[Dark_Star_Qc]

MBAM log:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.15.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Linda :: LINDA-PC [administrator]

2012-01-15 17:35:29
mbam-log-2012-01-15 (17-35-29).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 179233
Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 110
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os121C.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os376D.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os3AAD.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os5C81.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os741B.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~os997C.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osACD2.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osBA7A.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osD57E.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlls.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlph.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlxf.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlxg.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlxh.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlxi.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\Linda\AppData\Local\Temp\~osFBAA.tmp\rlxj.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

(end)

[Advertisements]

This is all there is in the ESET log.txt file!

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

I followed your first set of instructions... I think maybe I should have followed the second.

I could try to rescan, but I imagine the threats have now been removed so they won't show up again?

Edited by Dark_Star_Qc, 15 January 2012 - 07:12 PM.

[Dark_Star_Qc]

This is all there is in the ESET log.txt file!

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK

I followed your first set of instructions... I think maybe I should have followed the second.

I could try to rescan, but I imagine the threats have now been removed so they won't show up again?

Edited by Dark_Star_Qc, 15 January 2012 - 07:12 PM.

[Dark_Star_Qc]

Security check log:

Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
Spyware Doctor with AntiVirus 8.0
McAfee Security Scan Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Spyware Doctor with AntiVirus 8.0
Java™ 6 Update 26
Out of date Java installed!
Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
Empowering Technology eSettings Service capuserv.exe
ESET ESET Online Scanner OnlineCmdLineScanner.exe
ESET ESET Online Scanner OnlineScannerApp.exe
Windows Defender MSASCui.exe
Alwil Software Avast5 AvastSvc.exe
Alwil Software Avast5 AvastUI.exe
``````````End of Log````````````

[CompCav]

If it ran for only a short time then please run it again. If that is what you received after a long time then go on to the next step!

[Dark_Star_Qc]

New OTL log:

OTL logfile created on: 2012-01-15 20:18:52 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Linda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,52 Gb Available Physical Memory | 50,74% Memory free
6,21 Gb Paging File | 4,52 Gb Available in Paging File | 72,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228,13 Gb Total Space | 55,06 Gb Free Space | 24,13% Space Free | Partition Type: NTFS
Drive D: | 227,87 Gb Total Space | 227,49 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
Drive E: | 78,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LINDA-PC | User Name: Linda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-01-13 19:37:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
PRC - [2012-01-06 20:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
PRC - [2012-01-06 13:36:14 | 000,331,608 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2012-01-04 18:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2012-01-04 18:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011-05-10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-05-10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-12-01 14:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010-10-27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010-09-11 11:48:12 | 001,052,676 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\VRS\vrs.exe
PRC - [2010-09-11 11:46:16 | 000,745,476 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe
PRC - [2010-08-25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010-05-24 06:30:58 | 001,234,432 | ---- | M] (Logia Ltd.) -- C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe
PRC - [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010-03-12 17:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010-01-15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-07-17 22:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009-04-11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 01:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-08-18 09:51:22 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2008-03-05 01:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008-03-05 01:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008-01-25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008-01-20 21:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-09 20:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008-01-09 20:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007-12-19 20:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007-12-07 15:28:22 | 000,196,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2007-10-17 12:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007-10-11 13:53:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-09-10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007-09-06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007-06-27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004-05-02 12:02:51 | 000,062,464 | ---- | M] (Elias Fotinis) -- C:\Program Files\DeskPins\DeskPins.exe


========== Modules (No Company Name) ==========

MOD - [2012-01-06 20:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
MOD - [2012-01-06 13:38:08 | 000,009,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2012-01-05 03:05:59 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012-01-05 03:05:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2011-10-13 02:33:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011-10-13 02:32:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll
MOD - [2011-10-13 02:32:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011-10-13 02:30:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011-10-13 02:30:42 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011-10-13 02:30:35 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011-10-13 02:29:48 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011-10-13 02:29:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009-11-03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008-12-26 14:08:08 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2971.38833__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,688,128 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2971.39016__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2971.39038__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2971.38792__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2971.38846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2971.39030__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2971.38993__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2971.38825__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2971.38946__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2971.38812__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:07 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2971.39063__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:57 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2971.39069__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:57 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2971.38806__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2971.39032__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2971.38955__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,663,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2971.38995__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2971.38859__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2971.38947__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2971.39089__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2971.38940__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2971.38813__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2971.39022__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:56 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2971.39002__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2971.38852__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2971.38972__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2971.39009__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:56 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2971.38954__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2971.39089__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2971.39001__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2971.38946__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2971.39061__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2971.38865__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2971.38954__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2971.38971__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2971.38986__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:55 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2939.23744__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008-12-26 14:07:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008-12-26 14:07:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008-12-26 14:07:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008-12-26 14:07:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008-12-26 14:07:51 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2971.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008-12-26 14:07:51 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2971.38819__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008-12-26 14:07:51 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2971.39044__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008-12-26 14:07:51 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2971.39053__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2971.38784__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008-12-26 14:07:51 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2971.39051__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2971.39081__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008-12-26 14:07:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2971.39092__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2971.38783__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008-12-26 14:07:50 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2971.38784__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008-12-26 14:07:50 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2971.38782__90ba9c70f846762e\APM.Server.dll
MOD - [2008-12-26 14:07:50 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2971.38783__90ba9c70f846762e\AEM.Server.dll
MOD - [2008-12-26 14:07:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2971.39053__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008-12-26 14:07:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008-03-05 01:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008-02-20 20:30:04 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008-02-19 17:08:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008-01-09 20:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008-01-09 20:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2008-01-09 20:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007-12-19 20:09:42 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSettings.Plugin.resources.dll
MOD - [2007-12-19 20:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007-12-19 20:09:00 | 000,011,264 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSettings.Presenter.resources.dll
MOD - [2007-12-19 20:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007-12-19 20:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007-12-19 20:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007-10-17 12:38:24 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\fr\ePerformance.Plugin.resources.dll
MOD - [2007-10-17 12:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2007-10-17 12:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2007-10-17 12:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2007-10-17 12:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2007-10-17 11:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2007-10-17 11:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2007-02-13 06:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll


========== Win32 Services (SafeList) ==========

SRV - [2012-01-06 13:39:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2012-01-06 13:36:14 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012-01-04 18:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012-01-04 18:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011-05-10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-10-31 20:03:48 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2010-09-11 11:48:12 | 001,052,676 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\VRS\vrs.exe -- (VRSService)
SRV - [2010-09-11 11:46:16 | 000,745,476 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe -- (MSRSService)
SRV - [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010-03-12 17:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010-01-15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008-08-18 09:51:22 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2008-03-05 01:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008-01-25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008-01-20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-19 20:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007-10-17 12:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007-09-10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)


========== Driver Services (SafeList) ==========

DRV - [2011-12-19 21:46:50 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2011-09-06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-09-06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-09-06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-09-06 16:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-05-10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-05-10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-12-02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010-09-22 14:19:02 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2010-06-22 21:47:58 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009-09-28 22:27:11 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-14 08:08:50 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2009-07-15 02:00:26 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2009-04-27 19:39:08 | 000,087,696 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009-04-27 19:39:08 | 000,079,888 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009-04-27 19:39:08 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009-04-27 19:39:06 | 000,100,944 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2008-02-19 19:52:50 | 003,514,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-12-21 10:51:08 | 007,629,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-12-08 00:28:10 | 000,140,320 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007-12-08 00:28:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007-11-06 11:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007-11-06 11:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007-09-25 09:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007-09-10 13:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007-07-16 04:38:06 | 000,030,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2007-07-07 08:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007-07-02 21:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007-01-29 05:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006-12-12 16:59:56 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.ca.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Linda\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Linda\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Logia\eSnipsDownloader\ext [2011-05-22 10:20:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-13 18:06:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-14 21:30:07 | 000,000,000 | ---D | M]

[2009-11-10 10:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Extensions
[2009-11-10 10:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012-01-14 21:39:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4jt4nlrf.default\extensions
[2012-01-13 18:06:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-20 17:16:55 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011-12-21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009-03-05 17:08:04 | 000,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2011-12-20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-05-22 10:20:22 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
[2011-12-20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012-01-14 21:30:47 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (eSnipsBHO Class) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - C:\Program Files\Logia\eSnipsDownloader\eSnipsBHO.dll (Logia Media)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [eSnips_Downloader] C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe (Logia Ltd.)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk = C:\Program Files\DeskPins\DeskPins.exe (Elias Fotinis)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Towers%20Eternity/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B89E525-B2FE-4E02-B769-D671257BBDE6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC5E9ED1-D009-43D4-AA4D-D31723C2C0CD}: NameServer = 10.3.56.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist Express Customer: DllName - (C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll) - C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Linda\Documents\Laurence\P4230094_Rogne JPM3.jpg
O24 - Desktop BackupWallPaper: C:\Users\Linda\Documents\Laurence\P4230094_Rogne JPM3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003-02-14 00:50:22 | 000,000,048 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{dc4b8955-acab-11de-a6c8-00218509134c}\Shell - "" = AutoRun
O33 - MountPoints2\{dc4b8955-acab-11de-a6c8-00218509134c}\Shell\AutoRun\command - "" = K:\Autorun.exe
O33 - MountPoints2\{e1215dd9-d377-11dd-ac3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e1215dd9-d377-11dd-ac3a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CWCheck.exe -- [2010-01-19 10:26:44 | 000,359,936 | R--- | M] (Novo Technologies)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-01-15 17:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-01-14 21:30:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-01-14 09:46:07 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Malwarebytes
[2012-01-14 09:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-01-14 09:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-01-14 09:45:54 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-01-14 09:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-01-13 19:37:21 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
[2011-12-30 13:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011-12-28 16:08:40 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\tiger-k
[2011-12-26 20:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2011-12-26 20:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2011-12-26 20:02:46 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Seven Zip
[2011-12-26 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011-12-26 13:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011-12-26 13:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2011-12-26 13:24:23 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Broad Intelligence
[2011-12-26 13:24:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
[2011-12-26 13:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\MediaCoder
[2011-12-26 01:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011-12-26 01:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011-12-26 00:58:46 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Digital Editions
[2011-12-26 00:42:29 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Kobo
[2011-12-26 00:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
[2011-12-26 00:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Kobo
[2011-12-19 21:46:50 | 000,037,376 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2011-12-19 21:46:50 | 000,021,504 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys
[2008-12-26 14:26:11 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

========== Files - Modified Within 30 Days ==========

[2012-01-15 20:22:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-15 20:13:52 | 000,869,194 | ---- | M] () -- C:\Users\Linda\Desktop\SecurityCheck.exe
[2012-01-15 20:02:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53930244-3333630975-3341998274-1000UA.job
[2012-01-15 19:44:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-15 19:44:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-15 19:02:02 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53930244-3333630975-3341998274-1000Core.job
[2012-01-15 17:51:19 | 000,605,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-01-15 17:51:19 | 000,104,680 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-01-15 17:45:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-15 17:44:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-01-15 11:28:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-01-14 23:01:27 | 000,000,512 | ---- | M] () -- C:\Users\Linda\Desktop\MBR.dat
[2012-01-14 21:30:47 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012-01-14 09:45:55 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-01-14 03:18:53 | 000,299,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-01-13 19:37:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
[2012-01-13 18:06:46 | 000,000,834 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-01-08 15:13:29 | 000,100,864 | ---- | M] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 19:06:12 | 000,108,120 | ---- | M] () -- C:\Users\Linda\Desktop\Dallas.jpg
[2011-12-30 13:45:46 | 000,001,947 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011-12-26 20:11:28 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Leawo AVI Converter.lnk
[2011-12-26 13:24:17 | 000,000,868 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaCoder.lnk
[2011-12-26 13:24:17 | 000,000,844 | ---- | M] () -- C:\Users\Linda\Desktop\MediaCoder.lnk
[2011-12-26 00:42:18 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Kobo.lnk
[2011-12-19 21:46:50 | 000,037,376 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2011-12-19 21:46:50 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys

========== Files Created - No Company Name ==========

[2012-01-15 20:13:36 | 000,869,194 | ---- | C] () -- C:\Users\Linda\Desktop\SecurityCheck.exe
[2012-01-14 23:01:27 | 000,000,512 | ---- | C] () -- C:\Users\Linda\Desktop\MBR.dat
[2012-01-14 09:45:55 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-01-13 18:06:46 | 000,000,834 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-01-03 19:06:09 | 000,108,120 | ---- | C] () -- C:\Users\Linda\Desktop\Dallas.jpg
[2011-12-30 13:45:46 | 000,001,947 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,923 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011-12-26 20:11:28 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Leawo AVI Converter.lnk
[2011-12-26 13:24:17 | 000,000,868 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaCoder.lnk
[2011-12-26 13:24:17 | 000,000,844 | ---- | C] () -- C:\Users\Linda\Desktop\MediaCoder.lnk
[2011-12-26 00:42:18 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Kobo.lnk
[2011-05-23 10:08:24 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011-01-08 20:59:03 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-01-08 20:33:41 | 000,153,600 | ---- | C] () -- C:\Windows\System32\WS_ContextMenu.dll
[2010-06-09 13:51:28 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010-04-16 19:04:01 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010-02-28 12:55:23 | 000,000,680 | ---- | C] () -- C:\Users\Linda\AppData\Local\d3d9caps.dat
[2010-01-13 23:02:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-09-12 10:34:39 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009-09-12 10:34:39 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009-09-12 10:34:39 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009-09-12 10:34:39 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009-09-12 10:34:39 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009-09-12 10:34:39 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009-09-12 10:34:39 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009-09-12 10:34:39 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009-09-12 10:34:39 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009-09-12 10:34:39 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009-09-12 10:34:39 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009-09-12 10:34:39 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009-09-12 10:34:39 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009-09-12 10:34:39 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009-09-12 10:34:39 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009-09-12 10:34:39 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-09-12 10:32:34 | 000,000,044 | ---- | C] () -- C:\Windows\EPSNX400.ini
[2009-09-01 17:26:55 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009-08-29 02:05:53 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2009-08-18 13:09:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-08-18 13:09:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009-08-03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009-07-22 17:25:20 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009-06-13 21:43:20 | 000,000,168 | ---- | C] () -- C:\Windows\wininit.ini
[2009-05-21 16:42:02 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009-05-19 08:35:39 | 000,000,210 | ---- | C] () -- C:\Windows\CWPlayerCfg.Ini
[2009-02-09 21:23:14 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009-02-09 21:22:17 | 000,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2009-01-05 01:52:20 | 000,100,864 | ---- | C] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-28 11:52:24 | 000,000,708 | ---- | C] () -- C:\Users\Linda\AppData\Roaming\wklnhst.dat
[2008-12-27 03:10:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008-12-26 14:30:55 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008-12-26 14:30:55 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008-12-26 14:27:12 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\INT15_DETECT.EXE
[2008-12-26 14:26:11 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008-12-26 14:07:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008-12-26 14:05:21 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008-12-26 14:05:20 | 000,165,746 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008-12-26 14:05:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008-12-26 14:05:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008-12-26 14:05:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008-03-16 15:42:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008-03-16 15:10:10 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008-03-16 14:16:12 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008-03-16 14:03:42 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
[2008-03-16 14:03:42 | 000,000,132 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006-11-02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 07:47:37 | 000,299,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 05:33:01 | 000,605,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 05:33:01 | 000,104,680 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001-12-26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-06 17:42:54 | 000,000,036 | ---- | C] () -- C:\Windows\A3W.ini
[2001-09-04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011-08-13 11:03:53 | 000,000,000 | -HSD | M] -- C:\Users\Linda\AppData\Roaming\.#
[2008-12-26 14:34:20 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Acer
[2008-03-16 14:49:03 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Acer GameZone Console
[2011-05-23 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Atari
[2011-05-22 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Audacity
[2009-09-28 22:47:49 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Blitware
[2011-12-26 13:24:23 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Broad Intelligence
[2009-03-19 18:17:21 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
[2009-09-28 23:07:59 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\DAEMON Tools Lite
[2009-09-28 22:27:03 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\DAEMON Tools Pro
[2009-11-04 00:12:58 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Damdai
[2009-12-15 11:57:47 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\El Conjugador
[2010-04-14 19:15:22 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\EPSON
[2009-05-29 07:08:06 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\eSobi
[2011-12-30 11:55:10 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\foobar2000
[2011-05-22 11:54:01 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Free Audio Editor
[2009-01-17 07:36:09 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Goodsol
[2011-05-17 06:54:20 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\gtk-2.0
[2008-12-26 14:34:19 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Leadertech
[2011-12-28 16:08:39 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Leawo
[2011-05-22 10:20:23 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Logia
[2011-01-08 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Moyea
[2010-09-11 11:48:26 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\NCH Swift Sound
[2010-09-15 06:10:30 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Recordpad
[2009-01-03 00:32:47 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\SpinTop
[2009-06-18 18:48:25 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\SystemRequirementsLab
[2010-08-27 07:10:46 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Template
[2011-12-28 16:09:29 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\tiger-k
[2011-08-29 07:15:43 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\TP
[2012-01-15 17:43:04 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

[Dark_Star_Qc]

Question: what is esnips?

Computer still running fine. Firefox no longer crashing.

[CompCav]

Question: what is esnips?

This is a file sharing tool used by P2P programs like Limewire and uTorrent. It is very questionable and I would recommend removing it if you did not knowingly install it.

Go to uninstall in control panel:

Click Start >> Control Panel >> Add or Remove Programs and Uninstall the following program:

eSnipsDownloader it is a Logia Ltd. product. If this does not remove it then let me know so I can remove it with an OTL fix.

[Dark_Star_Qc]

It is no longer in my program list.

I've run OTL to make sure it's gone. Here's the log. Seems to be still there.

OTL logfile created on: 2012-01-15 22:05:39 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Linda\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 48,65% Memory free
6,21 Gb Paging File | 4,54 Gb Available in Paging File | 73,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 228,13 Gb Total Space | 54,16 Gb Free Space | 23,74% Space Free | Partition Type: NTFS
Drive D: | 227,87 Gb Total Space | 227,49 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
Drive E: | 78,64 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LINDA-PC | User Name: Linda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-01-13 19:37:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
PRC - [2012-01-06 20:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
PRC - [2012-01-06 13:36:14 | 000,331,608 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe
PRC - [2012-01-04 18:02:02 | 000,329,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\hsswd.exe
PRC - [2012-01-04 18:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011-12-21 02:24:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011-05-10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-05-10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010-12-01 14:49:56 | 001,589,208 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010-10-27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010-09-11 11:48:12 | 001,052,676 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\VRS\vrs.exe
PRC - [2010-09-11 11:46:16 | 000,745,476 | ---- | M] (NCH Software) -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe
PRC - [2010-08-25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010-03-12 17:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010-01-15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009-07-17 22:12:12 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe
PRC - [2009-04-11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 01:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008-08-18 09:51:22 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2008-03-05 01:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008-03-05 01:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008-01-25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008-01-20 21:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-20 21:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008-01-09 20:43:28 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2008-01-09 20:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2007-12-19 20:09:22 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007-12-07 15:28:22 | 000,196,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2007-10-17 12:38:20 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2007-10-11 13:53:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-09-10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007-09-06 12:02:04 | 000,393,216 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007-06-27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007-06-27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004-05-02 12:02:51 | 000,062,464 | ---- | M] (Elias Fotinis) -- C:\Program Files\DeskPins\DeskPins.exe


========== Modules (No Company Name) ==========

MOD - [2012-01-06 20:45:28 | 000,660,296 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\openvpntray.exe
MOD - [2012-01-06 13:38:08 | 000,009,544 | ---- | M] () -- C:\Program Files\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2012-01-05 03:05:59 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012-01-05 03:05:52 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2011-12-21 02:24:51 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-10-13 02:33:48 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011-10-13 02:32:39 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll
MOD - [2011-10-13 02:32:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011-10-13 02:30:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011-10-13 02:30:42 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011-10-13 02:30:35 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011-10-13 02:29:48 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011-10-13 02:29:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009-11-03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008-12-26 14:08:08 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2971.38833__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,688,128 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2971.39016__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2971.39038__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2971.38792__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2971.38846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2971.39030__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2971.38993__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2971.38825__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008-12-26 14:08:08 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2971.38946__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2971.38812__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008-12-26 14:08:07 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2971.39063__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:57 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2971.39069__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:57 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2971.38806__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2971.39032__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2971.38955__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,663,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2971.38995__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2971.38859__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2971.38947__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2971.39089__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2971.38940__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2971.38813__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2971.39022__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:56 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2971.39002__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2971.38852__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2971.38972__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008-12-26 14:07:56 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2971.39009__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008-12-26 14:07:56 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2971.38954__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2971.39089__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2971.39001__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2971.38946__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2971.39061__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2971.38865__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2971.38954__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2971.38971__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2971.38986__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008-12-26 14:07:55 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2939.23744__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008-12-26 14:07:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008-12-26 14:07:55 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008-12-26 14:07:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008-12-26 14:07:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008-12-26 14:07:54 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008-12-26 14:07:51 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2971.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008-12-26 14:07:51 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2971.38819__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008-12-26 14:07:51 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2971.39044__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008-12-26 14:07:51 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2971.39053__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2971.38784__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008-12-26 14:07:51 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2971.39051__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2971.39081__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008-12-26 14:07:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008-12-26 14:07:51 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008-12-26 14:07:51 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2971.39092__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008-12-26 14:07:51 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2971.38783__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008-12-26 14:07:50 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2971.38784__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008-12-26 14:07:50 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2971.38782__90ba9c70f846762e\APM.Server.dll
MOD - [2008-12-26 14:07:50 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2971.38783__90ba9c70f846762e\AEM.Server.dll
MOD - [2008-12-26 14:07:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2971.39053__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008-12-26 14:07:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008-03-05 01:38:16 | 000,227,888 | ---- | M] () -- C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008-02-20 20:30:04 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008-02-19 17:08:00 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008-01-09 20:43:26 | 000,326,176 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008-01-09 20:43:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2008-01-09 20:42:54 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007-12-19 20:09:42 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSettings.Plugin.resources.dll
MOD - [2007-12-19 20:09:38 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007-12-19 20:09:00 | 000,011,264 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\fr\eSettings.Presenter.resources.dll
MOD - [2007-12-19 20:08:54 | 000,155,648 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007-12-19 20:08:28 | 003,420,160 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007-12-19 20:08:10 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007-10-17 12:38:24 | 000,003,584 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\fr\ePerformance.Plugin.resources.dll
MOD - [2007-10-17 12:38:20 | 000,045,056 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
MOD - [2007-10-17 12:38:00 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
MOD - [2007-10-17 12:38:00 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
MOD - [2007-10-17 12:37:58 | 000,040,960 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
MOD - [2007-10-17 11:55:10 | 000,020,480 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
MOD - [2007-10-17 11:55:10 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\MemCheck.Interface.dll
MOD - [2007-02-13 06:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll


========== Win32 Services (SafeList) ==========

SRV - [2012-01-06 13:39:12 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2012-01-06 13:36:14 | 000,331,608 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012-01-04 18:02:02 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012-01-04 18:01:58 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011-05-10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-10-31 20:03:48 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2010-09-11 11:48:12 | 001,052,676 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\VRS\vrs.exe -- (VRSService)
SRV - [2010-09-11 11:46:16 | 000,745,476 | ---- | M] (NCH Software) [Auto | Running] -- C:\Program Files\NCH Swift Sound\MSRS\msrs.exe -- (MSRSService)
SRV - [2010-03-18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010-03-12 17:41:16 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010-01-15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008-08-18 09:51:22 | 001,699,784 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2008-03-05 01:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008-01-25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008-01-20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-19 20:09:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007-10-17 12:38:20 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007-09-10 15:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)


========== Driver Services (SafeList) ==========

DRV - [2011-12-19 21:46:50 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [2011-09-06 16:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-09-06 16:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-09-06 16:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-09-06 16:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-05-10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-05-10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010-12-02 22:30:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010-09-22 14:19:02 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hssdrv.sys -- (HssDrv)
DRV - [2010-06-22 21:47:58 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2009-09-28 22:27:11 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-08-14 08:08:50 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2009-07-15 02:00:26 | 000,229,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2009-04-27 19:39:08 | 000,087,696 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2009-04-27 19:39:08 | 000,079,888 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2009-04-27 19:39:08 | 000,041,424 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2009-04-27 19:39:06 | 000,100,944 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2008-02-19 19:52:50 | 003,514,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007-12-21 10:51:08 | 007,629,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-12-08 00:28:10 | 000,140,320 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007-12-08 00:28:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007-11-06 11:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007-11-06 11:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007-09-25 09:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007-09-10 13:17:40 | 001,035,168 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007-07-16 04:38:06 | 000,030,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2007-07-07 08:13:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007-07-02 21:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007-01-29 05:20:34 | 000,059,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2006-12-12 16:59:56 | 000,016,512 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.ca.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398&ilc=12"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Linda\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Linda\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-13 18:06:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-14 21:30:07 | 000,000,000 | ---D | M]

[2009-11-10 10:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Extensions
[2009-11-10 10:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012-01-14 21:39:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4jt4nlrf.default\extensions
[2012-01-13 18:06:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-08-20 17:16:55 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011-12-21 02:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009-03-05 17:08:04 | 000,049,664 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2011-12-20 23:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011-05-22 10:20:22 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
[2011-12-20 23:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&output=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012-01-14 21:30:47 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\SetApanel.cmd File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk = C:\Program Files\DeskPins\DeskPins.exe (Elias Fotinis)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Towers%20Eternity/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B89E525-B2FE-4E02-B769-D671257BBDE6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC5E9ED1-D009-43D4-AA4D-D31723C2C0CD}: NameServer = 10.3.56.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist Express Customer: DllName - (C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll) - C:\Program Files\Citrix\GoToAssist Express Customer\240\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Linda\Documents\Laurence\P4230094_Rogne JPM3.jpg
O24 - Desktop BackupWallPaper: C:\Users\Linda\Documents\Laurence\P4230094_Rogne JPM3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003-02-14 00:50:22 | 000,000,048 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{dc4b8955-acab-11de-a6c8-00218509134c}\Shell - "" = AutoRun
O33 - MountPoints2\{dc4b8955-acab-11de-a6c8-00218509134c}\Shell\AutoRun\command - "" = K:\Autorun.exe
O33 - MountPoints2\{e1215dd9-d377-11dd-ac3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e1215dd9-d377-11dd-ac3a-806e6f6e6963}\Shell\AutoRun\command - "" = E:\CWCheck.exe -- [2010-01-19 10:26:44 | 000,359,936 | R--- | M] (Novo Technologies)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-01-15 17:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-01-14 21:30:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-01-14 09:46:07 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Malwarebytes
[2012-01-14 09:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-01-14 09:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-01-14 09:45:54 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-01-14 09:45:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-01-13 19:37:21 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
[2011-12-30 13:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011-12-28 16:08:40 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\tiger-k
[2011-12-26 20:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2011-12-26 20:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2011-12-26 20:02:46 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Seven Zip
[2011-12-26 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011-12-26 13:36:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011-12-26 13:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2011-12-26 13:24:23 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Broad Intelligence
[2011-12-26 13:24:17 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder
[2011-12-26 13:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\MediaCoder
[2011-12-26 01:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2011-12-26 01:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2011-12-26 00:58:46 | 000,000,000 | ---D | C] -- C:\Users\Linda\Documents\My Digital Editions
[2011-12-26 00:42:29 | 000,000,000 | ---D | C] -- C:\Users\Linda\AppData\Local\Kobo
[2011-12-26 00:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kobo
[2011-12-26 00:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Kobo
[2011-12-19 21:46:50 | 000,037,376 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2011-12-19 21:46:50 | 000,021,504 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys
[2008-12-26 14:26:11 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

========== Files - Modified Within 30 Days ==========

[2012-01-15 22:02:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53930244-3333630975-3341998274-1000UA.job
[2012-01-15 21:44:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-15 21:44:16 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-15 21:22:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-15 21:19:18 | 000,605,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-01-15 21:19:17 | 000,104,680 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-01-15 20:13:52 | 000,869,194 | ---- | M] () -- C:\Users\Linda\Desktop\SecurityCheck.exe
[2012-01-15 19:02:02 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53930244-3333630975-3341998274-1000Core.job
[2012-01-15 17:45:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-15 17:44:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-01-15 11:28:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012-01-14 23:01:27 | 000,000,512 | ---- | M] () -- C:\Users\Linda\Desktop\MBR.dat
[2012-01-14 21:30:47 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012-01-14 09:45:55 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-01-14 03:18:53 | 000,299,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-01-13 19:37:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Linda\Desktop\OTL.scr
[2012-01-13 18:06:46 | 000,000,834 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-01-08 15:13:29 | 000,100,864 | ---- | M] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 19:06:12 | 000,108,120 | ---- | M] () -- C:\Users\Linda\Desktop\Dallas.jpg
[2011-12-30 13:45:46 | 000,001,947 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011-12-26 20:11:28 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Leawo AVI Converter.lnk
[2011-12-26 13:24:17 | 000,000,868 | ---- | M] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaCoder.lnk
[2011-12-26 13:24:17 | 000,000,844 | ---- | M] () -- C:\Users\Linda\Desktop\MediaCoder.lnk
[2011-12-26 00:42:18 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Kobo.lnk
[2011-12-19 21:46:50 | 000,037,376 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2011-12-19 21:46:50 | 000,021,504 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys

========== Files Created - No Company Name ==========

[2012-01-15 20:13:36 | 000,869,194 | ---- | C] () -- C:\Users\Linda\Desktop\SecurityCheck.exe
[2012-01-14 23:01:27 | 000,000,512 | ---- | C] () -- C:\Users\Linda\Desktop\MBR.dat
[2012-01-14 09:45:55 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-01-13 18:06:46 | 000,000,834 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-01-13 18:06:46 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-01-03 19:06:09 | 000,108,120 | ---- | C] () -- C:\Users\Linda\Desktop\Dallas.jpg
[2011-12-30 13:45:46 | 000,001,947 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions.lnk
[2011-12-30 13:45:46 | 000,001,923 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Digital Editions.lnk
[2011-12-26 20:11:28 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Leawo AVI Converter.lnk
[2011-12-26 13:24:17 | 000,000,868 | ---- | C] () -- C:\Users\Linda\Application Data\Microsoft\Internet Explorer\Quick Launch\MediaCoder.lnk
[2011-12-26 13:24:17 | 000,000,844 | ---- | C] () -- C:\Users\Linda\Desktop\MediaCoder.lnk
[2011-12-26 00:42:18 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Kobo.lnk
[2011-05-23 10:08:24 | 000,001,492 | ---- | C] () -- C:\ProgramData\ss.ini
[2011-01-08 20:59:03 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-01-08 20:33:41 | 000,153,600 | ---- | C] () -- C:\Windows\System32\WS_ContextMenu.dll
[2010-06-09 13:51:28 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010-04-16 19:04:01 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010-02-28 12:55:23 | 000,000,680 | ---- | C] () -- C:\Users\Linda\AppData\Local\d3d9caps.dat
[2010-01-13 23:02:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009-09-12 10:34:39 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009-09-12 10:34:39 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009-09-12 10:34:39 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009-09-12 10:34:39 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009-09-12 10:34:39 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009-09-12 10:34:39 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009-09-12 10:34:39 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009-09-12 10:34:39 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009-09-12 10:34:39 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009-09-12 10:34:39 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009-09-12 10:34:39 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009-09-12 10:34:39 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009-09-12 10:34:39 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009-09-12 10:34:39 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009-09-12 10:34:39 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009-09-12 10:34:39 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009-09-12 10:32:34 | 000,000,044 | ---- | C] () -- C:\Windows\EPSNX400.ini
[2009-09-01 17:26:55 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009-08-29 02:05:53 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2009-08-18 13:09:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-08-18 13:09:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009-08-03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009-07-22 17:25:20 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009-06-13 21:43:20 | 000,000,168 | ---- | C] () -- C:\Windows\wininit.ini
[2009-05-21 16:42:02 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009-05-19 08:35:39 | 000,000,210 | ---- | C] () -- C:\Windows\CWPlayerCfg.Ini
[2009-02-09 21:23:14 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009-02-09 21:22:17 | 000,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2009-01-05 01:52:20 | 000,100,864 | ---- | C] () -- C:\Users\Linda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-12-28 11:52:24 | 000,000,708 | ---- | C] () -- C:\Users\Linda\AppData\Roaming\wklnhst.dat
[2008-12-27 03:10:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008-12-26 14:30:55 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008-12-26 14:30:55 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008-12-26 14:27:12 | 000,077,824 | ---- | C] () -- C:\Windows\System32\drivers\INT15_DETECT.EXE
[2008-12-26 14:26:11 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008-12-26 14:07:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008-12-26 14:05:21 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008-12-26 14:05:20 | 000,165,746 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008-12-26 14:05:20 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008-12-26 14:05:20 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008-12-26 14:05:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008-03-16 15:42:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008-03-16 15:10:10 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008-03-16 14:16:12 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008-03-16 14:03:42 | 000,001,108 | ---- | C] () -- C:\Windows\generic.ini
[2008-03-16 14:03:42 | 000,000,132 | ---- | C] () -- C:\Windows\Alaunch.ini
[2006-11-02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 07:47:37 | 000,299,904 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 05:33:01 | 000,605,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 05:33:01 | 000,104,680 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001-12-26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001-09-06 17:42:54 | 000,000,036 | ---- | C] () -- C:\Windows\A3W.ini
[2001-09-04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001-07-30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001-07-23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2011-08-13 11:03:53 | 000,000,000 | -HSD | M] -- C:\Users\Linda\AppData\Roaming\.#
[2008-12-26 14:34:20 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Acer
[2008-03-16 14:49:03 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Acer GameZone Console
[2011-05-23 09:44:07 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Atari
[2011-05-22 11:54:59 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Audacity
[2009-09-28 22:47:49 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Blitware
[2011-12-26 13:24:23 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Broad Intelligence
[2009-03-19 18:17:21 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
[2009-09-28 23:07:59 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\DAEMON Tools Lite
[2009-09-28 22:27:03 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\DAEMON Tools Pro
[2009-11-04 00:12:58 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Damdai
[2009-12-15 11:57:47 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\El Conjugador
[2010-04-14 19:15:22 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\EPSON
[2009-05-29 07:08:06 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\eSobi
[2011-12-30 11:55:10 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\foobar2000
[2011-05-22 11:54:01 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Free Audio Editor
[2009-01-17 07:36:09 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Goodsol
[2011-05-17 06:54:20 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\gtk-2.0
[2008-12-26 14:34:19 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Leadertech
[2011-12-28 16:08:39 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Leawo
[2011-05-22 10:20:23 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Logia
[2011-01-08 21:00:50 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Moyea
[2010-09-11 11:48:26 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\NCH Swift Sound
[2010-09-15 06:10:30 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Recordpad
[2009-01-03 00:32:47 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\SpinTop
[2009-06-18 18:48:25 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\SystemRequirementsLab
[2010-08-27 07:10:46 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\Template
[2011-12-28 16:09:29 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\tiger-k
[2011-08-29 07:15:43 | 000,000,000 | ---D | M] -- C:\Users\Linda\AppData\Roaming\TP
[2012-01-15 17:43:04 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

[CompCav]

I will include the complete removal in my next fix.

My instructor will approve the proposed post for placing here for you tomorrow.

CompCav

[Dark_Star_Qc]

I'll be at work tomorrow, will not be able to get to it before early evening.

Thank you for all your help!

[CompCav]

Tomorrow evening is fine.

[CompCav]

Removals with OTL fix:

• Please reopen on your desktop.
• Copy and Paste the following code into the textbox.
  
  

  :OTL
  PRC - [2010-05-24 06:30:58 | 001,234,432 | ---- | M] (Logia Ltd.) -- C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.co...d2-41fde8d1391d
  FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Logia\eSnipsDownloader\ext [2011-05-22 10:20:23 | 000,000,000 | ---D | M]
  FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge
  [2011-05-22 10:20:22 | 000,002,029 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\esnips.xml
  O2 - BHO: (eSnipsBHO Class) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - C:\Program Files\Logia\eSnipsDownloader\eSnipsBHO.dll (Logia Media)
  O2 - BHO: (no name) - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No CLSID value found.
  O4 - HKLM..\Run: [eSnips_Downloader] C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe (Logia Ltd.)
  
  
  
  
  
  :files
  ipconfig /flushdns /c
  C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe
  C:\Program Files\Logia
  C:\Program Files\RelevantKnowledge
  C:\Users\Linda\AppData\Local\Temp\~*.*
  
  
  
  
  
  
  :Commands
  [purity]
  [resethosts]
  [emptytemp]
  [createrestorepoint]
  [Reboot]

• Push
• OTL may ask to reboot the machine. Please do so if asked.
• Click the OK button.
• A report will open. Copy and Paste that report in your next reply.
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.

It is very important to keep key system software and programs updated and current on your computer. Many of the updates provide improved stability, new features, and more importantly better security. You need to do several updates to fully secure your computer

Step 1.

Microsoft Updates
Although Automatic Updates can automatically install updates for you, you can also do this manually.

To manually check Windows Update for updates, follow these steps:
1.Click Start , click All Programs, and then click Windows Update.
2.In the navigation pane, click Check for updates.
3.After Windows Update has finished checking for updates, click View available updates.
4.Click to select the check boxes for the updates that you want to install, and then click Install.

If you are prompted for an administrator password or for confirmation, type the password, or provide confirmation.

Repeat these steps until all critical and important updates are installed.


This will include an update of internet explorer to 9. Internet explorer is part of your Vista operating system and it is critical to your security to have the latest version installed.

Then go to method 1 and set up for automatic updates.


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Update adobe flash player

You will need to download and install both the IE and non-IE versions of Adobe Flashplayer. Make sure to uncheck the install of the McAfee tool before downloading. You will need to select your operating system (Vista 32-bit) and then each version to download and install separately.


Step 4.

Please rerun OTL.

Click Scan all Users, LOP, and Purity

Then click Quickscan

It will produce an OTL.txt log on your desktop. Please post it in your next reply.


What issues are you still having with your computer?

[Dark_Star_Qc]

OTL log after fix:

All processes killed
========== OTL ==========
No active process named eSnips_Downloader.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Logia\eSnipsDownloader\ext not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge not found.
C:\Program Files\Mozilla Firefox\searchplugins\esnips.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ not found.
File C:\Program Files\Logia\eSnipsDownloader\eSnipsBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eSnips_Downloader not found.
File C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Linda\Desktop\cmd.bat deleted successfully.
C:\Users\Linda\Desktop\cmd.txt deleted successfully.
File\Folder C:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe not found.
C:\Program Files\Logia folder moved successfully.
File\Folder C:\Program Files\RelevantKnowledge not found.
C:\Users\Linda\AppData\Local\Temp\~DF3CD3.tmp moved successfully.
C:\Users\Linda\AppData\Local\Temp\~DF6352.tmp moved successfully.
C:\Users\Linda\AppData\Local\Temp\~DFBF42.tmp moved successfully.
C:\Users\Linda\AppData\Local\Temp\~DFC01F.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Linda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 15959538 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 58143367 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2830 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6301013 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 77,00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 01162012_174448

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Dark_Star_Qc]

Trying to download Java... I selected Windowsx86 offline... hope that's ok???

Edited by Dark_Star_Qc, 16 January 2012 - 06:39 PM.

[CompCav]

Yes your Vista is the x86 version! Good Job.

CompCav