio;c:\windows\system32\drivers\CamdAudio.sys [2009-03-02 33264]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2012-05-31 66728]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-01-21 31752]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
S3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-04 134664]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 sftfs;sftfs;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys [2009-09-23 712536]
S3 sftplay;sftplay;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-09-23 261480]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-09-23 25944]
S3 sftvol;sftvol;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys [2009-09-23 17752]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 16:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 19:04]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 22:46]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 22:46]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 00:41]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 00:41]
.
2012-08-03 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 02:15]
.
2012-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\
FF - user.js: extentions.y2layers.installId - 9d780170-1ce7-4c9e-9dc5-b7b099eaf104
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,DropDownDeals,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{C5994560-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994561-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994562-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994563-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994564-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994565-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994566-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994567-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994568-53D9-4125-87C9-F193FC689CB2} - (no file)
AddRemove-1ClickDownload - c:\program files (x86)\1ClickDownload\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\SecuROM\License information*]
"datasecu"=hex:a1,66,8e,a4,27,97,ed,68,d8,fb,68,17,b3,b5,96,02,4a,7c,3c,4d,b6,
7e,69,3a,84,ef,60,c3,18,31,25,0c,59,bf,d8,2a,12,50,3b,02,ad,9b,51,ca,3c,3d,\
"rkeysecu"=hex:b6,83,2d,ac,aa,71,4b,df,ab,e4,d1,f1,cf,aa,26,39
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version7\tv_w32.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Java\jre6\bin\javaw.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2012-08-07 11:49:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-07 15:49
ComboFix2.txt 2012-07-23 17:51
ComboFix3.txt 2012-07-23 16:43
.
Pre-Run: 89,411,522,560 bytes free
Post-Run: 88,629,108,736 bytes free
.
- - End Of File - - A5039D45DFE53BEF1F5AECF9F28E34B4


Now, the problem seems to have stopped, but last time I ran combofix, it looked as if it stopped, too, then came back soon after and became increasingly severe again. Originally it was happening in IE and in Chrome (not in FF or Opera, though), but after that first run of CF (before I made this topic), it stopped occurring in IE.

edit: problem still occurring in Chrome

Edited by RestoChesto, 07 August 2012 - 11:18 AM.


#9 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 07 August 2012 - 07:54 PM

Hello, RestoChesto.

Ask Toolbar looks like it's rebranded as Qybrd Toolbar...is that in your uninstall list?

And I see it's still recurring in Chrome so we'll run OTL for a better look.



Step 1



1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open Notepad and copy/paste the text in the codebox below into Notepad:

RegLock::
[HKEY_USERS\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear.

Step 2


We need to create an OTL report,
  • Please download OTL from this link.
  • (If that link doesn't work, try this alternate link
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Select "Use Safelist" under "Extra Registry"
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT


  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply. If they are too big to paste in one reply, please split them into separate posts.


etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#10 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 18 August 2012 - 05:22 AM

Still there?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#11 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 18 August 2012 - 07:20 AM

Sorry, on vacation. I'll get back to you with the OTL log tomorrow.

#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 PM

Posted 22 August 2012 - 01:29 PM

Still there?


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#13 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 22 August 2012 - 02:43 PM

Yeah, sorry, Combofix took longer than expected and work got in the way. I'll try to get the logs to you soon.

#14 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 26 August 2012 - 01:56 PM

Combofix:


ComboFix 12-08-07.02 - Owner 08/21/2012 22:26:16.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8184.5145 [GMT -4:00]
Running from: c:\users\Owner\Desktop\etavaresCF.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\AppData\Local\Temp\jna1707471805131332121.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3A51.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM62D9.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM62FA.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM633B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM639A.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM63CB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM63EC.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM640D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM64AB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM64DC.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM656B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM65CA.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM65FB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM663B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM66AB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM66EB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM674B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM67C9.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM67DB.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM680C.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM687B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6929.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6A82.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6B5E.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6C69.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6CC9.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6DE4.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM6FBA.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7087.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7182.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM72AD.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM733B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7437.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7552.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM75D1.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7660.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM77B9.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7950.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7A6B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7C22.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7D4C.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM7F42.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8694.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM88A9.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8D1F.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8EB6.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM8FD1.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM908E.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM911D.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM9266.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM9362.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM9548.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM972E.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM980B.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM98C8.tmp
c:\users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM99C3.tmp
c:\users\Owner\AppData\Local\Temp\YTMP7MC8AA\TAA8889.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-07-22 to 2012-08-22 )))))))))))))))))))))))))))))))
.
.
2073-10-27 14:55 . 2009-10-03 22:32 1118208 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\Strings.dll
2073-10-27 14:55 . 2009-10-03 22:32 1835008 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\haloceded.exe
2073-10-27 14:55 . 2009-10-03 22:31 2404352 ----a-w- c:\program files (x86)\Microsoft Games\Halo Custom Edition\haloce.exe
2012-08-22 02:59 . 2012-08-22 02:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-22 02:59 . 2012-08-22 02:59 -------- d-----w- c:\users\Alex\AppData\Local\temp
2012-08-17 21:36 . 2012-08-17 21:36 -------- d-----w- c:\programdata\ATI
2012-08-17 21:35 . 2012-08-17 21:35 -------- d-----w- c:\program files (x86)\AMD AVT
2012-08-17 21:35 . 2012-08-17 21:35 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-17 21:25 . 2012-04-06 02:16 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-08-04 18:11 . 2012-08-04 18:11 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2012-08-02 20:04 . 2012-08-02 20:05 -------- d-----w- c:\users\Owner\com.moo.android.inputmethod.latin.free-26-1.0.15.2
2012-08-02 20:04 . 2011-05-15 15:23 5445617 ----a-w- c:\windows\aapt.exe
2012-08-02 20:04 . 2010-09-03 16:13 69 ----a-w- c:\windows\apktool.bat
2012-07-27 15:00 . 2012-07-27 15:00 -------- d-----w- c:\program files\iPod
2012-07-27 15:00 . 2012-07-27 15:01 -------- d-----w- c:\program files\iTunes
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-27 14:55 . 2012-07-27 14:55 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-07-27 00:58 . 2012-08-21 13:22 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\offreg.dll
2012-07-23 19:24 . 2012-07-23 19:24 -------- d-----w- c:\program files (x86)\ESET
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\users\Owner\AppData\Roaming\Malwarebytes
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\programdata\Malwarebytes
2012-07-23 19:03 . 2012-07-23 19:03 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-23 19:03 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-23 15:48 . 2012-07-23 15:57 -------- d-----w- C:\ComboFix
2012-07-23 14:26 . 2012-07-03 16:21 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-23 14:25 . 2012-07-03 16:21 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-23 14:25 . 2012-07-03 16:21 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 21:53 . 2010-07-29 16:41 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-08-21 21:53 . 2010-01-04 20:30 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-08-21 21:48 . 2010-01-04 20:30 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-08-16 20:04 . 2012-04-18 19:19 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-16 20:04 . 2011-05-20 11:19 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-22 18:02 . 2012-07-22 18:02 53248 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}\ARPPRODUCTICON.exe
2012-07-16 16:21 . 2010-01-04 20:30 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-07-16 14:51 . 2012-07-16 14:51 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-08 21:21 . 2012-07-08 21:21 76968 ----a-w- c:\windows\system32\drivers\GrandUsb.sys
2012-07-08 21:21 . 2012-07-08 21:21 13864 ----a-w- c:\windows\system32\drivers\hostnt.sys
2012-07-08 16:16 . 2012-07-16 16:13 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-07-03 16:21 . 2009-12-21 23:37 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2009-12-21 23:37 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2009-12-21 23:37 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2009-12-21 23:37 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2010-11-20 15:11 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2009-12-21 23:37 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-06-29 10:04 . 2012-07-20 13:14 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DD10718-966B-42F7-882B-B73C78343EA8}\mpengine.dll
2012-06-12 03:02 . 2012-07-12 02:34 3147264 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:30 . 2012-07-11 13:44 14165504 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 05:50 . 2012-07-11 13:44 2003968 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:50 . 2012-07-11 13:44 1880064 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:09 . 2012-07-11 13:44 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:09 . 2012-07-11 13:44 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-02 22:19 . 2012-06-24 13:20 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 13:21 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 13:21 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 13:21 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 13:20 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 13:21 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 13:20 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-24 13:20 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-24 13:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-12 02:32 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-12 02:32 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-12 02:32 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-12 02:32 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-12 02:32 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-12 02:32 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-12 02:32 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-12 02:32 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-12 02:32 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-12 02:32 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-12 02:32 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-12 02:32 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-12 02:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-12 02:32 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-12 02:32 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-12 02:32 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-12 02:32 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-12 02:32 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-12 02:32 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:38 . 2012-07-11 13:44 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:38 . 2012-07-11 13:44 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:37 . 2012-07-11 13:44 459216 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:27 . 2012-07-11 13:44 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:27 . 2012-07-11 13:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:48 . 2012-07-11 13:44 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:48 . 2012-07-11 13:44 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:47 . 2012-07-11 13:44 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:42 . 2012-07-11 13:44 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-06-01 20:41 . 2012-06-01 20:41 4608 ----a-w- c:\windows\SysWow64\w95inf32.dll
2012-06-01 20:41 . 2012-06-01 20:41 2272 ----a-w- c:\windows\SysWow64\w95inf16.dll
2012-05-31 22:24 . 2012-05-31 22:24 66728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2012-05-31 16:25 . 2009-12-21 22:55 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 02:31 . 2012-05-26 02:31 0 ----a-w- c:\windows\SysWow64\sho806D.tmp
.
.
((((((((((((((((((((((((((((( SnapShot_2012-08-07_15.13.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-06 02:33 . 2012-04-06 02:33 56320 c:\windows\SysWOW64\OVDecode.dll
+ 2012-04-06 02:34 . 2012-04-06 02:34 64512 c:\windows\SysWOW64\OpenVideo.dll
+ 2012-04-06 02:32 . 2012-04-06 02:32 50176 c:\windows\SysWOW64\OpenCL.dll
+ 2012-03-09 18:06 . 2012-03-09 18:06 24576 c:\windows\SysWOW64\kdbsdk32.dll
- 2009-07-14 04:54 . 2012-08-07 15:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-22 03:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-22 03:03 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-22 03:03 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-07 15:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-27 19:01 . 2012-04-06 01:09 41984 c:\windows\SysWOW64\atiuxpag.dll
+ 2011-06-27 19:01 . 2012-04-06 01:09 32256 c:\windows\SysWOW64\atiu9pag.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 53760 c:\windows\SysWOW64\atimpc32.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 14848 c:\windows\SysWOW64\atiglpxx.dll
+ 2012-04-06 01:10 . 2012-04-06 01:10 33280 c:\windows\SysWOW64\atigktxx.dll
- 2011-06-27 19:19 . 2011-06-27 19:19 46080 c:\windows\SysWOW64\aticalrt.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 46080 c:\windows\SysWOW64\aticalrt.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 44032 c:\windows\SysWOW64\aticalcl.dll
- 2011-06-27 19:19 . 2011-06-27 19:19 44032 c:\windows\SysWOW64\aticalcl.dll
- 2011-06-27 19:42 . 2011-06-27 19:42 43520 c:\windows\SysWOW64\ati2edxx.dll
+ 2012-04-06 02:14 . 2012-04-06 02:14 43520 c:\windows\SysWOW64\ati2edxx.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 53760 c:\windows\SysWOW64\amdpcom32.dll
+ 2009-07-14 05:10 . 2012-08-22 03:06 33604 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-21 22:43 . 2012-08-22 03:06 23482 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3415995535-3686741152-2621498028-1001_UserData.bin
+ 2012-04-06 02:33 . 2012-04-06 02:33 63488 c:\windows\system32\OVDecode64.dll
+ 2012-04-06 02:34 . 2012-04-06 02:34 74752 c:\windows\system32\OpenVideo64.dll
+ 2012-04-06 02:32 . 2012-04-06 02:32 54784 c:\windows\system32\OpenCL.dll
+ 2012-03-09 18:07 . 2012-03-09 18:07 29184 c:\windows\system32\kdbsdk64.dll
+ 2009-07-14 05:30 . 2012-08-17 21:34 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2012-08-02 20:42 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2012-08-17 21:25 . 2012-04-06 02:00 64000 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\coinst.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 41984 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiuxpag.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 54784 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiuxp64.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 32256 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiu9pag.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 44544 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiu9p64.dll
+ 2012-04-06 01:16 . 2012-04-06 01:16 72704 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atisamu64.dll
+ 2012-04-06 01:16 . 2012-04-06 01:16 67584 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atisamu32.dll
+ 2009-06-22 15:34 . 2009-06-22 15:34 51200 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ATIODCLI.exe
+ 2012-04-06 02:14 . 2012-04-06 02:14 21504 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atimuixx.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 54784 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atimpc64.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 53760 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atimpc32.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 14848 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiglpxx.dll
+ 2012-04-06 01:10 . 2012-04-06 01:10 33280 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atigktxx.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 41984 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atig6txx.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 17408 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atig6pxx.dll
+ 2012-04-06 02:14 . 2012-04-06 02:14 59392 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiedu64.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 51200 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticalrt64.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 46080 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticalrt.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 44544 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticalcl64.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 44032 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticalcl.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 53248 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ati2erec.dll
+ 2012-04-06 02:14 . 2012-04-06 02:14 43520 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ati2edxx.dll
+ 2012-04-06 01:17 . 2012-04-06 01:17 71680 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\amdave64.dll
+ 2012-04-06 01:16 . 2012-04-06 01:16 72704 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\amdave32.dll
- 2011-06-27 19:00 . 2011-06-27 19:00 53248 c:\windows\system32\drivers\ati2erec.dll
+ 2012-04-06 01:09 . 2012-04-06 01:09 53248 c:\windows\system32\drivers\ati2erec.dll
- 2009-12-21 22:37 . 2012-08-06 14:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-21 22:37 . 2012-08-16 19:06 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-21 22:37 . 2012-08-16 19:06 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-12-21 22:37 . 2012-08-06 14:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-16 19:06 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-06 14:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-27 19:10 . 2012-04-06 02:00 64000 c:\windows\system32\coinst.dll
+ 2011-06-27 19:01 . 2012-04-06 01:09 54784 c:\windows\system32\atiuxp64.dll
+ 2011-06-27 19:01 . 2012-04-06 01:09 44544 c:\windows\system32\atiu9p64.dll
+ 2012-04-06 02:14 . 2012-04-06 02:14 21504 c:\windows\system32\atimuixx.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 54784 c:\windows\system32\atimpc64.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 14848 c:\windows\system32\atiglpxx.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 41984 c:\windows\system32\atig6txx.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 17408 c:\windows\system32\atig6pxx.dll
- 2011-06-27 19:42 . 2011-06-27 19:42 59392 c:\windows\system32\atiedu64.dll
+ 2012-04-06 02:14 . 2012-04-06 02:14 59392 c:\windows\system32\atiedu64.dll
- 2011-06-27 19:19 . 2011-06-27 19:19 51200 c:\windows\system32\aticalrt64.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 51200 c:\windows\system32\aticalrt64.dll
+ 2012-04-06 01:30 . 2012-04-06 01:30 44544 c:\windows\system32\aticalcl64.dll
- 2011-06-27 19:19 . 2011-06-27 19:19 44544 c:\windows\system32\aticalcl64.dll
+ 2012-04-06 01:06 . 2012-04-06 01:06 54784 c:\windows\system32\amdpcom64.dll
+ 2009-07-14 04:46 . 2012-08-20 16:15 80672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{FB3D338C-2717-9B6E-D7A3-4407AC192B26}\ARPPRODUCTICON.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{E4490157-303F-F06F-FB6E-D2053A43A182}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{E4490157-303F-F06F-FB6E-D2053A43A182}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{E4490157-303F-F06F-FB6E-D2053A43A182}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{E4490157-303F-F06F-FB6E-D2053A43A182}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{E4490157-303F-F06F-FB6E-D2053A43A182}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{E4431953-0C3A-75AF-CCC3-2DF9C0827932}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{E12ABE6F-830C-AE8F-29EA-76FEC5F2D376}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{DE18A8A8-7AE2-867F-3911-FA8F1C021B51}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{CE96B998-6333-5ADD-F184-6069F7A99F01}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{CB500A52-1B84-CA65-BB07-D092FCE39E42}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{C41E46F9-0F37-8379-E792-B323021FA4BB}\ARPPRODUCTICON.exe
+ 2012-08-17 21:35 . 2012-08-17 21:35 88102 c:\windows\Installer\{BABA4667-CF82-B330-A8E5-6E8A09B2D911}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{B405F81D-3AB8-A7FA-BDDA-BF226815DE28}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{AC568900-82E7-99FF-6C46-E899F9950D17}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{A9947AC7-4FBD-301C-811D-4CA821D8CA03}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{9D5A41F8-E603-4403-5E9D-694A9DE49145}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{9D003D65-EF1F-03DD-EE3F-AB7753C3A9F0}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{817B97FF-3CB7-8F10-1832-0890DCDD0526}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{7915B2E6-DBFA-5BFA-3FD3-726E704CFC94}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{74E9DD22-03B1-DE37-C677-4796ACECE6A7}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{6D9C043E-0EB7-6F70-D981-1787F65C4D71}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{6AEDB189-219A-6326-493E-AECC88AA99AA}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{689556B2-BA08-6F09-EAFE-EA361F1742E4}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{5DE096E8-BCBB-33B1-832C-E602DA635B36}\ARPPRODUCTICON.exe
+ 2012-08-17 21:35 . 2012-08-17 21:35 10134 c:\windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
- 2011-12-30 00:10 . 2011-12-30 00:10 10134 c:\windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{41D168A3-E94D-8F9B-4B7B-41B1AEBE75D2}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{41B8D9C5-4DBB-D539-7FFA-8D83CB91A53B}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{3BB4634D-CEE5-7AB0-D78D-EA263389A8AB}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{3671991B-E558-8A57-BBBF-D9C56B6F6AE4}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{3528E965-4F0A-C0C7-B99C-920B7FE594E6}\ARPPRODUCTICON.exe
+ 2012-08-17 21:35 . 2012-08-17 21:35 88102 c:\windows\Installer\{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{2D0B367F-6BB2-73E2-2D9A-19EFF005A655}\ARPPRODUCTICON.exe
+ 2012-08-17 21:34 . 2012-08-17 21:34 88102 c:\windows\Installer\{116204F9-CEE4-F29F-0CF1-7ACF6EC32E29}\ARPPRODUCTICON.exe
+ 2012-08-17 21:24 . 2012-08-17 21:24 88102 c:\windows\Installer\{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}\ARPPRODUCTICON.exe
+ 2012-08-17 21:33 . 2012-08-17 21:33 10134 c:\windows\Installer\{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}\ARPPRODUCTICON.exe
+ 2012-08-17 21:25 . 2011-09-12 22:06 3917 c:\windows\SysWOW64\atipblag.dat
+ 2012-08-17 21:25 . 2011-09-12 22:06 3917 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atipblag.dat
+ 2012-08-17 21:25 . 2011-09-12 22:06 3917 c:\windows\system32\atipblag.dat
- 2012-07-26 19:17 . 2012-08-07 15:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-26 19:17 . 2012-08-22 03:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-26 19:17 . 2012-08-22 03:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-26 19:17 . 2012-08-07 15:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-17 21:34 . 2012-08-17 21:34 4846 c:\windows\Installer\{936D0DCE-9C2A-7D4C-0E96-7D5B40206DD1}\ARPPRODUCTICON.exe
+ 2012-01-23 17:29 . 2012-01-23 17:29 122880 c:\windows\SysWOW64\SlotMaximizerAg.dll
+ 2012-08-16 20:04 . 2012-08-16 20:04 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe
+ 2012-08-16 19:04 . 2012-08-16 19:04 686792 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe
+ 2012-08-16 19:04 . 2012-08-16 19:04 466632 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.dll
- 2012-04-18 19:19 . 2012-08-02 19:04 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-04-18 19:19 . 2012-08-16 20:04 250056 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-08-17 21:25 . 2012-04-06 01:29 204952 c:\windows\SysWOW64\ativvsvl.dat
+ 2012-08-17 21:25 . 2012-04-06 01:29 157144 c:\windows\SysWOW64\ativvsva.dat
+ 2011-06-27 19:49 . 2012-04-06 02:21 909312 c:\windows\SysWOW64\aticfx32.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 360448 c:\windows\SysWOW64\atiadlxy.dll
+ 2012-01-23 17:15 . 2012-01-23 17:15 122880 c:\windows\system32\SlotMaximizerAg.dll
+ 2009-07-14 02:36 . 2012-08-21 13:23 735244 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-08-07 14:20 735244 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-08-07 14:20 150158 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-08-21 13:23 150158 c:\windows\system32\perfc009.dat
+ 2012-08-16 20:04 . 2012-08-16 20:04 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_Plugin.exe
+ 2012-08-16 19:04 . 2012-08-16 19:04 417992 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_ActiveX.exe
+ 2012-08-16 19:04 . 2012-08-16 19:04 513224 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_271_ActiveX.dll
- 2009-07-14 05:30 . 2012-08-02 20:42 239616 c:\windows\system32\DriverStore\infstrng.dat
+ 2009-07-14 05:30 . 2012-08-17 21:34 239616 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2012-07-27 14:57 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2009-07-14 05:30 . 2012-08-17 21:25 143360 c:\windows\system32\DriverStore\infstor.dat
+ 2012-08-17 21:25 . 2012-04-06 01:29 204952 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ativvsvl.dat
+ 2012-08-17 21:25 . 2012-04-06 01:29 157144 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ativvsva.dat
+ 2012-04-06 02:14 . 2012-04-06 02:14 120320 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atitmm64.dll
+ 2010-08-27 18:33 . 2010-08-27 18:33 332800 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ATIODE.exe
+ 2012-04-06 01:10 . 2012-04-06 01:10 343040 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atikmpag.sys
+ 2012-01-10 21:10 . 2012-01-10 21:10 601728 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiicdxx.dat
+ 2012-04-06 02:16 . 2012-04-06 02:16 236544 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiesrxx.exe
+ 2012-04-06 02:16 . 2012-04-06 02:16 503808 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atieclxx.exe
+ 2012-08-17 21:25 . 2012-04-06 02:16 442368 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\ATIDEMGX.dll
+ 2012-04-06 02:21 . 2012-04-06 02:21 909312 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticfx32.dll
+ 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atibtmon.exe
+ 2012-04-06 02:22 . 2012-04-06 02:22 159744 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiapfxx.exe
+ 2012-04-06 01:11 . 2012-04-06 01:11 360448 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiadlxy.dll
+ 2012-04-06 01:11 . 2012-04-06 01:11 514560 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiadlxx.dll
+ 2009-07-14 00:07 . 2009-07-14 00:07 350208 c:\windows\system32\drivers\HdAudio.sys
+ 2012-04-06 01:10 . 2012-04-06 01:10 343040 c:\windows\system32\drivers\atikmpag.sys
+ 2012-04-06 02:34 . 2012-04-06 02:34 187392 c:\windows\system32\clinfo.exe
+ 2012-08-17 21:25 . 2012-04-06 01:29 204952 c:\windows\system32\ativvsvl.dat
+ 2012-08-17 21:25 . 2012-04-06 01:29 157144 c:\windows\system32\ativvsva.dat
+ 2012-04-06 02:14 . 2012-04-06 02:14 120320 c:\windows\system32\atitmm64.dll
- 2011-06-27 19:43 . 2011-06-27 19:43 120320 c:\windows\system32\atitmm64.dll
+ 2012-01-10 21:10 . 2012-01-10 21:10 601728 c:\windows\system32\atiicdxx.dat
+ 2012-04-06 02:16 . 2012-04-06 02:16 236544 c:\windows\system32\atiesrxx.exe
+ 2012-04-06 02:16 . 2012-04-06 02:16 503808 c:\windows\system32\atieclxx.exe
- 2009-09-03 16:58 . 2009-06-28 22:37 118784 c:\windows\system32\atibtmon.exe
+ 2009-05-11 21:35 . 2009-05-11 21:35 118784 c:\windows\system32\atibtmon.exe
+ 2012-04-06 02:22 . 2012-04-06 02:22 159744 c:\windows\system32\atiapfxx.exe
+ 2012-04-06 01:11 . 2012-04-06 01:11 514560 c:\windows\system32\atiadlxx.dll
+ 2012-04-17 17:49 . 2012-04-17 17:49 396800 c:\windows\Installer\1afbd4.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 984576 c:\windows\Installer\1afbcd.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 803328 c:\windows\Installer\1afbc6.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 786432 c:\windows\Installer\1afbbf.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 796160 c:\windows\Installer\1afbb8.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 880640 c:\windows\Installer\1afbb1.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 775680 c:\windows\Installer\1afbaa.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 906240 c:\windows\Installer\1afba3.msi
+ 2012-04-17 17:48 . 2012-04-17 17:48 790016 c:\windows\Installer\1afb9c.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 807936 c:\windows\Installer\1afb95.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 772608 c:\windows\Installer\1afb8e.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 779264 c:\windows\Installer\1afb87.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 823808 c:\windows\Installer\1afb80.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 843264 c:\windows\Installer\1afb79.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 786944 c:\windows\Installer\1afb72.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 814592 c:\windows\Installer\1afb6b.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 800256 c:\windows\Installer\1afb64.msi
+ 2012-04-17 17:47 . 2012-04-17 17:47 778752 c:\windows\Installer\1afb5d.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 792064 c:\windows\Installer\1afb56.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 770048 c:\windows\Installer\1afb4f.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 927744 c:\windows\Installer\1afb48.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 808960 c:\windows\Installer\1afb41.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 781824 c:\windows\Installer\1afb3a.msi
+ 2012-04-17 17:46 . 2012-04-17 17:46 811520 c:\windows\Installer\1afb33.msi
+ 2012-03-30 09:38 . 2012-03-30 09:38 507904 c:\windows\Installer\1afb1d.msi
+ 2012-04-17 17:49 . 2012-04-17 17:49 630272 c:\windows\Installer\1af8d4.msi
+ 2012-01-23 17:29 . 2012-01-23 17:29 2478592 c:\windows\SysWOW64\SlotMaximizerBe.dll
+ 2012-08-16 20:04 . 2012-08-16 20:04 9465032 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
+ 2012-08-16 20:04 . 2012-08-16 20:04 1536712 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
+ 2011-06-27 19:17 . 2012-04-06 01:22 4795904 c:\windows\SysWOW64\atiumdva.dll
+ 2012-04-06 01:34 . 2012-04-06 01:34 1831424 c:\windows\SysWOW64\atiumdmv.dll
+ 2011-06-27 19:17 . 2012-04-06 01:34 6203392 c:\windows\SysWOW64\atiumdag.dll
+ 2011-06-27 19:39 . 2012-04-06 02:13 6800896 c:\windows\SysWOW64\atidxx32.dll
+ 2012-01-23 17:15 . 2012-01-23 17:15 2478592 c:\windows\system32\SlotMaximizerBe.dll
+ 2012-04-06 01:22 . 2012-04-06 01:22 4795904 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumdva.dll
+ 2012-04-06 01:34 . 2012-04-06 01:34 1831424 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumdmv.dll
+ 2012-04-06 01:34 . 2012-04-06 01:34 6203392 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumdag.dll
+ 2012-04-06 01:35 . 2012-04-06 01:35 1120768 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumd6v.dll
+ 2012-04-06 01:34 . 2012-04-06 01:34 4731904 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumd6a.dll
+ 2012-04-06 01:23 . 2012-04-06 01:23 7431680 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atiumd64.dll
+ 2012-04-06 01:54 . 2012-04-06 01:54 7479296 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atidxx64.dll
+ 2012-04-06 02:13 . 2012-04-06 02:13 6800896 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atidxx32.dll
+ 2012-04-06 02:20 . 2012-04-06 02:20 1067520 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticfx64.dll
+ 2012-04-06 01:35 . 2012-04-06 01:35 1120768 c:\windows\system32\atiumd6v.dll
+ 2012-04-06 01:34 . 2012-04-06 01:34 4731904 c:\windows\system32\atiumd6a.dll
+ 2012-04-06 01:23 . 2012-04-06 01:23 7431680 c:\windows\system32\atiumd64.dll
+ 2011-06-27 19:29 . 2012-04-06 01:54 7479296 c:\windows\system32\atidxx64.dll
+ 2011-06-27 19:48 . 2012-04-06 02:20 1067520 c:\windows\system32\aticfx64.dll
+ 2012-04-17 17:56 . 2012-04-17 17:56 2363392 c:\windows\Installer\1afc09.msi
+ 2012-04-17 17:55 . 2012-04-17 17:55 1792512 c:\windows\Installer\1afbec.msi
+ 2012-04-17 17:50 . 2012-04-17 17:50 1891328 c:\windows\Installer\1afb2c.msi
+ 2012-04-17 17:50 . 2012-04-17 17:50 2811392 c:\windows\Installer\1afb25.msi
+ 2012-04-17 17:55 . 2012-04-17 17:55 8302080 c:\windows\Installer\1af8dc.msi
+ 2012-04-06 01:50 . 2012-04-06 01:50 19753984 c:\windows\SysWOW64\atioglxx.dll
+ 2012-04-06 01:25 . 2012-04-06 01:25 13764096 c:\windows\SysWOW64\aticaldd.dll
+ 2012-04-06 02:32 . 2012-04-06 02:32 13007872 c:\windows\SysWOW64\amdocl.dll
- 2009-07-14 02:34 . 2012-08-07 14:28 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2012-08-21 16:33 10485760 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2012-08-16 20:04 . 2012-08-16 20:04 12315336 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll
+ 2012-04-06 01:50 . 2012-04-06 01:50 19753984 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atioglxx.dll
+ 2012-04-06 02:10 . 2012-04-06 02:10 26181632 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atio6axx.dll
+ 2012-04-06 05:22 . 2012-04-06 05:22 11174400 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\atikmdag.sys
+ 2012-04-06 01:29 . 2012-04-06 01:29 16090624 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticaldd64.dll
+ 2012-04-06 01:25 . 2012-04-06 01:25 13764096 c:\windows\system32\DriverStore\FileRepository\c7137224.inf_amd64_neutral_383c8c4936c61952\B136646\aticaldd.dll
+ 2012-04-06 05:22 . 2012-04-06 05:22 11174400 c:\windows\system32\drivers\atikmdag.sys
+ 2012-04-06 02:10 . 2012-04-06 02:10 26181632 c:\windows\system32\atio6axx.dll
+ 2012-04-06 01:29 . 2012-04-06 01:29 16090624 c:\windows\system32\aticaldd64.dll
+ 2012-04-06 02:33 . 2012-04-06 02:33 16457216 c:\windows\system32\amdocl64.dll
+ 2012-04-17 17:56 . 2012-04-17 17:56 16913920 c:\windows\Installer\1afc01.msi
+ 2012-04-17 17:44 . 2012-04-17 17:44 14508032 c:\windows\Installer\1afbdc.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-25 39408]
"googletalk"="c:\users\Owner\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"MusicManager"="c:\users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2012-06-01 13806592]
"AltDrag"="c:\program files (x86)\AltDrag\AltDrag.exe" [2011-02-01 34304]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2012-06-06 2160536]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-06-27 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"AmazonGSDownloaderTray"="c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"BtTray"="c:\program files (x86)\IVT Corporation\BlueSoleil\BtTray.exe" [2008-06-05 231424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
GmoteServer.lnk - c:\program files (x86)\GmoteServer\GmoteServer.exe [2011-7-17 451584]
Launch Utility Application.lnk - c:\users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2010-12-15 491520]
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-5-23 113664]
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe [2011-8-15 2589808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-03-16 122880]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 135664]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-16 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 36328]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-07-20 95416]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\steam\steamapps\common\ava\Binaries\GameGuard\dump_wmimmc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-05-07 1030600]
R3 GPU-Z;GPU-Z;c:\users\Owner\AppData\Local\Temp\GPU-Z.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 135664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4924336]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-04 134664]
R3 SMServer;SMServer;c:\windows\SysWOW64\snmvtsvc.exe [2009-03-02 237568]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-07-20 203320]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-01-30 18216]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-13 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys [2009-07-31 237936]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-01-21 25480]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-11 272448]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-10-23 401920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 BsMobileCS;BsMobileCS;c:\program files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2009-09-26 819600]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 HOSTNT;HOSTNT;c:\windows\system32\drivers\hostnt.sys [2012-07-08 13864]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
S2 OxygenAudioDevMon;Oxygen Audio Device Monitor;c:\program files (x86)\M-Audio\Oxygen\AudioDevMon.exe [2010-03-04 1632776]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-09-23 447848]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-07-15 5414184]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-07-15 127272]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 CamdAudio;CamdAudio;c:\windows\system32\drivers\CamdAudio.sys [2009-03-02 33264]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2012-05-31 66728]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-01-21 31752]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
S3 sftfs;sftfs;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys [2009-09-23 712536]
S3 sftplay;sftplay;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-09-23 261480]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-09-23 25944]
S3 sftvol;sftvol;c:\program files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys [2009-09-23 17752]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-09-23 203608]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 16:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 20:04]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 22:46]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-25 22:46]
.
2012-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001Core.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 00:41]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001UA.job
- c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 00:41]
.
2012-08-17 c:\windows\Tasks\HPCeeScheduleForOwner.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 02:15]
.
2012-03-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} - hxxp://www.yoyogames.com/plugins/activex/YoYo.cab
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\
FF - user.js: extentions.y2layers.installId - 9d780170-1ce7-4c9e-9dc5-b7b099eaf104
FF - user.js: extentions.y2layers.defaultEnableAppsList - Buzzdock,BuzzdockTease,DropDownDeals,DropDownDeals,
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: security.csp.enable - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{C5994560-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994561-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994562-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994563-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994564-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994565-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994566-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994567-53D9-4125-87C9-F193FC689CB2} - (no file)
ShellIconOverlayIdentifiers-{C5994568-53D9-4125-87C9-F193FC689CB2} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\SecuROM\License information*]
"datasecu"=hex:a1,66,8e,a4,27,97,ed,68,d8,fb,68,17,b3,b5,96,02,4a,7c,3c,4d,b6,
7e,69,3a,84,ef,60,c3,18,31,25,0c,59,bf,d8,2a,12,50,3b,02,ad,9b,51,ca,3c,3d,\
"rkeysecu"=hex:b6,83,2d,ac,aa,71,4b,df,ab,e4,d1,f1,cf,aa,26,39
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version7\tv_w32.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Java\jre6\bin\javaw.exe
c:\program files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.exe
c:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Completion time: 2012-08-21 23:39:56 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-22 03:39
ComboFix2.txt 2012-08-07 15:50
ComboFix3.txt 2012-07-23 17:51
ComboFix4.txt 2012-07-23 16:43
.
Pre-Run: 61,788,327,936 bytes free
Post-Run: 60,974,641,152 bytes free
.
- - End Of File - - 4091B36F1613ECA72AE0001D2F28165A

OTL logfile created on: 8/26/2012 2:29:39 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.13 Gb Available Physical Memory | 64.19% Memory free
15.98 Gb Paging File | 12.46 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 53.88 Gb Free Space | 7.85% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.22 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
Drive E: | 652.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/26 14:28:34 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2012/08/24 09:53:58 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/08/15 20:13:54 | 007,316,480 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2012/08/04 09:51:13 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2012/07/16 12:21:13 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/06/27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/06/05 22:33:58 | 002,160,536 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/06 15:52:00 | 006,379,888 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2012/05/05 14:47:52 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe
PRC - [2012/03/19 07:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 07:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2011/06/27 16:20:36 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/17 04:15:46 | 000,382,272 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/01 14:42:24 | 000,034,304 | ---- | M] (Stefan Sundin) -- C:\Program Files (x86)\AltDrag\AltDrag.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/12/15 20:20:42 | 000,491,520 | ---- | M] (Samsung Electronices Co., Ltd.) -- C:\Users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
PRC - [2010/03/04 07:35:54 | 001,632,776 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
PRC - [2009/10/23 12:31:44 | 000,401,920 | ---- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
PRC - [2009/10/23 12:31:44 | 000,326,144 | ---- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
PRC - [2009/09/23 15:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 15:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/08/05 16:45:22 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/07/23 23:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/03/16 03:47:28 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/03/16 03:47:24 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/03/16 03:47:20 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009/03/12 17:39:54 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
PRC - [2008/12/14 22:54:52 | 000,451,584 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\GmoteServer.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/06/05 17:50:58 | 000,778,240 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2008/06/05 17:50:56 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2008/06/04 18:26:58 | 000,143,467 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/26 08:33:08 | 000,085,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM62CC.tmp
MOD - [2012/08/26 08:33:08 | 000,085,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM61FF.tmp
MOD - [2012/08/26 08:33:08 | 000,085,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM60E5.tmp
MOD - [2012/08/26 08:33:07 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5D07.tmp
MOD - [2012/08/26 08:33:07 | 000,085,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5F7B.tmp
MOD - [2012/08/26 08:33:07 | 000,033,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\YTMP7MC8AA\TAA5F4B.tmp
MOD - [2012/08/26 08:33:06 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5C0B.tmp
MOD - [2012/08/26 08:33:06 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5B00.tmp
MOD - [2012/08/26 08:33:06 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5968.tmp
MOD - [2012/08/26 08:33:05 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5773.tmp
MOD - [2012/08/26 08:33:05 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM55EB.tmp
MOD - [2012/08/26 08:33:04 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM54F0.tmp
MOD - [2012/08/26 08:33:04 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5423.tmp
MOD - [2012/08/26 08:33:04 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM5356.tmp
MOD - [2012/08/26 08:33:04 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM525A.tmp
MOD - [2012/08/26 08:33:04 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM518E.tmp
MOD - [2012/08/26 08:33:03 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM50C1.tmp
MOD - [2012/08/26 08:33:03 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4FC5.tmp
MOD - [2012/08/26 08:33:03 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4EBA.tmp
MOD - [2012/08/26 08:33:03 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4DBE.tmp
MOD - [2012/08/26 08:33:02 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4C56.tmp
MOD - [2012/08/26 08:33:02 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4B5A.tmp
MOD - [2012/08/26 08:33:02 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4A7E.tmp
MOD - [2012/08/26 08:33:02 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4943.tmp
MOD - [2012/08/26 08:33:01 | 000,120,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4625.tmp
MOD - [2012/08/26 08:33:00 | 000,072,704 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM41E6.tmp
MOD - [2012/08/26 08:33:00 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM44CC.tmp
MOD - [2012/08/26 08:33:00 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM445C.tmp
MOD - [2012/08/26 08:33:00 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM43AF.tmp
MOD - [2012/08/26 08:33:00 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4311.tmp
MOD - [2012/08/26 08:33:00 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4168.tmp
MOD - [2012/08/26 08:32:59 | 000,072,704 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3F40.tmp
MOD - [2012/08/26 08:32:59 | 000,072,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3DD3.tmp
MOD - [2012/08/26 08:32:59 | 000,064,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3EB1.tmp
MOD - [2012/08/26 08:32:59 | 000,057,344 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM40F8.tmp
MOD - [2012/08/26 08:32:59 | 000,053,760 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM4089.tmp
MOD - [2012/08/26 08:32:59 | 000,053,760 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3E42.tmp
MOD - [2012/08/26 08:32:58 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3C7A.tmp
MOD - [2012/08/26 08:32:58 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3B4D.tmp
MOD - [2012/08/26 08:32:58 | 000,057,344 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3B7E.tmp
MOD - [2012/08/26 08:32:58 | 000,056,320 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3994.tmp
MOD - [2012/08/26 08:32:58 | 000,053,760 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3A90.tmp
MOD - [2012/08/26 08:32:57 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3925.tmp
MOD - [2012/08/26 08:32:57 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3644.tmp
MOD - [2012/08/26 08:32:57 | 000,064,000 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3740.tmp
MOD - [2012/08/26 08:32:57 | 000,053,760 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM35E4.tmp
MOD - [2012/08/26 08:32:56 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM34AA.tmp
MOD - [2012/08/26 08:32:56 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM33BE.tmp
MOD - [2012/08/26 08:32:56 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM3254.tmp
MOD - [2012/08/26 08:32:56 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM31B6.tmp
MOD - [2012/08/26 08:32:56 | 000,056,832 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM32A4.tmp
MOD - [2012/08/26 08:32:55 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM2FFF.tmp
MOD - [2012/08/26 08:32:54 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM2A6D.tmp
MOD - [2012/08/26 08:32:54 | 000,068,608 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM2C55.tmp
MOD - [2012/08/26 08:32:54 | 000,056,320 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM2991.tmp
MOD - [2012/08/26 08:32:54 | 000,055,296 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM2AFC.tmp
MOD - [2012/08/26 08:32:53 | 000,075,776 | ---- | M] () -- C:\Users\Owner\AppData\Local\Temp\XTMP1MC3VE\DEM1ADF.tmp
MOD - [2012/08/24 09:53:53 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/08/24 09:53:42 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/08/24 09:53:42 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/08/24 09:53:41 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/08/24 09:53:40 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/08/17 18:28:55 | 000,442,392 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012/08/17 18:28:54 | 012,236,824 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/17 18:28:52 | 003,997,720 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/17 18:27:36 | 000,526,872 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\libglesv2.dll
MOD - [2012/08/17 18:27:35 | 000,104,984 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\libegl.dll
MOD - [2012/08/17 18:27:23 | 000,144,424 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/17 18:27:22 | 000,266,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/17 18:27:21 | 002,480,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012/08/15 20:02:40 | 000,344,064 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2012/08/15 20:02:30 | 000,231,936 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2012/08/15 20:01:44 | 000,231,936 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2012/08/15 20:01:38 | 000,117,248 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2012/08/15 19:37:40 | 000,026,624 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2012/08/15 19:37:38 | 000,170,496 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\accessible\qtaccessiblewidgets4.dll
MOD - [2012/08/15 19:37:24 | 010,683,392 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2012/08/15 19:37:22 | 007,741,952 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2012/08/15 19:37:22 | 001,681,408 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2012/08/15 19:37:20 | 002,248,192 | ---- | M] () -- C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2012/06/05 22:34:00 | 000,124,312 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/11 16:24:29 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/12/04 22:38:12 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2010/12/04 22:38:06 | 000,776,192 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
MOD - [2010/12/04 22:38:06 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
MOD - [2010/12/04 22:38:04 | 001,242,112 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2010/12/04 22:38:02 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2009/10/23 12:31:44 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
MOD - [2009/08/05 16:45:22 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/06/17 11:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/17 11:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/17 11:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2008/12/14 22:54:52 | 000,451,584 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\GmoteServer.exe
MOD - [2008/11/13 07:43:40 | 000,735,744 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libx264_plugin.dll
MOD - [2008/11/13 07:43:10 | 004,688,384 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\avcodec-51.dll
MOD - [2008/11/13 07:43:10 | 000,892,928 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libiconv-2.dll
MOD - [2008/11/13 07:43:10 | 000,546,304 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libfreetype-6.dll
MOD - [2008/11/13 07:43:10 | 000,278,016 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libgcrypt-11.dll
MOD - [2008/11/13 07:43:10 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libz-1-2.dll
MOD - [2008/11/13 07:43:10 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libgpg-error-0.dll
MOD - [2008/11/13 07:34:28 | 001,168,384 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvorbis_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,992,768 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtaglib_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,281,600 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtheora_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtwolame_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libts_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,054,272 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvod_rtsp_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvout_directx_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvisual_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libty_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvobsub_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libwaveout_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvcd_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libwingdi_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtransform_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libyuy2_i420_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtelnet_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libwall_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libxtag_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libyuy2_i422_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libwav_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvoc_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtta_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvmem_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libvc1_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libwave_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libxa_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtrivial_channel_mixer_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtrivial_resampler_plugin.dll
MOD - [2008/11/13 07:34:28 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libtrivial_mixer_plugin.dll
MOD - [2008/11/13 07:34:26 | 009,172,480 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libqt4_plugin.dll
MOD - [2008/11/13 07:34:26 | 001,888,768 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libskins2_plugin.dll
MOD - [2008/11/13 07:34:26 | 001,261,568 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmkv_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,701,440 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libschroedinger_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,283,136 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsdl_image_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,278,016 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libswscale_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,262,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmod_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,173,568 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpng_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,165,376 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmp4_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpostproc_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,107,008 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,101,888 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_ts_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libspeex_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libplaylist_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_rtp_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,074,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libspatializer_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_ps_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,063,488 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libportaudio_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_mp4_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libogg_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpanoramix_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsap_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librc_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_asf_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_h264_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_transcode_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_standard_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libremoteosd_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librealaudio_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,027,136 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libps_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,025,600 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmosaic_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libreal_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsubtitle_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_ogg_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librtp_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsubsdec_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_avi_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librss_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsubsusf_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_mpeg4video_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libopengl_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_mosaic_bridge_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmotiondetect_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpuzzle_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libnuv_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libosd_parser_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpva_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libspudec_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsmf_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librotate_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libosdmenu_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmono_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libscreen_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsvcdsub_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librawvid_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpsychedelic_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_duplicate_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_bridge_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstats_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libscaletempo_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libparam_eq_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libntservice_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libnsv_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_es_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libquicktime_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmpga_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libshout_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librealvideo_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librawdv_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libripple_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpodcast_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libnsc_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libnormvol_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmsn_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_gather_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_display_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libsharpen_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libscale_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librawvideo_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_wav_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libpacketizer_copy_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libnoise_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_mpjpeg_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmotionblur_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_autodel_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libshowintf_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmux_dummy_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmpgv_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_description_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libt140_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\librv32_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libstream_out_dummy_plugin.dll
MOD - [2008/11/13 07:34:26 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libspdif_mixer_plugin.dll
MOD - [2008/11/13 07:34:24 | 001,061,888 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblive555_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,844,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libvlccore.dll
MOD - [2008/11/13 07:34:24 | 000,699,904 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libavformat_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,612,864 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcaca_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,429,056 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgnutls_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,373,248 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_output_shout_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,303,616 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libfaad_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,255,488 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblua_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,249,344 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libflac_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,212,992 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdvdnav_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,199,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgoom_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,158,208 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdshow_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,152,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,149,504 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libbda_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblibmpeg2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdvdread_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdvbsub_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libatmo_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,119,296 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libfreetype_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,116,224 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_rgb_sse2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,104,448 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\libvlc.dll
MOD - [2008/11/13 07:34:24 | 000,102,912 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libhttp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libkate_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,075,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libasf_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,073,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libavcodec_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,070,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_mms_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libavi_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libid3tag_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_http_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_rgb_mmx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libflacsys_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcmml_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_rtmp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_realrtsp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdeinterlace_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcdda_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libblend_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaudioscrobbler_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaudio_format_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_ftp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdirect3d_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_rgb_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libequalizer_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,029,184 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_filter_timeshift_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_smb_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_filter_record_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_yuy2_sse2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libbandlimited_resampler_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libhotkeys_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libadjust_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi422_yuy2_sse2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdmo_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libglwin32_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaraw_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libconverter_float_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgradient_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblogo_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaout_directx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcrop_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcc_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libadpcm_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libextract_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_yuy2_mmx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmagnify_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdummy_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_directory_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmarq_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi422_yuy2_mmx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcinepak_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_output_udp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi422_yuy2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_yuy2_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdts_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblogger_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libheadphone_channel_mixer_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libexport_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcroppadd_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgaussianblur_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libfake_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liberase_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcvdsub_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libclone_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libbluescreen_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmjpeg_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgestures_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liba52_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libimage_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_output_http_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblinear_resampler_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcolorthres_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcdg_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libblendbench_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaout_file_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaiff_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdtssys_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_filter_dump_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmemcpymmx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmemcpy3dn_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi422_i420_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libcanvas_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_file_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_fake_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,008,192 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liba52sys_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libm4a_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liblpcm_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgrey_yuv_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libgrain_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libau_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libalphamask_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_udp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_filter_bandwidth_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libm4v_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_ymga_mmx_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libh264_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdemuxdump_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_output_file_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libchain_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,656 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_tcp_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libinvert_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libfolder_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libdemux_cdg_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,006,144 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libi420_ymga_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libmemcpy_plugin.dll
MOD - [2008/11/13 07:34:24 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\GmoteServer\bin\VLC\plugins\libaccess_output_dummy_plugin.dll
MOD - [2008/06/05 17:50:56 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
MOD - [2008/06/04 18:29:48 | 000,622,693 | ---- | M] () -- C:\Windows\SysWOW64\BsShell.dll
MOD - [2008/06/04 18:27:44 | 000,098,403 | ---- | M] () -- C:\Windows\SysWOW64\Bs2Res.dll
MOD - [2008/06/04 18:27:10 | 000,118,880 | ---- | M] () -- C:\Windows\SysWOW64\BsMobileSDK.dll
MOD - [2008/06/04 18:27:02 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\BsMobileCSps.dll
MOD - [2008/03/07 13:54:22 | 017,907,824 | ---- | M] () -- C:\Windows\SysWOW64\BsLangInDepRes.dll
MOD - [2004/04/11 23:16:32 | 000,181,333 | ---- | M] () -- C:\Program Files (x86)\Common Files\GTK\2.0\bin\libfontconfig-1.dll
MOD - [2000/05/22 09:03:24 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Common Files\GTK\2.0\bin\xmlparse.dll
MOD - [2000/05/12 11:58:06 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Common Files\GTK\2.0\bin\xmltok.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/04/05 22:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/04/05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/05/06 21:43:38 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/07/15 12:13:06 | 000,127,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/07/15 12:13:02 | 005,414,184 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/12 17:39:54 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe -- (mi-raysat_3dsmax2010_64)
SRV - [2012/08/24 09:53:58 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/16 16:04:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 14:39:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/16 12:21:13 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/12 15:16:55 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/06 12:36:00 | 004,005,936 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/06/03 13:48:28 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 07:35:54 | 001,632,776 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe -- (OxygenAudioDevMon)
SRV - [2009/10/23 12:31:44 | 000,401,920 | ---- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/09/23 15:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 15:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/16 03:47:22 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/03/02 16:36:04 | 000,237,568 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\SysWOW64\snmvtsvc.exe -- (SMServer)
SRV - [2008/06/05 17:50:58 | 000,778,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2008/06/04 18:31:44 | 000,141,824 | ---- | M] () [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2008/06/04 18:26:58 | 000,143,467 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS)
SRV - [2008/03/29 23:49:28 | 000,258,048 | ---- | M] (KALiNKOsoft) [Auto | Stopped] -- C:\Program Files (x86)\KALiNKOsoft\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Disabled | Unknown] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Natropm)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/08 17:21:46 | 000,013,864 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hostnt.sys -- (HOSTNT)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/05/31 18:24:59 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012/04/06 01:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/04/06 01:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 21:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 06:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/11 02:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2011/09/21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011/07/20 03:46:06 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011/07/20 03:46:06 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011/06/11 13:49:47 | 000,272,448 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/07/01 14:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2010/03/04 07:35:52 | 000,134,664 | ---- | M] (M-Audio) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MAudioOxygen.sys -- (OXYGEN)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/09/23 15:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/03 16:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009/08/13 23:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/31 07:10:58 | 000,237,936 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 10:31:42 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 11:10:10 | 001,478,144 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/05/20 15:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 06:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/04/03 09:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/03/02 15:46:58 | 000,033,264 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CamdAudio.sys -- (CamdAudio)
DRV:64bit: - [2009/01/30 17:29:52 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/01/21 19:28:14 | 000,016,904 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT)
DRV:64bit: - [2008/01/21 19:28:10 | 000,031,752 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV:64bit: - [2008/01/21 19:28:06 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus)
DRV:64bit: - [2008/01/21 19:27:58 | 000,038,664 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VCommMgr.sys -- (VcommMgr)
DRV:64bit: - [2008/01/21 19:27:52 | 000,017,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VComm.sys -- (VComm)
DRV:64bit: - [2007/02/16 15:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2007/02/15 20:11:26 | 000,012,976 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2009/09/23 15:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 15:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys -- (sftvol)
DRV - [2009/09/23 15:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys -- (sftfs)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005/01/01 23:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{1488B0D8-C8BA-4917-9369-A1E8D65796BB}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{888EFBE6-24C9-4FEA-867A-D906915A4D3D}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=bestbuy&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{1488B0D8-C8BA-4917-9369-A1E8D65796BB}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{888EFBE6-24C9-4FEA-867A-D906915A4D3D}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\SearchScopes,DefaultScope = {1488B0D8-C8BA-4917-9369-A1E8D65796BB}
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\SearchScopes\{1488B0D8-C8BA-4917-9369-A1E8D65796BB}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\SearchScopes\{6FBF660E-A78D-4dc8-B9DA-302A931FFE66}: "URL" = http://websearch.qbyrd.com/redirect?client=ie&tb=MYC-QBD&o=16179&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=OP&apn_dtid=YYYYYYQ1US&apn_uid=2AACCD7B-D423-4C32-A4E1-99CBAC18D57E&apn_sauid=2CF19B7B-59C0-40A6-B08C-6942D7325A41
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\SearchScopes\{888EFBE6-24C9-4FEA-867A-D906915A4D3D}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========



FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/05/21 22:51:23 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin: C:\Program Files (x86)\SmileyCentral_1vEI\Installr\5.bin\NP1vEISB.dll (SmileyCentral)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/05/21 22:51:23 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.17: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.17: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012/03/09 18:12:03 | 000,102,233 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/07/23 10:25:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/27 10:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/24 14:45:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/27 10:55:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/17 14:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2012/08/25 13:25:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\extensions
[2012/08/17 21:41:27 | 000,000,000 | ---D | M] (tagteam) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\extensions\fiiojhhnhnjccckfgklljpkbiofdmllo@slicefactory.com
[2012/03/09 18:12:10 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\extensions\plugin@yontoo.com
[2012/08/17 21:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\extensions\fiiojhhnhnjccckfgklljpkbiofdmllo@slicefactory.com\resources\extension-data
[2012/08/17 21:41:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\60fyav25.default\extensions\fiiojhhnhnjccckfgklljpkbiofdmllo@slicefactory.com\resources\extension-lib
[2012/06/09 13:47:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/25 21:29:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/18 14:39:53 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/17 19:44:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/17 19:44:48 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U32 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: SmileyCentral Installer Plugin Stub (Enabled) = C:\Program Files (x86)\SmileyCentral_1vEI\Installr\5.bin\NP1vEISB.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle Broadcaster Plugin (Enabled) = C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Music Player Enhancements = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acdpdoogefpodpgmppihobogbgeacpbb\1.0_1\
CHR - Extension: Angry Birds = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Facebook Colour Changer = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
CHR - Extension: Google Plus = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cenchpggpaphkhnpahhcdhanhkpndmge\1.1_0\
CHR - Extension: GodLikeMouse = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpecijokcgfidfmmapldanppjfmldpgj\3_0\
CHR - Extension: Speed Dial = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.1_0\
CHR - Extension: FB Photo Zoom = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1206.11.1_0\
CHR - Extension: Hide FB Questions = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnfccinnkelhmobaenahkeidjiocmnld\1.3_0\
CHR - Extension: AdBlock = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Allow Right-Click = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hompjdfbfmmmgflfjdlnkohcplmboaeo\1.2.5_0\
CHR - Extension: bitly | \u2665 your bitmarks = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.15_0\
CHR - Extension: avast! WebRep = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Auto Replay for YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb\1.9.14_0\
CHR - Extension: Chromium Wheel Smooth Scroller = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb\1.0.33_0\
CHR - Extension: eBuddy Web Messenger = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkojhhiphdgeliplnclnbmdiofhgnimi\2.0.9_0\
CHR - Extension: FBPHOTOZOOM = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\2.2_0\
CHR - Extension: Tumblr Savior = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip\0.4.2_0\

O1 HOSTS File: ([2012/08/21 23:04:59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files (x86)\TextAloud\TAForIE.dll ()
O3:64bit: - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [AltDrag] C:\Program Files (x86)\AltDrag\AltDrag.exe (Stefan Sundin)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [googletalk] C:\Users\Owner\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [MusicManager] C:\Users\Owner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk = C:\Program Files (x86)\GmoteServer\GmoteServer.exe ()
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Utility Application.lnk = C:\Users\Owner\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe (Samsung Electronices Co., Ltd.)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MelodyCan\YouTubeRipper.dll ()
O9 - Extra 'Tools' menuitem : Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\MelodyCan\YouTubeRipper.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3415995535-3686741152-2621498028-1001\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/plugins/activex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F389F118-AFF0-4ACC-ABBD-6009B97747A0}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/05/02 05:33:28 | 000,000,045 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe - (Hewlett-Packard Company)
MsConfig:64bit - StartUpReg: ArcSoft Connection Service - hkey= - key= - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
MsConfig:64bit - StartUpReg: HP Remote Solution - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
MsConfig:64bit - StartUpReg: HPADVISOR - hkey= - key= - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Nike+ Connect - hkey= - key= - C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)
MsConfig:64bit - StartUpReg: SmartMenu - hkey= - key= - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MsConfig:64bit - State: "startup" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 14:28:37 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/08/21 23:05:05 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/08/21 20:13:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{080EBEAD-E469-4A77-99C4-619125448E6F}
[2012/08/21 18:54:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\PCSX2
[2012/08/19 18:25:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sugar Bytes
[2012/08/17 19:23:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Battlefield Bad Company 2
[2012/08/17 17:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/17 17:35:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012/08/17 17:35:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/08/17 17:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/08/07 10:27:17 | 004,726,494 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\etavaresCF.exe
[2012/08/04 14:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2012/08/04 14:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2012/08/04 14:00:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FightingIsMagic
[2012/08/02 16:06:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\gbkeyboard
[2012/08/02 16:04:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\com.moo.android.inputmethod.latin.free-26-1.0.15.2
[2012/07/31 21:39:49 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/26 14:43:04 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/26 14:28:34 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2012/08/26 14:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 13:50:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001UA.job
[2012/08/26 08:50:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3415995535-3686741152-2621498028-1001Core.job
[2012/08/26 08:43:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/26 08:41:38 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 08:41:38 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/26 08:30:54 | 000,000,849 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini
[2012/08/26 08:28:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/26 08:28:41 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/25 11:49:08 | 000,885,874 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/25 11:49:08 | 000,735,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/25 11:49:08 | 000,150,158 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/24 09:50:16 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/08/21 23:04:59 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/21 17:53:35 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/21 17:53:35 | 000,282,296 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/21 17:48:01 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/07 10:26:58 | 004,726,494 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\etavaresCF.exe
[2012/08/04 13:57:43 | 164,172,839 | ---- | M] () -- C:\Users\Owner\Desktop\FightingIsMagic.rar
[2012/08/02 15:45:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/08/02 15:25:41 | 001,786,297 | ---- | M] () -- C:\Users\Owner\Desktop\com.moo.android.inputmethod.latin.free-26-1.0.15.2.apk
[2012/08/02 15:25:16 | 004,080,328 | ---- | M] () -- C:\Users\Owner\Desktop\com.mojang.minecraftpe-3025-0.3.2.apk
[2012/07/31 21:39:49 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\dds.scr
[2012/07/31 21:39:14 | 000,000,178 | ---- | M] () -- C:\Users\Owner\defogger_reenable
[2012/07/31 21:38:48 | 000,050,477 | ---- | M] () -- C:\Users\Owner\Desktop\Defogger.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/17 17:25:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/08/17 17:25:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2012/08/17 17:25:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/08/17 17:25:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2012/08/17 17:25:41 | 000,245,896 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012/08/17 17:25:41 | 000,245,896 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012/08/17 17:25:41 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012/08/17 17:25:41 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2012/08/17 17:24:53 | 000,038,159 | ---- | C] () -- C:\Windows\atiogl.xml
[2012/08/04 13:53:01 | 164,172,839 | ---- | C] () -- C:\Users\Owner\Desktop\FightingIsMagic.rar
[2012/08/02 16:04:13 | 005,445,617 | ---- | C] () -- C:\Windows\aapt.exe
[2012/08/02 16:04:13 | 000,000,069 | ---- | C] () -- C:\Windows\apktool.bat
[2012/08/02 16:04:12 | 003,090,514 | ---- | C] () -- C:\Windows\apktool.jar
[2012/08/02 15:54:52 | 001,786,297 | ---- | C] () -- C:\Users\Owner\Desktop\com.moo.android.inputmethod.latin.free-26-1.0.15.2.apk
[2012/08/02 15:49:21 | 004,080,328 | ---- | C] () -- C:\Users\Owner\Desktop\com.mojang.minecraftpe-3025-0.3.2.apk
[2012/08/02 15:45:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/07/31 21:39:13 | 000,000,178 | ---- | C] () -- C:\Users\Owner\defogger_reenable
[2012/07/31 21:38:48 | 000,050,477 | ---- | C] () -- C:\Users\Owner\Desktop\Defogger.exe
[2012/07/23 11:57:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/23 11:57:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/23 11:57:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/23 11:57:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/23 11:57:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/16 12:13:42 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/07/08 17:21:57 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\RC_Err_Info.dll
[2012/06/01 20:36:05 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/06/01 16:41:13 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012/03/29 21:52:14 | 000,007,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/10/01 22:49:23 | 000,002,716 | ---- | C] () -- C:\Users\Owner\photorec.cfg
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/15 16:13:17 | 000,000,116 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011/08/15 14:06:42 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011/07/26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011/07/26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011/07/26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011/07/26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011/07/16 16:34:23 | 000,004,608 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/17 20:46:38 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/05/15 13:15:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\BSPRINT.INI
[2011/04/03 19:42:10 | 000,001,602 | ---- | C] () -- C:\Users\Owner\AppData\Local\opt.bat
[2011/03/26 15:42:33 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/03/14 16:49:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2011/03/14 16:49:40 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2011/03/14 16:49:40 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2011/02/10 00:03:48 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2010/10/05 17:57:12 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010/07/20 14:59:58 | 000,002,155 | ---- | C] () -- C:\Users\Owner\.recently-used.xbel
[2010/04/25 10:42:08 | 000,000,093 | ---- | C] () -- C:\Users\Owner\AppData\Local\fusioncache.dat
[2010/01/05 18:02:03 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/22 07:42:00 | 000,003,350 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat

========== LOP Check ==========

[2012/03/21 17:56:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2012/04/20 17:19:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ableton
[2010/01/19 15:09:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\acccore
[2011/09/10 12:50:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Advanced Mario Sequencer
[2011/01/26 12:12:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Amazon
[2010/03/13 22:21:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AnvSoft
[2011/08/15 13:14:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AtomZombieData
[2012/08/17 14:05:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Audacity
[2010/05/06 21:50:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Autodesk
[2011/12/26 15:36:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Beat Hazard
[2011/07/04 12:11:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Bioshock
[2012/08/26 14:49:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2012/02/26 19:35:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Blender Foundation
[2010/01/20 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Braid
[2010/11/29 16:24:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Broken Rules
[2011/04/08 15:41:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\calibre
[2010/12/09 16:38:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Chime
[2012/01/26 18:49:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.doubleperfect.ggpo
[2011/07/08 16:39:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011/07/26 20:37:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Crayon Physics Deluxe
[2011/06/11 13:52:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DAEMON Tools Pro
[2011/04/01 17:00:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DarksporeData
[2012/03/03 12:55:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dexpot
[2012/08/26 08:32:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dropbox
[2010/05/20 10:10:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\fofix
[2012/04/02 15:29:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Folding@home-x86
[2012/06/07 16:19:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\foobar2000
[2010/05/20 10:06:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\fretsonfire
[2009/12/25 15:52:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GetRightToGo
[2012/08/26 08:31:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gmote
[2010/07/02 20:18:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\gtk-2.0
[2011/10/20 14:41:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gyazo
[2011/12/10 17:29:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Image-Line
[2009/12/25 15:52:42 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\iPodtoComputer
[2012/05/28 13:25:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\iZotope
[2012/01/20 19:09:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Jeskola
[2011/03/14 16:50:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KALiNKOsoft
[2010/09/07 15:56:56 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LEGO Company
[2012/06/17 13:44:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient
[2012/06/14 13:39:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LolClient2
[2012/05/25 21:13:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ManyCam
[2010/10/24 10:06:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MinecraftTools
[2011/01/07 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Minetographer
[2011/07/04 20:51:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mount&Blade
[2012/07/31 13:46:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mumble
[2011/03/28 16:27:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Music Recognition
[2011/12/14 17:00:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nicalis
[2011/06/27 12:55:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Notepad++
[2010/05/25 20:04:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NVD
[2011/06/17 19:09:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OnLive App
[2011/01/07 16:24:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenOffice.org
[2011/09/17 14:51:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2009/12/21 19:07:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PictureMover
[2011/08/20 14:54:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Pokemon Online
[2012/06/17 12:07:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PrimoPDF
[2012/05/16 17:32:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Propellerhead Software
[2010/09/12 15:15:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Publish Providers
[2012/04/21 15:13:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\pymclevel
[2011/06/06 15:44:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Rovio
[2011/03/23 19:20:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\runic games
[2011/08/15 12:18:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2012/05/14 20:46:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Screaming Bee
[2012/03/23 19:26:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SmartDraw
[2012/06/02 22:42:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2010/09/12 14:46:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony
[2012/01/23 17:28:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SplitMediaLabs
[2011/04/01 19:28:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Spore
[2010/02/07 20:06:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Subversion
[2012/02/12 17:12:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SynthMaker
[2011/12/25 19:55:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
[2012/05/20 17:18:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2009/12/22 07:42:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Template
[2010/05/25 20:04:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2011/07/11 11:36:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/01/22 14:07:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Unity
[2011/11/25 14:04:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Voxatron
[2012/06/04 21:06:07 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Voxengo
[2009/12/21 20:24:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2009/12/24 14:40:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch
[2011/02/28 19:01:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WTouch
[2011/07/08 17:59:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\X-Chat 2
[2012/06/04 21:30:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Xilisoft
[2012/03/31 10:03:22 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/05/28 09:08:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012/08/21 23:40:07 | 000,063,561 | ---- | M] () -- C:\ComboFix.txt
[2008/04/11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2010/05/08 12:27:09 | 000,000,250 | ---- | M] () -- C:\FINIS_IT.TXT
[2012/08/26 08:28:41 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/15 13:14:25 | 000,000,050 | ---- | M] () -- C:\im.ini
[2008/04/11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2011/03/24 19:58:22 | 000,001,059 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/08/26 08:28:53 | 4286,463,999 | -HS- | M] () -- C:\pagefile.sys
[2012/07/23 11:02:27 | 000,146,396 | ---- | M] () -- C:\TDSSKiller.2.7.47.0_23.07.2012_10.58.48_log.txt
[2010/03/19 19:55:52 | 002,073,703 | ---- | M] () -- C:\VS_EXPBSLN_x64_enu.CAB
[2010/03/19 19:58:20 | 000,551,424 | ---- | M] () -- C:\VS_EXPBSLN_x64_enu.MSI

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.sys /90 >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Alex\AppData\Local\Google\Chrome\Application\chrome.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/03/16 03:04:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/03/16 03:04:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/03/16 03:04:03 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ShowIconsCommand [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /HideIconsCommand [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ReInstallBrowser [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files (x86)\Opera\Opera.exe" [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/07/18 14:39:52 | 000,865,776 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/07/18 14:39:53 | 000,913,888 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\USERS\ALEX\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\USERS\ALEX\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\USERS\ALEX\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\USERS\ALEX\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE"
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2012/03/16 03:04:02 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2012/03/16 03:04:02 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2012/03/16 03:04:02 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2012/06/02 05:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /SHOWICONSCOMMAND [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /HIDEICONSCOMMAND [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /REINSTALLBROWSER [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" [2012/01/30 16:33:16 | 000,949,104 | ---- | M] (Opera Software)

< End of report >

#15 RestoChesto

RestoChesto
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:21 PM

Posted 26 August 2012 - 02:02 PM

OTL Extras logfile created on: 8/26/2012 2:29:39 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.13 Gb Available Physical Memory | 64.19% Memory free
15.98 Gb Paging File | 12.46 Gb Available in Paging File | 77.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.20 Gb Total Space | 53.88 Gb Free Space | 7.85% Space Free | Partition Type: NTFS
Drive D: | 12.33 Gb Total Space | 2.22 Gb Free Space | 17.97% Space Free | Partition Type: NTFS
Drive E: | 652.13 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73104263-9614-4FDB-8C6F-A7361580E956}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA5EE18B-17A8-4505-8AFE-6FDC5CF5A7DC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08F2DF84-BC45-419D-AE68-2B832F228295}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{098D1C4F-9A11-4EDA-92D7-1467336B6ED6}" = protocol=6 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpo.exe |
"{0BD35215-E634-46F8-8C91-5DF0F44749CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"{0F5BCA54-E713-4224-8A2B-255602722AED}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1D9F7097-DB3C-4A35-8EB1-C480B36244E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{237DD1F4-0719-49EF-B8E1-F512DF945AF8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{23DDF05C-871C-441E-B876-AB28D115D4D9}" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25EDA1BE-55EB-48A0-97C9-3DC9CF97BC10}" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{30D9778B-076C-4EF5-AA4E-B8C1459D2E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space\dead space.exe |
"{393DBCAF-74CF-4A0F-B501-EDAC7A5E35E6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{3BDFE6C2-54CC-4DEB-9D95-09E9376C71A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space\dead space.exe |
"{3D313F15-90C3-4393-B504-D1753D8E37FB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3E592749-2B74-4FD6-8280-55CFAC05D217}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{49321C35-D70A-45DB-9AB2-405DA8A3FE86}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"{499CC25C-1C0F-41F6-876E-10BCB8D92BDE}" = protocol=17 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpo.exe |
"{4E1F66F7-876C-480F-A72D-498C65AC3949}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{53CBAF8E-9417-4E75-9059-00157E7F9133}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5BA61E89-79B7-48AD-81DC-C161CEC3238B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"{5DCC38C9-AA63-47C6-89CF-1B998E444524}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{64D6225E-7F5A-4C64-8203-E95845082B05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{72522642-5D22-485E-A197-13DFC4160174}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{7407495E-F06A-45C0-81BC-44514D928F05}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8AAFED19-8B35-40EC-AD62-6D90BF99532C}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{932FC3A7-CB55-4E92-8394-02BD690979C6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{94411D20-EAFB-4DA3-8333-A7D091B1489A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{9CDEBADF-B797-43AF-9F19-E1872F3A82F7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
"{9F520326-C552-4DF4-80CF-096A399FA867}" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A2DFFDF3-5998-4E13-A4F5-122105E36AC6}" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A418A3E3-CD9D-4A12-8CB8-65D729E12CB3}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{A4B63560-E513-43B9-8AEC-608DFCF9CF99}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ABC14B0F-10F6-4627-83D9-82D856CD4D63}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{B6162203-C1F7-4F85-9F5C-337DFE53CC8E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{BDD6CA91-0A13-4B25-9E08-E6A1F0D8C3B0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BE8A8EEA-5F15-47FC-89A6-B7E8529954E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{BF975014-6FE2-4A22-B7AA-2EA34E3311BE}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C644A8D1-98ED-47AE-B1FE-34B76176AF20}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{C9046AC6-FAB6-46E3-8B2B-1E2783335EE1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"{CC790A7C-F105-4C13-B4D9-D1251852449F}" = protocol=6 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpofba.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CE708071-5887-4567-AEEE-AB8A4E257069}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D3B8CECD-CD48-49A0-AC0D-E70E19AC34F4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DB3A89AC-973F-4BEA-A121-96E5D5FFA59D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{E34EE566-EF5B-43AC-88D1-8E2A8C440013}" = protocol=58 | dir=in | app=system |
"{E80A5A38-F3FE-468B-AFFA-E5DB55F093D1}" = protocol=17 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpofba.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8861BE0-19CB-485C-AA2D-8277932FF579}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EFF72355-6930-4CF4-A9F2-7E38A479FC51}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{F13B2440-6EA8-4565-B9DC-220077C2BBCB}" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F1A68FF2-E0E1-4F3F-B661-9217F1F840F8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F5E6FE9D-DE0E-4CF7-ACEA-86B22860D6A0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{F69BEF6C-EDEE-467B-8420-16304AFE2038}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9223243-2E24-4211-B8AC-97A279DBD9FF}" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F9EFD2B7-29F4-4B62-9BDA-8D9CF6864DA4}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{FEB7764C-427C-45A7-B748-1DA11A2E04EA}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1918B9CF-01F0-40A8-A4DB-F6DEE25ED50F}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |
"TCP Query User{2A8A6369-3254-4DE7-9BCE-A3408D58195B}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{2D778DA9-4894-4195-BF83-7EC310C31334}C:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"TCP Query User{4C85F0BF-1BB0-4E2A-BE26-A8591C5C6096}C:\users\owner\desktop\ggpo-build-030\ggpo.exe" = protocol=6 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpo.exe |
"TCP Query User{5C24053E-0CD1-43CF-AA6C-EC78EC2729BC}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{7E5DE633-95E3-4E52-8157-C4777CAD2482}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{7E7FACB4-0F6D-40B5-A681-8121F762B72C}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{84E5ED4F-8C05-4832-A40D-D69931F85A55}C:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"TCP Query User{8562F4C8-A3DC-47F8-8769-F25B23DE2419}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{86D06706-12F3-401D-8A93-DC8FC8C98A15}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"TCP Query User{9C776697-1B5D-404F-92DB-AE15CB05D2FB}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{B0BE72DF-11F7-45C0-AED8-0EB7184F3129}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"TCP Query User{B4521E07-FB3B-4748-B0EC-293287E72675}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{B554E487-D422-4FF7-9FF5-F4F750488EEF}C:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe |
"TCP Query User{E1E4B1BB-A2B1-402D-9A36-411D371EA4F6}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"TCP Query User{F4A0176D-D565-4372-8BFE-161B3E22710A}C:\users\owner\desktop\ggpo-build-030\ggpofba.exe" = protocol=6 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpofba.exe |
"TCP Query User{F4ACFB81-DB54-4B50-B264-97499C4DBFB3}C:\program files (x86)\steam\steamapps\common\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space\dead space.exe |
"UDP Query User{1A3E49E9-72A0-4912-B16F-AC06202151DD}C:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe |
"UDP Query User{3A0A6EF0-F355-4903-97A8-7259163FE6DD}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{3D3B99B5-6215-44C7-914F-8E76743C1CBB}C:\program files (x86)\steam\steamapps\common\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead space\dead space.exe |
"UDP Query User{6203DB4A-8963-4258-AA43-5643BDD7D6BE}C:\program files (x86)\windows live\contacts\wlcomm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"UDP Query User{78767EC3-4803-47BA-A0D4-EF8FCDC93A37}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{96775A4F-469F-4C33-999A-BC171B7A33BE}C:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\obsidianchao\team fortress 2\hl2.exe |
"UDP Query User{A3854817-68A3-405F-A851-704790A59B35}C:\users\owner\desktop\ggpo-build-030\ggpo.exe" = protocol=17 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpo.exe |
"UDP Query User{A6FF2F88-DFB8-430B-8591-C1F13AB12975}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{AB08166C-7E61-4CF1-B770-52AAF378C505}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{B9C5B0E3-B158-4A45-8B63-F38523D1094F}C:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"UDP Query User{C0A04DF1-38B6-4982-AEB9-638BB830AEF9}C:\users\owner\desktop\ggpo-build-030\ggpofba.exe" = protocol=17 | dir=in | app=c:\users\owner\desktop\ggpo-build-030\ggpofba.exe |
"UDP Query User{D331D7D6-0BEB-42FF-A372-02DC1AEF21A2}C:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\qube\binaries\win32\qube.exe |
"UDP Query User{D3A179C1-B038-44A0-B2E9-6491A5C3D446}C:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{D3DC1D75-86D7-4DA7-B980-B9C61F2D9208}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{D9FFE974-8247-4A2A-995C-13729DDBFBB2}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"UDP Query User{F7D65BF0-A94A-416C-A0F2-EC41391D8EE3}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{FB545EF8-CEB9-446D-A686-54798B393DE5}C:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty 4\iw3mp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{20140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java™ 6 Update 21 (64-bit)
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36A415C2-7181-421D-92C9-8255766E0FF3}" = TortoiseSVN 1.6.10.19898 (64 bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5AEBB4A3-6878-4CEE-AD34-0F6958A983F0}" = HP Deskjet F4400 Printer Driver Software 13.0 Rel .5
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java™ SE Development Kit 6 Update 21 (64-bit)
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6A7F7056-14E1-D8E4-0B87-BC3F18EAC8AC}" = ATI AVIVO64 Codecs
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{88EAF577-71FA-46F2-8E42-AEA33E35AFB1}" = Vegas Pro 9.0 (64-bit)
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{936D0DCE-9C2A-7D4C-0E96-7D5B40206DD1}" = AMD Fuel
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A54F63-9696-4823-AC24-E02049727645}" = Bluesoleil 6.0.227.0
"{9DADBA45-2B06-4F7F-970B-E854ABC8917A}" = WBFS Manager 2.5
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A9F1B5F6-0EE6-0409-BADD-F8BD360FACC3}" = Autodesk 3ds Max 2010 64-bit
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}" = M-Audio Oxygen Driver 1.3.0 (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B9E591DD-DAAC-0409-B1B8-5667E359170B}" = Autodesk 3ds Max 2010 64-bit Components
"{BABA4667-CF82-B330-A8E5-6E8A09B2D911}" = AMD Accelerated Video Transcoding
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB500A52-1B84-CA65-BB07-D092FCE39E42}" = ccc-utility64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DB26471F-EE71-49EB-BF42-65C08AD6C74F}" = MySQL Server 5.1
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{E4490157-303F-F06F-FB6E-D2053A43A182}" = AMD Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F480BE66-C9F2-608F-A47A-E9F966080883}" = AMD Drag and Drop Transcoding
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010 64-bit
"Blender" = Blender
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"MediaInfo" = MediaInfo 0.7.47
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Recuva" = Recuva
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"UDK-2a20e243-6805-494b-9403-63d15dda8c28" = My Game Long Name
"UDK-f6eee851-aa51-49f4-8407-4b3502713ec7" = My Game Long Name
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10
"VTFEdit_is1" = VTFEdit 1.3.3
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9A8A2-263E-42C3-B9BA-C54FBC39F1D2}" = Terrafirma
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055A1919-3BBA-4BD5-8B3C-3851879AC185}" = Morrowind
"{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}" = Catalyst Control Center InstallProxy
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{116204F9-CEE4-F29F-0CF1-7ACF6EC32E29}" = CCC Help Hungarian
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1B0098FF-1816-4F42-8203-FA29F5735596}" = Samsung PC Studio 3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20140062-0062-0409-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 (Beta) - English
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25BC680F-2917-439F-96A4-92EBFFEA986C}" = calibre
"{26A24AE4-039D-4CA4-87B4-2F83216020F0}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.23
"{2D0B367F-6BB2-73E2-2D9A-19EFF005A655}" = CCC Help Russian
"{2EE74385-D170-4EA5-8A59-02105BB99807}" = Ace of Spades
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3528E965-4F0A-C0C7-B99C-920B7FE594E6}" = CCC Help Greek
"{3671991B-E558-8A57-BBBF-D9C56B6F6AE4}" = CCC Help English
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company 2
"{3BB4634D-CEE5-7AB0-D78D-EA263389A8AB}" = AMD VISION Engine Control Center
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E450CF1-F8C4-C8D6-29D1-87AD090E8F2A}" = Catalyst Control Center InstallProxy
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41B8D9C5-4DBB-D539-7FFA-8D83CB91A53B}" = CCC Help Portuguese
"{41D168A3-E94D-8F9B-4B7B-41B1AEBE75D2}" = CCC Help French
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}" = Camtasia Studio 7
"{497072FE-0A75-4E5C-A5B7-EB1FA67F66F1}" = DJ_AIO_05_F4400_Software_Min
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CA1E8E2-B2A9-40C1-8EC4-BBCB23BAAA19}_is1" = Crayon Physics Deluxe version 55
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DE096E8-BCBB-33B1-832C-E602DA635B36}" = CCC Help Finnish
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{605333A6-963F-480C-A358-1301CAA6CFF6}" = TES Construction Set
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6211B229-2D0B-4653-9338-3A2FBF2C4A9E}" = MorphVOX Pro
"{634D08B4-CFAC-CCB9-5891-FAB02B3FD9C1}" = TweetDeck
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{689556B2-BA08-6F09-EAFE-EA361F1742E4}" = CCC Help Chinese Standard
"{6AEDB189-219A-6326-493E-AECC88AA99AA}" = CCC Help Japanese
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}" = Folding@home-x86
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D9C043E-0EB7-6F70-D981-1787F65C4D71}" = CCC Help Danish
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.0
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74E9DD22-03B1-DE37-C677-4796ACECE6A7}" = CCC Help German
"{7604A79D-245D-45BB-AFBB-975DE69FFF80}" = Digidesign M-Audio Keyboard Personality 8.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77C71BFE-2598-4DB5-8F7C-0CF81A16DA40}" = ArcSoft MediaImpression
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7915B2E6-DBFA-5BFA-3FD3-726E704CFC94}" = CCC Help Turkish
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{8113B2B8-EC59-4BE8-963A-FBC5EC40B1CF}_is1" = Pod to PC version 3.106
"{817B97FF-3CB7-8F10-1832-0890DCDD0526}" = CCC Help Czech
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EAD600D-1912-4DEF-92B5-0C7525E17ED2}" = F4400
"{8EBE529D-907F-47C5-9DBF-FF88EC3C215D}" = Verizon Wireless Software Utility Application for Android - Samsung
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C684A01-7F9C-40E7-AF94-BFE24BC89C97}" = XSplit
"{9D003D65-EF1F-03DD-EE3F-AB7753C3A9F0}" = CCC Help Chinese Traditional
"{9D5A41F8-E603-4403-5E9D-694A9DE49145}" = CCC Help Dutch
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9947AC7-4FBD-301C-811D-4CA821D8CA03}" = CCC Help Thai
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC568900-82E7-99FF-6C46-E899F9950D17}" = CCC Help Italian
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AD9E5D61-0EBB-4472-8DA9-359560FB6988}}_is1" = O[tVh[
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B405F81D-3AB8-A7FA-BDDA-BF226815DE28}" = CCC Help Spanish
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C41E46F9-0F37-8379-E792-B323021FA4BB}" = Catalyst Control Center Localization All
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE96B998-6333-5ADD-F184-6069F7A99F01}" = CCC Help Swedish
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D7B3493D-766C-40AA-9AA9-053B896D76DE}" = Angry Birds Rio
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE18A8A8-7AE2-867F-3911-FA8F1C021B51}" = CCC Help Korean
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12ABE6F-830C-AE8F-29EA-76FEC5F2D376}" = Catalyst Control Center Graphics Previews Common
"{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{E4431953-0C3A-75AF-CCC3-2DF9C0827932}" = CCC Help Norwegian
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8627DF4-F0B2-E7C1-0E66-2779E4F0AAC8}" = HydraVision
"{E8A602BF-C276-4DB2-A9FF-B4C30EA1CB7C}_is1" = iDump (Freeware) Build:30
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE55714B-B67C-4D08-97AE-0CF4AC5A3A77}" = StuffIt Expander 2010
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype 5.10
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F42F3704-4CA7-4D28-9F5B-FDBF2E589EB2}" = Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC)
"{F5025D45-CAE1-4329-8FA9-F12B1BB7E540}" = GrandDog Run Time System V1.0.35
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FB3D338C-2717-9B6E-D7A3-4407AC192B26}" = CCC Help Polish
"{FD1CF181-42A8-44E1-8225-BA813B67B73F}" = BMDview2
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = 1ClickDownload
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_7" = AIM 7
"AltDrag" = AltDrag
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"Anarchy Online_is1" = Anarchy Online
"Any Video Converter_is1" = Any Video Converter 3.0.3
"ArenaSetup_is1" = Arena
"ASIO4ALL" = ASIO4ALL
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"AutoHotkey" = AutoHotkey 1.0.92.02
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"Camel Audio Camel Phat VST v3.15" = Camel Audio Camel Phat VST v3.15
"CamStudio" = CamStudio
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"Cogs" = Cogs
"Color Efex Pro 3.0 Wacom Edition 3" = Color Efex Pro 3.0 Wacom Edition 3
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combat Arms" = Combat Arms
"Comical_is1" = Comical 0.8
"Crafty_is1" = Crafty 1.0.1
"Cucusoft iPhone/iTouch/iPod to Computer Transfer_is1" = iPhone/iTouch/iPod to Computer Transfer 6.0.3
"DAEMON Tools Pro" = DAEMON Tools Pro
"DDA23392-9C73-4909-A221-BC12C6D2664D" = GmoteServer
"DDS Converter 2.1" = DDS Converter 2.1
"Deckadance" = Deckadance
"DirectWave" = DirectWave
"Drumaxx" = Drumaxx
"DX10" = DX10
"Edison" = Edison
"ESET Online Scanner" = ESET Online Scanner v3
"FL Studio 10" = FL Studio 10
"foobar2000" = foobar2000 v1.1.7
"Fraps" = Fraps (remove only)
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.5
"Frets on Fire" = Frets On Fire
"GamersFirst LIVE!" = GamersFirst LIVE!
"GameSpy Arcade" = GameSpy Arcade
"GCFScape_is1" = GCFScape 1.7.5
"Guild Wars" = Guild Wars
"Halo CE" = Microsoft Halo Custom Edition
"Halo HEK" = Halo Editing Kit
"Hamster Free Video Converter_is1" = HamsterFreeVideoConverter
"Hardcore" = Hardcore
"Homepage Protection" = Homepage Protection
"HP Remote Solution" = HP Remote Solution
"Hu-Go!_is1" = Hu-Go! 2.12
"IL Autogun" = IL Autogun
"IL Download Manager" = IL Download Manager
"IL DrumSynth Live" = IL DrumSynth Live
"IL Gross Beat" = IL Gross Beat
"IL Harmless" = IL Harmless
"IL Harmor" = IL Harmor
"IL Juice Pack" = IL Juice Pack
"IL Ogun" = IL Ogun
"IL Slicex" = IL Slicex
"IL Vocodex" = IL Vocodex
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"iZotope Ozone 5_is1" = iZotope Ozone 5
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LastFM_is1" = Last.fm 1.5.4.27091
"Live 8.2.2" = Live 8.2.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"ManyCam" = ManyCam 3.0.79 (remove only)
"Maximus" = Maximus
"MBACWIN" = MELTY BLOOD Act Cadenza Ver.B Windows
"MelodyCan_is1" = MelodyCan 3.7.7
"Melty Blood Act Cadenza English" = Melty Blood: Act Cadenza English v1.1
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Mirror's Edge - White City 1.0 Beta" = Mirror's Edge - White City 1.0 Beta
"Morphine" = Morphine
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mti_wv" = West Virginia Topo Map
"Native Instruments Massive v1.0.1.008 VSTi DXi RTAS" = Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
"New LEGO Digital Designer" = LEGO Digital Designer
"Nike+ Connect" = Nike+ Connect
"Notepad++" = Notepad++
"NoteWorthy Composer 2" = NoteWorthy Composer 2
"NoteWorthy Player" = NoteWorthy Player
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"Ohmicide VST" = Ohm Force - Ohmicide VST
"OnLive" = OnLive
"OpenAL" = OpenAL
"Opera 11.61.1250" = Opera 11.61
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"Pen Tablet Driver" = Bamboo
"pepakura_designer3en" = Pepakura Designer 3
"pepakura_viewer3en" = Pepakura Viewer 3
"PoiZone" = PoiZone
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PunkBusterSvc" = PunkBuster Services
"Quadrafuzz" = Quadrafuzz v1.0
"quick3D Geometry [shareware] 1" = quick3D Geometry [shareware]
"Reason5_is1" = Reason 5.0
"reFX Vanguard VSTi_is1" = reFX Vanguard VSTi v1.6.1
"Runic Games Torchlight" = Torchlight
"Sakura" = Sakura
"Sawer" = Sawer
"Screen Capturer Recorder_is1" = Screen Capturer Recorder uninstall
"Simple Port Forwarding" = Simple Port Forwarding
"SimSynth" = SimSynth
"SketchyPhysics2_is1" = SketchyPhysics2b1
"SketchyPhysics3_is1" = SketchyPhysics3x
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Sonic Charge Tonic VST" = Sonic Charge Tonic VST
"ST6UNST #1" = RAS - MP2M Master
"Steam App 10090" = Call of Duty: World at War
"Steam App 102600" = Orcs Must Die!
"Steam App 102800" = Darkspore Beta
"Steam App 104100" = Inside a Star-filled Sky
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 107300" = Breath of Death VII
"Steam App 107310" = Cthulhu Saves the World
"Steam App 111800" = Blocks That Matter
"Steam App 113200" = The Binding Of Isaac
"Steam App 1250" = Killing Floor
"Steam App 12900" = Audiosurf
"Steam App 1500" = Darwinia
"Steam App 15500" = The Wonderful End of the World
"Steam App 15520" = AaAaAA!!! - A Reckless Disregard for Gravity
"Steam App 15540" = 1... 2... 3... KICK IT! (Drop That Beat Like an Ugly Baby)
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Steam App 17410" = Mirror's Edge
"Steam App 17470" = Dead Space
"Steam App 18700" = And Yet It Moves
"Steam App 200900" = Cave Story+
"Steam App 200910" = Sequence
"Steam App 203730" = Q.U.B.E.
"Steam App 207080" = Indie Game: The Movie
"Steam App 2100" = Dark Messiah Might and Magic Single Player
"Steam App 21090" = F.E.A.R.
"Steam App 211" = Source SDK
"Steam App 215" = Source SDK Base
"Steam App 220" = Half-Life 2
"Steam App 22100" = Mount & Blade
"Steam App 240" = Counter-Strike: Source
"Steam App 26000" = The Maw
"Steam App 26800" = Braid
"Steam App 29160" = Blueberry Garden
"Steam App 300" = Day of Defeat: Source
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 3483" = Peggle Extreme
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 360" = Half-Life Deathmatch: Source
"Steam App 380" = Half-Life 2: Episode One
"Steam App 3830" = Psychonauts
"Steam App 38720" = RUSH
"Steam App 3910" = Sid Meier's Civilization III: Complete
"Steam App 40" = Deathmatch Classic
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 40800" = Super Meat Boy
"Steam App 40810" = Super Meat Boy Editor
"Steam App 41500" = Torchlight
"Steam App 41800" = Gratuitous Space Battles
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 44100" = Super Laser Racer
"Steam App 44200" = Galcon Fusion
"Steam App 4580" = Warhammer 40,000: Dawn of War Dark Crusade
"Steam App 48950" = Greed Corp
"Steam App 49600" = Beat Hazard
"Steam App 550" = Left 4 Dead 2
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 570" = Dota 2
"Steam App 58540" = Divinity II - The Dragon Knight Saga
"Steam App 6060" = Star Wars - Battlefront II
"Steam App 6100" = Eets
"Steam App 620" = Portal 2
"Steam App 62100" = Chime
"Steam App 63700" = BIT.TRIP BEAT
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 65800" = Dungeon Defenders
"Steam App 6600" = Bullet Candy
"Steam App 70300" = VVVVVV
"Steam App 70400" = Recettear: An Item Shop's Tale
"Steam App 70410" = Recettear: An Item Shop's Tale - Demo
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Steam App 8400" = Geometry Wars: Retro Evolved
"Steam App 91600" = Sanctum
"Steam App 91700" = E.Y.E: Divine Cybermancy
"Steam App 92200" = Gundemonium Recollection
"Steam App 92210" = Hitogata Happa
"Steam App 92220" = GundeadliGne
"Steam App 9500" = Gish
"Steam App 98600" = Demolition, Inc.
"Steam App 99700" = NightSky
"SynapseHydra_is1" = Hydra VSTi/DXi v1.2
"Sytrus" = Sytrus
"TeamViewer 7" = TeamViewer 7
"TextAloud MP3_is1" = TextAloud
"Toxic Biohazard" = Toxic Biohazard
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Ultimate Unwrap3D 2.50.06 Demo_is1" = Ultimate Unwrap3D 2.50.06 Demo
"Unfold3D_is1" = Unfold3D Magic Edition
"Uninstall_is1" = Uninstall 1.0.0.1
"Veetle TV" = Veetle TV 0.9.17
"VLC media player" = VLC media player 1.1.8
"Voxatron" = Voxatron 0.1.3
"VTF Explorer_is1" = VTF Explorer 1.3
"Warcraft II Battle.NET Edition" = Warcraft II Battle.NET Edition 2.02
"Wasp" = Wasp
"Waves Diamond Bundle v5.0" = Waves Diamond Bundle v5.0
"WildTangent hp Master Uninstall" = HP Games
"WinGimp-2.0_is1" = GIMP 2.6.9
"WinGTK-2_is1" = GTK+ 2.6.4 runtime environment
"WinLiveSuite" = Windows Live Essentials
"xchat" = XChat 2 (remove only)
"X-Chat 2_is1" = X-Chat 2.8.6-2
"Xilisoft DVD Creator" = Xilisoft DVD Creator
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"Yahoo! Companion" = Yahoo! Toolbar
"YTdetect" = Yahoo! Detect
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3415995535-3686741152-2621498028-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Dropbox" = Dropbox
"fc418bf9b18f76aa" = Ghost Recon Online (NCSA-Live)
"Google Chrome" = Google Chrome
"Hunters 4K" = Hunters 4K
"MusicManager" = Music Manager
"UnityWebPlayer" = Unity Web Player
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/25/2012 11:53:36 AM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100
Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 8/26/2012 8:33:35 AM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 5009
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=17F8} The Application Virtualization
Client could not connect to stream URL 'http://c2r.microsoft.com/EssentialsC2R/en-us/14.0.4536.1000/EssentialsC2R.en-us_14.0.4545.1000.sft'
(rc 24603A0A-40000194, original rc 24603A0A-40000194).

Error - 8/26/2012 8:33:35 AM | Computer Name = Owner-PC | Source = Application Virtualization Client | ID = 3008
Description = {hap=14:app=OfficeVirt 2014006204090000:tid=17F8} The client was unable
to connect to an Application Virtualization Server (rc 24603A0A-40000194)

Error - 8/26/2012 8:43:27 AM | Computer Name = Owner-PC | Source = CVHSVC | ID = 100
Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 8/26/2012 9:38:56 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ilbridge64.exe, version: 1.0.1.0, time
stamp: 0x00000000 Faulting module name: ntdll.dll, version: 6.1.7600.16915, time
stamp: 0x4ec4b137 Exception code: 0xc0000005 Fault offset: 0x00000000000157cd Faulting
process id: 0xb34 Faulting application start time: 0x01cd838f9d04e5b3 Faulting application
path: C:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exe
Faulting
module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 615c6f27-ef83-11e1-8702-00030d000001

Error - 8/26/2012 9:40:43 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program FL.exe version 0.0.0.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 5cc Start Time:
01cd8388725552bb Termination Time: 60000 Application Path: C:\Program Files (x86)\Image-Line\FL
Studio 10\FL.exe Report Id:

Error - 8/26/2012 9:42:35 AM | Computer Name = Owner-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ilbridge64.exe, version: 1.0.1.0, time
stamp: 0x00000000 Faulting module name: ntdll.dll, version: 6.1.7600.16915, time
stamp: 0x4ec4b137 Exception code: 0xc0000005 Fault offset: 0x00000000000157cd Faulting
process id: 0x2284 Faulting application start time: 0x01cd838e1fd16039 Faulting application
path: C:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exe
Faulting
module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: e403ef37-ef83-11e1-8702-00030d000001

Error - 8/26/2012 9:42:43 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program ilbridge64.exe version 1.0.1.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2244 Start
Time: 01cd838fc140f0c6 Termination Time: 79 Application Path: C:\Program Files (x86)\Image-Line\FL
Studio 10\System\Tools\Bridge\ilbridge64.exe Report Id: 9383c2d8-ef83-11e1-8702-00030d000001


Error - 8/26/2012 9:48:00 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program ilbridge64.exe version 1.0.1.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2328 Start
Time: 01cd838fbfddb212 Termination Time: 47 Application Path: C:\Program Files (x86)\Image-Line\FL
Studio 10\System\Tools\Bridge\ilbridge64.exe Report Id: 8713cec3-ef84-11e1-8702-00030d000001


Error - 8/26/2012 9:53:46 AM | Computer Name = Owner-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7600.16768 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 724 Start
Time: 01cd8386632597ff Termination Time: 18 Application Path: C:\Windows\Explorer.EXE

Report
Id: 712858e3-ef85-11e1-8702-00030d000001

[ Hewlett-Packard Events ]
Error - 7/19/2012 4:08:32 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 50 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/2/2012 4:45:46 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/2aa4e1b1_108e_4e54_9d86_691ee64790b4/h92du8eqxsgatbi5r0ffl5ya_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 7927 Ram Utilization: 50 TargetSite: Void UpdateDetail(System.String)

Error - 8/2/2012 4:46:15 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 50 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/2/2012 4:46:16 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 50 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/9/2012 4:50:01 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/9/2012 4:50:01 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/16/2012 4:49:50 PM | Computer Name = Owner-PC | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/bceaebe0_4526_41a5_acf5_bf21ebdcf2a5/gqjephjprzrmll3pnmdwoy7s_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 7927 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)

Error - 8/16/2012 4:50:06 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/16/2012 4:50:06 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 7927 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/23/2012 4:40:22 PM | Computer Name = Owner-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 8183 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

[ System Events ]
Error - 8/25/2012 11:43:49 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description = The PinnacleUpdate Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 8/25/2012 1:22:09 PM | Computer Name = Owner-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 8/25/2012 2:44:00 PM | Computer Name = Owner-PC | Source = bowser | ID = 8003
Description =

Error - 8/26/2012 8:28:57 AM | Computer Name = Owner-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:43:15 PM on ?8/?25/?2012 was unexpected.

Error - 8/26/2012 8:28:40 AM | Computer Name = Owner-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 8/26/2012 8:30:13 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the AMD
FUEL Service service to connect.

Error - 8/26/2012 8:30:13 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description = The AMD FUEL Service service failed to start due to the following
error: %%1053

Error - 8/26/2012 8:31:36 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Hi-Rez
Studios Authenticate and Update Service service to connect.

Error - 8/26/2012 8:33:34 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7034
Description = The PinnacleUpdate Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 8/26/2012 8:33:34 AM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
StarOpen


< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users