Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow response, Freezes, Tool bar extras [Solved]


  • This topic is locked This topic is locked

#1
Emma Grace

Emma Grace

    Member

  • Member
  • PipPip
  • 41 posts
I had to use my boys' computer while I'm getting help with my laptop (thanks CompCav) and noticed not only how slow it was, but how many times it stopped responding AND all the tool bar extras that in the browser. AVG runs and doesn't find anything. I'm putting a ban on downloading to any computer in the house without my permission LOL

Things I don't recognize...

Grabber
DaemonToolsPro
Winzip scan
u Torrent



What I've done...

I ran adwcleaner and aswmbr



What happened after...

Grabber and all the extra tool bar things are gone now
google chrome just told me my preferences file was corrupt
and it has picked up a considerable amount of speed.

Love any help I could get, and any suggestions to help keep the bad downloads toned down.


:wub: Emma Grace
  • 0

Advertisements


#2
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi Emma Grace,

Let's jump in:

Step 1.

Uninstall uTorrent it is a P2P tool and here is the take on them:

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld


Step 2.

Please post the adwcleaner and aswmbr logs.


Step 3.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 4.


Go here and follow the directions to fix Google Chrome.


Step 5.

Post the logs I requested and give me an update on the computer.
  • 0

#3
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
Removed uTorrent and re-ran the scans, here are the updated logs






# AdwCleaner v1.800 - Logfile created 08/03/2012 at 11:59:25
# Updated 01/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Outlaw - OUTLAW-PC
# Running from : C:\Users\Outlaw\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

Profile name : default
File : C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.60

File : C:\Users\Outlaw\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "icon_url": "hxxp://search.conduit.com/fav.ico",
Deleted : "keyword": "search.conduit.com",
Deleted : "name": "Conduit",
Deleted : "search_url": "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3[...]
Deleted : "suggest_url": "hxxp://search.conduit.com/"
Deleted : "path": "C:\\Users\\Outlaw\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",

-\\ Opera v [Unable to get version]

File : C:\Users\Outlaw\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [33019 octets] - [02/08/2012 23:27:13]
AdwCleaner[S2].txt - [1474 octets] - [03/08/2012 11:59:25]

########## EOF - C:\AdwCleaner[S2].txt - [1602 octets] ##########
  • 0

#4
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-02 23:46:58
-----------------------------
23:46:58.313 OS Version: Windows 6.0.6002 Service Pack 2
23:46:58.313 Number of processors: 2 586 0x6B02
23:46:58.314 ComputerName: OUTLAW-PC UserName: Outlaw
23:47:16.315 Initialize success
23:47:17.181 AVAST engine defs: 12080201
23:47:35.857 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:47:35.860 Disk 0 Vendor: WDC_WD3200AAJS-00B4A0 01.03A01 Size: 305245MB BusType: 3
23:47:35.878 Disk 0 MBR read successfully
23:47:35.882 Disk 0 MBR scan
23:47:35.887 Disk 0 unknown MBR code
23:47:35.891 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15005 MB offset 63
23:47:35.905 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 116076 MB offset 30734336
23:47:35.926 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 174161 MB offset 268457984
23:47:35.933 Disk 0 scanning sectors +625139712
23:47:36.025 Disk 0 scanning C:\Windows\system32\drivers
23:47:47.025 Service scanning
23:48:05.914 Modules scanning
23:48:17.993 Disk 0 trace - called modules:
23:48:18.017 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8408e1e8]<<
23:48:18.023 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84ad0240]
23:48:18.029 3 CLASSPNP.SYS[877a98b3] -> nt!IofCallDriver -> [0x84ad7918]
23:48:18.035 5 acpi.sys[8072b6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84ab2770]
23:48:18.042 \Driver\atapi[0x83c7a960] -> IRP_MJ_CREATE -> 0x8408e1e8
23:48:19.289 AVAST engine scan C:\Windows
23:48:28.655 AVAST engine scan C:\Windows\system32
23:53:24.053 AVAST engine scan C:\Windows\system32\drivers
23:53:38.411 AVAST engine scan C:\Users\Outlaw
00:05:34.595 AVAST engine scan C:\ProgramData
00:07:54.646 Scan finished successfully
01:10:37.595 Disk 0 MBR has been saved successfully to "C:\Users\Outlaw\Documents\MBR.dat"
01:10:37.615 The log file has been saved successfully to "C:\Users\Outlaw\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-03 12:13:11
-----------------------------
12:13:11.673 OS Version: Windows 6.0.6002 Service Pack 2
12:13:11.673 Number of processors: 2 586 0x6B02
12:13:11.675 ComputerName: OUTLAW-PC UserName: Outlaw
12:13:12.581 Initialize success
12:13:12.669 AVAST engine defs: 12080300
12:13:14.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:13:14.795 Disk 0 Vendor: WDC_WD3200AAJS-00B4A0 01.03A01 Size: 305245MB BusType: 3
12:13:14.811 Disk 0 MBR read successfully
12:13:14.814 Disk 0 MBR scan
12:13:14.818 Disk 0 unknown MBR code
12:13:14.821 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15005 MB offset 63
12:13:14.838 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 116076 MB offset 30734336
12:13:14.859 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 174161 MB offset 268457984
12:13:14.866 Disk 0 scanning sectors +625139712
12:13:14.932 Disk 0 scanning C:\Windows\system32\drivers
12:13:26.335 Service scanning
12:13:42.530 Modules scanning
12:13:47.577 Disk 0 trace - called modules:
12:13:47.591 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8409b1e8]<<
12:13:47.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84ad0030]
12:13:47.592 3 CLASSPNP.SYS[877a28b3] -> nt!IofCallDriver -> [0x84ad7918]
12:13:47.593 5 acpi.sys[807246bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84aae5e0]
12:13:47.593 \Driver\atapi[0x83c7a960] -> IRP_MJ_CREATE -> 0x8409b1e8
12:13:48.289 AVAST engine scan C:\Windows
12:13:51.321 AVAST engine scan C:\Windows\system32
12:16:30.874 AVAST engine scan C:\Windows\system32\drivers
12:16:42.456 AVAST engine scan C:\Users\Outlaw
12:25:33.518 AVAST engine scan C:\ProgramData
12:27:18.550 Scan finished successfully
12:28:59.841 Disk 0 MBR has been saved successfully to "C:\Users\Outlaw\Documents\MBR.dat"
12:28:59.847 The log file has been saved successfully to "C:\Users\Outlaw\Documents\aswMBR.txt"
  • 0

#5
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
OTL is not loading in either browser. I will come back to it and try again later.
  • 0

#6
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
We are having some system issues so just copy it onto a zip drive from your other machine and put it on this machine.
  • 0

#7
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
The other machine is an hour into the ESET scan and 21% through. It might be a while LOL
  • 0

#8
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
no problem!
  • 0

#9
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Try this link for OTL
  • 0

#10
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
OTL logfile created on: 8/3/2012 5:12:47 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Outlaw\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 49.12% Memory free
3.74 Gb Paging File | 2.18 Gb Available in Paging File | 58.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.36 Gb Total Space | 14.60 Gb Free Space | 12.88% Space Free | Partition Type: NTFS
Drive D: | 170.08 Gb Total Space | 151.38 Gb Free Space | 89.01% Space Free | Partition Type: NTFS

Computer Name: OUTLAW-PC | User Name: Outlaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/03 17:11:22 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Outlaw\Downloads\OTL (1).exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/03 11:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/06/05 16:55:32 | 000,144,896 | ---- | M] (Motorola Mobility Inc.) -- C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
PRC - [2012/06/05 16:55:28 | 000,240,056 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
PRC - [2012/06/05 11:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/06/04 19:46:02 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012/06/04 19:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/04/26 07:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2010/07/25 18:53:01 | 000,476,464 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2009/12/28 18:25:40 | 000,036,864 | ---- | M] () -- C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe
PRC - [2009/11/25 19:45:22 | 000,110,592 | ---- | M] () -- C:\Program Files\Belkin\F7D4101\V1\PBN.exe
PRC - [2009/07/31 15:00:10 | 001,626,112 | ---- | M] (Eastman Kodak Company) -- C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008/04/25 13:30:26 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008/03/04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008/02/28 17:57:24 | 000,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe
PRC - [2008/01/29 05:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2007/02/01 19:37:40 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/03 12:03:55 | 000,159,744 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Temp\ZumoLocalGateway.dll2675914821531964434.lib
MOD - [2012/08/03 12:03:53 | 000,311,808 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Temp\WindowsFolderWatcher.dll3124566866003930810.lib
MOD - [2012/08/03 12:03:39 | 000,203,776 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Temp\WindowsAPI.dll9211479570392093004.lib
MOD - [2012/07/31 00:36:14 | 000,442,392 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll
MOD - [2012/07/31 00:36:13 | 012,235,288 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
MOD - [2012/07/31 00:36:12 | 003,997,720 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
MOD - [2012/07/31 00:34:45 | 000,144,424 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\avutil-51.dll
MOD - [2012/07/31 00:34:43 | 000,266,792 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\avformat-54.dll
MOD - [2012/07/31 00:34:42 | 002,480,680 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll
MOD - [2012/06/28 23:40:54 | 000,509,440 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
MOD - [2012/06/14 03:32:04 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/14 03:29:09 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:29:00 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/05 16:55:32 | 000,207,872 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
MOD - [2012/06/05 16:55:32 | 000,150,528 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
MOD - [2012/06/05 16:55:32 | 000,132,608 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
MOD - [2012/06/05 16:55:32 | 000,075,776 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
MOD - [2012/06/05 16:55:32 | 000,061,952 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
MOD - [2012/06/05 16:55:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
MOD - [2012/06/05 16:55:32 | 000,054,784 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
MOD - [2012/06/05 16:55:32 | 000,053,760 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
MOD - [2012/06/05 16:55:32 | 000,051,712 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
MOD - [2012/06/05 16:55:32 | 000,050,688 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
MOD - [2012/06/05 16:55:32 | 000,047,616 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
MOD - [2012/06/05 16:55:32 | 000,042,496 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
MOD - [2012/06/05 16:55:32 | 000,039,936 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
MOD - [2012/06/05 16:55:32 | 000,035,328 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
MOD - [2012/06/05 16:55:32 | 000,034,304 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
MOD - [2012/06/05 16:55:32 | 000,032,768 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
MOD - [2012/06/05 16:55:32 | 000,029,184 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
MOD - [2012/06/05 16:55:32 | 000,025,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
MOD - [2012/06/05 16:55:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
MOD - [2012/06/05 16:55:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
MOD - [2012/06/05 16:55:32 | 000,020,480 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
MOD - [2012/06/05 16:55:32 | 000,015,360 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
MOD - [2012/06/05 16:55:32 | 000,013,312 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
MOD - [2012/06/05 16:55:32 | 000,011,264 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
MOD - [2012/06/05 16:55:30 | 002,009,600 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
MOD - [2012/06/05 16:55:30 | 001,694,208 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
MOD - [2012/06/05 16:55:30 | 001,563,136 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
MOD - [2012/06/05 16:55:30 | 001,520,128 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
MOD - [2012/06/05 16:55:30 | 001,396,736 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libxml2-2.dll
MOD - [2012/06/05 16:55:30 | 001,376,256 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
MOD - [2012/06/05 16:55:30 | 000,531,968 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
MOD - [2012/06/05 16:55:30 | 000,363,008 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
MOD - [2012/06/05 16:55:30 | 000,276,480 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
MOD - [2012/06/05 16:55:30 | 000,212,480 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
MOD - [2012/06/05 16:55:30 | 000,196,608 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
MOD - [2012/06/05 16:55:30 | 000,187,904 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
MOD - [2012/06/05 16:55:30 | 000,162,304 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
MOD - [2012/06/05 16:55:30 | 000,123,904 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
MOD - [2012/06/05 16:55:30 | 000,122,880 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
MOD - [2012/06/05 16:55:30 | 000,119,296 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
MOD - [2012/06/05 16:55:30 | 000,091,136 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
MOD - [2012/06/05 16:55:30 | 000,088,064 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
MOD - [2012/06/05 16:55:30 | 000,086,016 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
MOD - [2012/06/05 16:55:30 | 000,085,504 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\z.dll
MOD - [2012/06/05 16:55:30 | 000,078,848 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
MOD - [2012/06/05 16:55:30 | 000,075,776 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
MOD - [2012/06/05 16:55:30 | 000,073,216 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
MOD - [2012/06/05 16:55:30 | 000,069,120 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
MOD - [2012/06/05 16:55:30 | 000,059,904 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
MOD - [2012/06/05 16:55:30 | 000,052,224 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
MOD - [2012/06/05 16:55:30 | 000,048,640 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
MOD - [2012/06/05 16:55:30 | 000,038,400 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
MOD - [2012/06/05 16:55:30 | 000,037,888 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
MOD - [2012/06/05 16:55:30 | 000,036,864 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
MOD - [2012/06/05 16:55:30 | 000,035,840 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
MOD - [2012/06/05 16:55:30 | 000,034,304 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
MOD - [2012/06/05 16:55:30 | 000,033,280 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
MOD - [2012/06/05 16:55:30 | 000,032,256 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
MOD - [2012/06/05 16:55:30 | 000,032,256 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
MOD - [2012/06/05 16:55:30 | 000,030,208 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
MOD - [2012/06/05 16:55:30 | 000,029,696 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
MOD - [2012/06/05 16:55:30 | 000,029,184 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
MOD - [2012/06/05 16:55:30 | 000,026,624 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
MOD - [2012/06/05 16:55:30 | 000,020,480 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
MOD - [2012/06/05 16:55:30 | 000,020,480 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
MOD - [2012/06/05 16:55:30 | 000,019,456 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
MOD - [2012/06/05 16:55:30 | 000,019,456 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
MOD - [2012/06/05 16:55:30 | 000,018,944 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
MOD - [2012/06/05 16:55:30 | 000,017,920 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
MOD - [2012/06/05 16:55:30 | 000,016,896 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
MOD - [2012/06/05 16:55:30 | 000,015,360 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
MOD - [2012/06/05 16:55:30 | 000,014,848 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
MOD - [2012/06/05 16:55:30 | 000,014,848 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
MOD - [2012/06/05 16:55:30 | 000,011,776 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
MOD - [2012/06/05 16:55:28 | 000,699,392 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,471,552 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
MOD - [2012/06/05 16:55:28 | 000,331,264 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
MOD - [2012/06/05 16:55:28 | 000,276,992 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
MOD - [2012/06/05 16:55:28 | 000,253,440 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,248,352 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
MOD - [2012/06/05 16:55:28 | 000,240,056 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
MOD - [2012/06/05 16:55:28 | 000,190,976 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libpng14-14.dll
MOD - [2012/06/05 16:55:28 | 000,133,120 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,126,976 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,123,947 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
MOD - [2012/06/05 16:55:28 | 000,109,568 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,098,304 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,069,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,053,760 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,041,984 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,038,912 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
MOD - [2012/06/05 16:55:28 | 000,023,552 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libogg-0.dll
MOD - [2012/06/05 16:55:28 | 000,018,944 | ---- | M] () -- C:\Program Files\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
MOD - [2012/06/04 19:45:58 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012/05/12 03:37:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 03:35:07 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/12 03:33:40 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/12 03:33:29 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2010/03/18 21:21:48 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2990.36961__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:48 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2990.36918__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:48 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2990.36974__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:48 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2990.37146__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:48 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2990.37110__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:48 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2990.36953__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:48 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2990.37068__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2990.36939__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:47 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2990.37179__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:35 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2990.37118__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:35 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2990.37184__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:35 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2990.37125__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:35 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2990.36932__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2990.37118__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2990.37076__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2990.36986__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2990.37070__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2990.37062__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2990.36940__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2990.37138__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/03/18 21:21:34 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2990.36980__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2990.37090__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/03/18 21:21:34 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2990.37076__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2990.37068__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2990.37177__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2990.36992__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2990.37075__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2990.37089__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2990.37103__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/03/18 21:21:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/03/18 21:21:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/03/18 21:21:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/03/18 21:21:33 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/03/18 21:21:33 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/03/18 21:21:33 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/03/18 21:21:32 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2010/03/18 21:21:32 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/03/18 21:21:32 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/03/18 21:21:32 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/03/18 21:21:28 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2990.36947__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/03/18 21:21:28 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2990.37161__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/03/18 21:21:28 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2990.37169__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/03/18 21:21:28 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2990.36911__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/03/18 21:21:28 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2990.37168__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/03/18 21:21:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/03/18 21:21:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/03/18 21:21:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2990.37194__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/03/18 21:21:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/03/18 21:21:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/03/18 21:21:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/03/18 21:21:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2010/03/18 21:21:28 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2990.37205__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2010/03/18 21:21:28 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2990.36910__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/03/18 21:21:27 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2990.36926__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/03/18 21:21:27 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2990.36911__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010/03/18 21:21:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2990.36909__90ba9c70f846762e\APM.Server.dll
MOD - [2010/03/18 21:21:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2990.36910__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/03/18 21:21:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/03/18 21:21:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2990.37169__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/03/18 21:21:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/03/18 21:21:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/03/18 21:21:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/11/25 19:45:22 | 000,110,592 | ---- | M] () -- C:\Program Files\Belkin\F7D4101\V1\PBN.exe
MOD - [2009/09/15 20:17:20 | 000,200,704 | ---- | M] () -- C:\Program Files\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
MOD - [2008/04/25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
MOD - [2008/03/09 09:01:08 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008/03/04 23:38:16 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008/02/25 04:00:54 | 000,002,560 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
MOD - [2008/02/20 19:30:04 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007/02/01 19:37:12 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
MOD - [2007/02/01 19:37:10 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
MOD - [2007/02/01 19:37:10 | 000,057,344 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
MOD - [2007/02/01 19:37:08 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
MOD - [2007/02/01 19:37:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
MOD - [2007/02/01 19:37:06 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
MOD - [2007/02/01 19:37:04 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
MOD - [2007/02/01 19:37:02 | 000,065,536 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
MOD - [2007/02/01 19:37:02 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
MOD - [2007/02/01 19:37:00 | 000,053,248 | ---- | M] () -- C:\Program Files\Motorola\SMSERIAL\sm56chs.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/08/02 23:44:02 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/03 11:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/05 11:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/06/04 19:46:02 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/05/10 10:28:40 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2009/12/28 18:25:40 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\F7D4101\V1\wlansrv.exe -- (WLANBelkinService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/25 13:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/03/04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/02/28 17:57:24 | 000,018,944 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe -- (KodakSvc)
SRV - [2008/01/25 20:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RimUsb.sys -- (RimUsb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Outlaw\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aqxrydkq)
DRV - [2012/07/19 16:29:40 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012/07/03 11:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 11:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 11:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 11:21:53 | 000,057,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/07/03 11:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/07/03 11:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/04/29 22:24:33 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/25 14:58:00 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012/01/25 14:57:48 | 000,024,192 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012/01/25 14:57:44 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012/01/25 14:57:36 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/03/18 13:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2010/09/02 18:49:06 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth)
DRV - [2009/11/06 09:37:20 | 000,699,896 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2009/07/10 14:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/04/25 13:23:40 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/09 09:58:42 | 003,533,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/02/25 16:29:24 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2008/02/25 16:29:24 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2008/01/08 22:52:00 | 000,238,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GSCV2_X86.sys -- (WUSB54GSCv2.NTx86)
DRV - [2007/12/19 01:45:00 | 000,170,000 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2007/12/16 17:57:20 | 000,075,776 | ---- | M] (Wasay) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD)
DRV - [2007/11/02 16:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/06/27 14:04:00 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007/02/01 19:37:36 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/29 22:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2005/07/28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{C7AB36FE-5875-4521-B93B-CBCD087E1EEE}: "URL" = http://search.avg.co...{language}&nt=1
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{CCEFF5E5-422B-4347-A3FF-ED27FE915CE7}: "URL" = http://search.condui...&ctid=CT3131886
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo....ms}&fr=chr-acer
IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1423
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Outlaw\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Outlaw\AppData\Local\Roblox\Versions\version-6ca07d14e2274822\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Outlaw\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Outlaw\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Outlaw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/17 14:13:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/04 09:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/02 22:53:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/10 10:28:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/29 01:06:15 | 000,000,000 | ---D | M]

[2010/05/01 17:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Extensions
[2010/03/22 12:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/05/01 17:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/08/02 23:30:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions
[2011/06/25 00:01:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/20 16:01:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/05/04 16:46:14 | 000,000,000 | ---D | M] (Blekko search bar) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}
[2012/03/31 16:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/17 14:13:39 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2012/05/10 10:28:40 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/05/04 14:45:32 | 000,466,944 | ---- | M] (Invenda Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcolPM460.dll
[2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/31 16:01:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/04 16:46:13 | 000,002,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
[2012/03/31 16:01:43 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.condui...&ctid=CT3131886
CHR - default_search_provider: suggest_url = http://search.conduit.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Outlaw\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Outlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: E-centives Coupon Activator Netscape Plugin v. 4.5.0.0 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPcolPM460.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Outlaw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Outlaw\AppData\Local\Roblox\Versions\version-6ca07d14e2274822\\NPRobloxProxy.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Outlaw\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: avast! WebRep = C:\Users\Outlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: AVG Safe Search = C:\Users\Outlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\
CHR - Extension: AVG Do Not Track = C:\Users\Outlaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Blekko search bar) - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files\blekkotb_soc\blekkotb_019X.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Blekko search bar) - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files\blekkotb_soc\blekkotb_019X.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Conime] C:\Windows\System32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Setresolution] C:\ACER\Config\1440X900.CMD ()
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000..\Run: [cdloader] C:\Users\Outlaw\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001..\RunOnce: [RUN] C:\Windows\Acer_Normal\run_DT.exe ()
O4 - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" File not found
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Outlaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\s-1-5-21-1661878680-1354857675-3093604309-1001\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CC57D32-AF14-4DE2-AD8B-150F1BFE2BFE}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A71E1FE6-0F80-4ED3-B11D-92CFE01ED5AD}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFBA1213-0AC0-48AA-9517-4B68D5400A2D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Outlaw\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Outlaw\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{15bd98c3-33f9-11df-8a23-001c25e7c607}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
O33 - MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\Shell\AutoRun\command - "" = J:\autorun.exe
O33 - MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\Shell - "" = AutoRun
O33 - MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\Shell\AutoRun\command - "" = K:\setup.exe -a
O33 - MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\Shell - "" = AutoRun
O33 - MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\Shell\AutoRun\command - "" = K:\setup.exe -a
O33 - MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\Shell - "" = AutoRun
O33 - MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\Shell - "" = AutoRun
O33 - MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\Shell\AutoRun\command - "" = K:\setup.exe -a
O33 - MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\Shell - "" = AutoRun
O33 - MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\Shell\AutoRun\command - "" = J:\setup.exe -a
O33 - MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
O33 - MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/02 22:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Siber Systems
[2012/08/02 22:54:02 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/08/02 22:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/08/02 22:54:01 | 000,353,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/08/02 22:53:58 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/08/02 22:53:57 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/08/02 22:53:56 | 000,721,000 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/08/02 22:53:53 | 000,057,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/08/02 22:53:24 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/02 22:53:23 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/08/02 22:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/08/02 22:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/29 18:00:32 | 000,685,056 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\System32\drivers\hardlock.sys
[2012/07/29 18:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NaturalMotion
[2012/07/29 18:00:05 | 001,273,856 | ---- | C] (NxN Software AG) -- C:\Windows\System32\NxN_alienbrain_XDK_128.dll
[2012/07/29 18:00:05 | 000,675,840 | ---- | C] (NXN Software AG) -- C:\Windows\System32\NxN_alienbrain_IntegrationForms_128.dll
[2012/07/29 18:00:05 | 000,212,992 | ---- | C] (NXN Software AG) -- C:\Windows\System32\NxN_alienbrain_IntegrationFramework_128.dll
[2012/07/29 18:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\NaturalMotion
[2012/07/19 16:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2012/07/19 16:29:40 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/07/19 16:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2012/07/17 14:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/07/16 13:53:06 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2012/07/16 13:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft
[2012/07/16 13:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Starcraft

========== Files - Modified Within 30 Days ==========

[2012/08/03 17:08:45 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Outlaw.job
[2012/08/03 16:56:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/03 16:32:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1661878680-1354857675-3093604309-1000UA.job
[2012/08/03 16:01:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/03 16:01:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/03 12:56:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/03 12:28:59 | 000,000,512 | ---- | M] () -- C:\Users\Outlaw\Documents\MBR.dat
[2012/08/03 12:04:31 | 000,007,944 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\d3d9caps.dat
[2012/08/03 12:01:56 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2012/08/03 12:01:53 | 008,405,015 | ---- | M] () -- C:\Windows\TempFile
[2012/08/03 12:01:20 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012/08/03 11:54:32 | 102,883,599 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/08/03 00:37:59 | 000,002,051 | ---- | M] () -- C:\Users\Outlaw\Desktop\Google Chrome.lnk
[2012/08/03 00:37:59 | 000,002,013 | ---- | M] () -- C:\Users\Outlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/02 22:54:02 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/02 22:53:53 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/07/29 18:26:51 | 000,001,272 | ---- | M] () -- C:\Users\Outlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\NaturalMotion endorphin 2.7.1 Learning Edition.lnk
[2012/07/29 18:00:18 | 000,001,151 | ---- | M] () -- C:\Users\Outlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\NaturalMotion endorphin 2.5.2.lnk
[2012/07/26 18:34:52 | 000,308,808 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/07/21 09:43:21 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\Kodak AiO Scheduled Maintenance.job
[2012/07/20 14:23:18 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/07/20 14:23:18 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/07/20 08:32:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1661878680-1354857675-3093604309-1000Core.job
[2012/07/19 16:29:40 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/07/18 13:19:40 | 000,027,520 | ---- | M] () -- C:\Users\Outlaw\AppData\Local\dt.dat
[2012/07/17 14:13:39 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/07/16 13:53:06 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe
[2012/07/16 13:53:06 | 000,012,638 | ---- | M] () -- C:\Windows\scunin.dat
[2012/07/16 13:53:06 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif
[2012/07/11 17:55:35 | 000,002,258 | ---- | M] () -- C:\Users\Outlaw\Documents\mcedit.ini
[2012/07/11 17:49:37 | 000,295,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2012/08/03 01:10:37 | 000,000,512 | ---- | C] () -- C:\Users\Outlaw\Documents\MBR.dat
[2012/08/02 22:54:02 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/07/29 18:26:51 | 000,001,272 | ---- | C] () -- C:\Users\Outlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\NaturalMotion endorphin 2.7.1 Learning Edition.lnk
[2012/07/29 18:00:37 | 008,405,015 | ---- | C] () -- C:\Windows\TempFile
[2012/07/29 18:00:18 | 000,001,151 | ---- | C] () -- C:\Users\Outlaw\Application Data\Microsoft\Internet Explorer\Quick Launch\NaturalMotion endorphin 2.5.2.lnk
[2012/07/29 18:00:05 | 001,224,704 | ---- | C] () -- C:\Windows\System32\NxN_alienbrain_Library_128.dll
[2012/07/29 18:00:05 | 000,348,160 | ---- | C] () -- C:\Windows\System32\PerforceConnector.dll
[2012/07/29 18:00:05 | 000,221,184 | ---- | C] () -- C:\Windows\System32\NxN_alienbrain_EEM.dll
[2012/07/29 18:00:05 | 000,090,112 | ---- | C] () -- C:\Windows\System32\NxN_alienbrain_WIF_128.dll
[2012/07/29 18:00:05 | 000,008,192 | ---- | C] () -- C:\Windows\System32\AlienbrainConnector.dll
[2012/07/29 18:00:02 | 000,860,211 | --S- | C] () -- C:\Windows\System32\XSIFtk-3.6.2.1.dll
[2012/07/18 13:19:39 | 000,027,520 | ---- | C] () -- C:\Users\Outlaw\AppData\Local\dt.dat
[2012/07/16 13:53:06 | 000,012,638 | ---- | C] () -- C:\Windows\scunin.dat
[2012/07/16 13:53:06 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif
[2012/03/26 15:28:24 | 000,000,244 | ---- | C] () -- C:\Users\Outlaw\AppData\Roaming\wklnhst.dat
[2010/11/24 19:03:42 | 000,007,680 | ---- | C] () -- C:\Users\Outlaw\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/23 14:01:48 | 000,000,470 | ---- | C] () -- C:\Windows\WinInit.Ini
[2010/08/31 14:21:52 | 000,081,240 | ---- | C] () -- C:\Users\Outlaw\IMG00039-20100831-1403.jpg
[2010/06/02 22:10:04 | 000,007,944 | ---- | C] () -- C:\Users\Outlaw\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2008/03/15 17:47:09 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008/03/15 17:47:09 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2008/03/15 17:47:09 | 000,000,000 | ---D | M] -- C:\Users\Mcx1\AppData\Roaming\Acer GameZone Console
[2012/05/03 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\.minecraft
[2010/03/18 19:34:55 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Acer
[2008/03/15 17:47:09 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Acer GameZone Console
[2012/04/01 20:34:14 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\AVG2012
[2012/07/16 13:51:37 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\DAEMON Tools Pro
[2010/05/04 14:45:32 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\E-centives
[2010/03/23 22:17:48 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Facebook
[2011/04/13 16:59:53 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\ICAClient
[2010/03/18 19:34:53 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Leadertech
[2012/05/03 16:10:45 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\LS
[2012/02/03 21:14:19 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\mjusbsp
[2012/08/03 12:04:13 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\MotoCast
[2012/06/28 23:34:56 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Motorola
[2012/06/28 23:38:47 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Motorola Mobility
[2011/01/31 16:29:28 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Opera
[2011/09/28 17:32:32 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\pymclevel
[2010/10/14 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\SPORE
[2011/04/07 09:41:41 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Stardock
[2011/07/13 15:52:10 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\SystemRequirementsLab
[2010/11/14 02:50:20 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Teleca
[2012/06/12 15:55:52 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Temp
[2012/03/26 15:30:19 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Template
[2010/03/22 12:07:07 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\TomTom
[2012/05/24 20:54:35 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\Unity
[2012/04/27 14:05:24 | 000,000,000 | ---D | M] -- C:\Users\Outlaw\AppData\Roaming\WinZip
[2012/07/01 09:36:01 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job
[2012/08/03 12:00:08 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.EXE >
[2008/01/20 21:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.LNK >
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2012/05/07 18:41:53 | 000,002,677 | ---- | M] () MD5=1979E2F5D465E49EFA106F9B03AF1BA1 -- C:\Users\Outlaw\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\V67JY4Z5\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s >

< End of report >
  • 0

Advertisements


#11
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
OTL Extras logfile created on: 8/3/2012 5:12:47 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Outlaw\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 49.12% Memory free
3.74 Gb Paging File | 2.18 Gb Available in Paging File | 58.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 113.36 Gb Total Space | 14.60 Gb Free Space | 12.88% Space Free | Partition Type: NTFS
Drive D: | 170.08 Gb Total Space | 151.38 Gb Free Space | 89.01% Space Free | Partition Type: NTFS

Computer Name: OUTLAW-PC | User Name: Outlaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A8139D8-A60A-415F-A6B7-72105A35BA07}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14094260-BEF6-438C-8E61-CCF804F372B5}" = rport=137 | protocol=17 | dir=out | app=system |
"{19BD82DA-A327-4F12-A1F4-6A3AC951A872}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1ACCDE3C-F547-407C-AE7F-00059D1D457C}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{26447B30-4736-4FE8-82BF-0CEB6C356A6E}" = lport=10244 | protocol=6 | dir=in | app=system |
"{26C4D678-B76B-4B1B-B865-F8543F767560}" = lport=3390 | protocol=6 | dir=in | app=system |
"{299BDABE-9703-4D65-BEE7-F319246E154F}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C724485-3936-477B-97CA-87EFC565AC47}" = lport=137 | protocol=17 | dir=in | app=system |
"{38B7CFEA-47F3-4D05-9CE4-2C06F17D5CB6}" = rport=10244 | protocol=6 | dir=out | app=system |
"{38F6DFD5-417D-431D-B250-D1B0C920E481}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{489840E7-0A47-41DD-A435-8C880D3B7507}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48C1C193-C041-4BC0-BD09-B10F2B735F97}" = lport=3390 | protocol=6 | dir=in | app=system |
"{4A322FAE-9BE8-4A92-9F39-83C7C023C185}" = rport=10244 | protocol=6 | dir=out | app=system |
"{5128383B-A5E4-44B6-8B60-D5DB6A7EBA5B}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{60020E0C-9379-42DA-A5A8-DD9E4FEC5F94}" = lport=445 | protocol=6 | dir=in | app=system |
"{6924400B-3051-40CB-B1EC-F12361EA3B0D}" = rport=139 | protocol=6 | dir=out | app=system |
"{6C1BA3E0-2DE1-482A-B7B1-4FEA1B9011C6}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6EE4F017-C70D-460E-9399-EBDB69AC5584}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{75DC99DB-8E01-422C-9101-8D732634243F}" = lport=138 | protocol=17 | dir=in | app=system |
"{776E5C65-973E-4964-829C-3810AC914B06}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{7FB56FE3-A35A-4104-9EB8-C3B33516F131}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8145BE81-74C6-4C66-9553-3D4CC1B53DC7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81BBC0CD-CB1E-46F9-BB24-6E4FF8EEF2C5}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{8AADBE1E-E54E-454A-9018-00EE52A2ED71}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8D7D8E70-16B0-4731-B16D-2405F293E310}" = lport=10244 | protocol=6 | dir=in | app=system |
"{93C28288-979D-4DFD-9B95-2A9B0DCAD817}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C54287F-0980-4391-A9B2-BACD7BB79571}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A5A3C6A6-4BB3-4C7F-AFAF-F53AFFBEDFAA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A917902B-A8C7-4C57-9338-253841E67D8F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF20D9CF-0078-4417-8997-6CCD4E8756F2}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{D525785B-34CC-48CD-B42C-67E85B87F077}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D61710AB-73D2-4445-A36C-CC379363E053}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E13EBCAB-CE08-42D3-9326-0BC8457DB977}" = rport=445 | protocol=6 | dir=out | app=system |
"{F4AA9650-8E7A-46EB-BEA6-782A504E5387}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5484FFD-2AA4-406E-A839-ECAEDC011E6F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F9CA8425-BBAC-41DA-B0D9-0D2467B01986}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D66546-F825-4A8B-9D21-6057D475B749}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{082034D4-EDF7-4D5A-A8D0-ECDD36C9F5BD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{1444791E-79D1-4F1B-AA12-43EB28FD81DB}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{158D163C-69E5-4061-B08A-C7C43973FE1A}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{19B7EBFA-5C46-4CBC-943F-ACCD721EA9F1}" = dir=in | app=c:\program files\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{1C7F1063-514B-46FF-8BAC-A2024B32DB00}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\draven99\deathmatch classic\hl.exe |
"{2692396F-31A9-4366-A1E9-2085BA64FA61}" = dir=in | app=c:\program files\motorola media link\lite\mml.exe |
"{27CEB6AF-775B-4781-97DC-C33756224FF5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{291A5151-C5C9-4B17-B40D-091BD6DAC505}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{3537E7FB-96FF-4E1F-9331-315944DF99C3}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{36799BB0-5DF5-4F2C-A0A6-D3D825C9B92A}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{371B41F9-2CAF-4343-8D5B-41FB21D1D295}" = protocol=6 | dir=in | app=d:\limewire\limewire.exe |
"{397DE053-55D1-4BF9-8F5B-46430D2D0D03}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\draven99\condition zero\hl.exe |
"{39F15F4E-7E71-453D-AA83-E01D11939A1A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{3A2EDBD4-C813-4AA0-8EC9-783DDD3F3238}" = dir=out | app=c:\program files\motorola mobility\motocast\motocast.exe |
"{3BA1DDD6-50E1-40A0-B265-63FF1B871EFE}" = dir=out | app=c:\program files\motorola mobility\motocast\bin\motocast-thumbnailer.exe |
"{3CE3EAF7-BD25-44B4-8395-C3941922C2B0}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{3D1AA2AB-ACBD-4228-9CA4-C2B1208E9291}" = protocol=1 | dir=out | [email protected],-28544 |
"{40DA9E1D-6E23-445A-B7A8-8FE9D1714EB7}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{41F3BB44-41C6-4FA8-88A4-8724808745D6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\draven99\counter-strike\hl.exe |
"{42891E23-112B-4770-AC44-A04A34E7E73E}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{48C383D7-99AA-48E6-B49E-410A3F29A28E}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{4FFE6027-CF30-4BAD-88FE-AD26670C484D}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{5594115A-58CF-4B18-B6F7-BBCB4857430F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{564F6263-6671-4E9A-8385-F72AB9E7EA51}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{56EF402E-B64B-4D63-822E-11A0864A46E4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{5F9C2A3B-EB16-489B-99A0-3FA73C296003}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\draven99\condition zero\hl.exe |
"{65DBBB4A-F6F0-4152-98ED-4E4694841037}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{67B01EF5-76ED-40EB-90FE-35B7C33E09DE}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{69A1E2F8-1CD4-4CC0-99B2-1D8E32212CA1}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{6AE1C95D-765A-49E2-B56E-3966E11CF677}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{6BF7D51B-12FB-4A05-99F1-564B4F47BD73}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6C913901-3894-4CD5-BD3B-682875BD4B04}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{81FD084B-69EF-4C3D-98C4-43CF88D88AEA}" = dir=in | app=c:\program files\motorola mobility\motocast\motocast.exe |
"{828D3880-6DA5-490C-88E9-5B974A1BC186}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{853ED43C-7D32-40A1-A34F-3ADA21BD673D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{854A6945-B805-43AA-B4ED-465528FC8117}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{8D6D7017-74B2-4447-8B3C-419B8860AED0}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{92827FDC-4F8D-4C47-8E96-311C796C7EC3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{93E5B5D5-655C-470C-9E2B-575854D82BC1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{97ED2B6F-AF18-4C6D-A2C0-0B49DD3F43F0}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{9949009E-3307-48ED-BAFE-DA9EBC7940A2}" = protocol=1 | dir=in | [email protected],-28543 |
"{9BC35331-1E3B-4B8C-85EC-01C28C0196F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{9BF06CDD-6894-4FC0-B3D8-7AF9F45AAEAC}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{9EF10E4D-ABB3-4617-B9C1-4F09A2CE8CEF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\dravensaccount\zombie panic! source\hl2.exe |
"{A0EB13F8-A8C7-406D-A3A0-25EAF2E80B49}" = protocol=58 | dir=out | [email protected],-28546 |
"{A15C913A-EBD1-4C34-88FD-72D84B4D0C8F}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A20BA642-8187-4155-AF2A-E2B63E65D04D}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{A486CBA5-3142-47E8-A436-DC575ACDE102}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{A762571E-464B-4C75-8BAA-296E9223D898}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{ACD5C4F2-CAA1-421F-A242-EF4D5FC62370}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{AD3FB72B-57DA-4801-9244-A1688B659038}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{AD49C662-C01F-4FC2-BB2A-E7868BAFA759}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{AE25F898-9B59-4D80-A624-170C1C921267}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{AF1D0A5C-77CD-4748-9CDE-013C2749CF2E}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{B2588E86-C46F-42A4-B6B5-001061747F9F}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{B44F230F-D451-4C87-AD95-DF0110717269}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\draven99\counter-strike\hl.exe |
"{B5026B28-55F4-4A45-9235-89DE4C9CE3B4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{B5EF91AE-939F-4C39-A5BE-AA17B051D497}" = protocol=17 | dir=in | app=d:\limewire\limewire.exe |
"{B606A268-EC0A-4F77-9EFB-5D3FB2A019FD}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{BC6CA9DE-C041-4A42-BBBE-96F685ABBB2F}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{BD22C951-1AA0-4741-97EC-4111BDB33563}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwupdate.exe |
"{C0D3606E-B9A7-4E55-AD07-B8C279904052}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{C56C53D1-9AB3-4E5D-8EAF-A9B3146F3DCE}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{C5C46B62-4B38-4D4D-A99D-33A879DB4559}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{C6C4A0C0-7596-42F0-8E7B-2A119ED9B969}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C8CEEAF2-D666-4D03-AB1B-292E8892723A}" = protocol=58 | dir=in | [email protected],-28545 |
"{D26B0CDE-4AE1-444F-9968-67FF5703E1FB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\dravensaccount\zombie panic! source\hl2.exe |
"{D2A907F5-3A1A-4B95-B40D-CF50BF22A8B2}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{D4333BDD-4784-4899-9F41-5A43C8CF061E}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2server.exe |
"{D4B19F70-EEF2-4F6C-B15E-39743B947EE9}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{D60C65F9-B1FC-4A5F-93C7-3D650A77480D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D6779D3B-CDFB-4C79-A8E0-76289C518DD4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{DB9D4A35-B66E-4EEC-941D-5F604490A871}" = protocol=17 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main_amdxp.exe |
"{DCE5BB6B-210E-4C26-8171-0E16DB113DE4}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E046D774-E930-4394-A6A0-7FEC000A8F38}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{E240B5E8-EC97-4926-9834-ED0E9894C852}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{E26873FC-5F48-4CD8-864A-2E1EF6E45B4F}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{E2C215F4-37AD-4ADD-9E07-996149881F5D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E57EA086-7AD4-4C16-8FCA-A2B7EE49556F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{E74520E8-11E6-4405-BE36-A6075BBE29DB}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EA27D9B6-516C-4309-9DD3-804E60FD0DF3}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield 2142\bf2142.exe |
"{ECA0E982-6CFF-42B7-B447-FEA37BB6A517}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{F2F6D2C8-B5A1-448F-8E7D-1371FEB5A597}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{F3E2C9DC-188A-4D67-AD7D-8B59D1911FA2}" = protocol=6 | dir=in | app=c:\program files\atari\neverwinter nights 2\nwn2main.exe |
"{F440355F-FFE5-4F97-9724-75DAEC284F06}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{FB7DA25C-DBF1-4E62-931B-B3F25CE52451}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{FE047D00-465E-44BF-BCDF-0CA14578796C}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{FE5DB898-179A-41B0-A6B3-90DE66B23E82}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\draven99\deathmatch classic\hl.exe |
"TCP Query User{26EDF749-8441-423B-B79B-D540DD3EAF99}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{28FEE3CC-E139-41C9-A2A6-F42402FCA8CB}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{3DA75D12-F3B7-4BC4-BCD7-4FAD5496579F}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"TCP Query User{59B0D742-D671-4A5F-BCC0-CCD351EBF0C6}C:\users\outlaw\downloads\halo custom edition\haloce.exe" = protocol=6 | dir=in | app=c:\users\outlaw\downloads\halo custom edition\haloce.exe |
"TCP Query User{B0DA5092-EBB7-412F-9899-1F839D979731}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{D254B076-7EA0-4A72-9797-A0812534496A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{3ADCF8CA-FE94-40B0-9F42-227CA8D34878}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{5AE10476-7ACE-4088-8207-CAD2B845C819}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{649B40FF-4FF8-4E74-9677-99D1DF513C4F}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{6CAA7C1A-B4AF-4CE3-9CD9-73C78D8746EA}C:\users\public\games\world of warcraft\launcher.patch.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.patch.exe |
"UDP Query User{8ECAF48F-948E-404B-AC8E-57DA11D16E27}C:\users\outlaw\downloads\halo custom edition\haloce.exe" = protocol=17 | dir=in | app=c:\users\outlaw\downloads\halo custom edition\haloce.exe |
"UDP Query User{AD8253D5-CA4D-48AE-B2BF-B9BA2B40DC52}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0025DA8D-F344-E316-885A-2D71C66B0FB1}" = Catalyst Control Center Localization Norwegian
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01B0503D-45A2-CCA2-44DF-C716B80B7EB6}" = Catalyst Control Center Graphics Light
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0996C331-6DCB-4E38-A3EC-0A77ABAE1361}" = Help_CTR
"{0C74BC57-4128-D428-D4A5-267F66C80C7C}" = CCC Help German
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A2DDF67-3FA4-451C-8BF1-21CA4E546AEF}" = Motorola Device Software Update
"{1AEB447A-34B8-7DB5-67B8-1E54DADD6572}" = Catalyst Control Center Localization Polish
"{1B897B3A-57C2-DF09-C6CC-E6B9FA0AC44F}" = CCC Help Thai
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1EFF07F5-98C3-4247-8FDE-EDC67C027DA2}" = Tuner Internet Update Application
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2037D7FD-6401-DDC7-A499-2FDF9ADCD04F}" = CCC Help Turkish
"{21AD8584-EDAC-7D00-71CC-79D111C5B27B}" = CCC Help Italian
"{2295D7EE-0575-D2CC-E52A-102F2AF01169}" = CCC Help Russian
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 30
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{2A97D5B3-A989-47E1-B207-1CA9E3635655}" = aioprnt
"{2ED84754-62AA-80F6-E434-9C03FF1D4221}" = Catalyst Control Center Localization Korean
"{30965141-4363-2683-885F-4A35810A382B}" = CCC Help Portuguese
"{311D49FD-6B52-D68F-CFBC-796F22554404}" = Catalyst Control Center Localization Dutch
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3AD4FFEC-0DEC-5037-C92F-C294FEA8F320}" = Catalyst Control Center Localization Hungarian
"{3BED0238-3A25-41AE-BC23-316914B5B048}" = aioocr
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C71054A-352C-4ABD-5643-4C8F8617AE08}" = CCC Help Danish
"{3FE1C3BB-91B1-119B-47FE-49143E2AD10B}" = CCC Help Spanish
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4677674C-59CE-41B0-AA32-44A30A9D1EEB}" = Catalyst Control Center - Branding
"{48EF56FD-3B28-DEB7-7C63-85908395E6A6}" = Catalyst Control Center Localization Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C7F547E-DDE3-51BF-1D2E-04816F30AD66}" = ATI Catalyst Install Manager
"{4F896C8E-8AEF-4C27-31CD-56E6E200FAB4}" = CCC Help Dutch
"{53C436CD-155C-6159-D12B-55967DAB8887}" = CCC Help Norwegian
"{5401CEE8-3C2D-4835-A802-213306537FF4}" = MotoCast
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E396C14-A2E0-3F7B-42FE-15569155234A}" = CCC Help Chinese Standard
"{5EECEB40-3EE2-4762-872D-264346A26B84}_is1" = Rubber Ninjas Demo 1.05
"{60245C29-8A73-CF88-275F-A79BA580E748}" = CCC Help Korean
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68F2FB07-4F60-734A-46FD-493A109D1514}" = CCC Help English
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{6FD29E18-619D-259B-948F-3A65967486A3}" = ccc-core-static
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73F1681F-ADE1-461F-9F18-B7640507D395}" = ksdip
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77FB2697-2C28-9572-6452-F2418A33834E}" = Catalyst Control Center Localization Russian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{791E3D44-33D3-4446-82AD-5CD4B0169083}" = aiofw
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{79E41D91-BA1C-44B9-9358-48E598263ECF}" = center
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CC14E1A-17B4-27A6-2086-2A52BCC16A16}" = Catalyst Control Center Localization Italian
"{7D30776C-F30F-4207-6A82-EF0E1D6DCD23}" = CCC Help Chinese Traditional
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{8011B8CD-CD37-5B5D-4423-78D358B70C21}" = ccc-utility
"{804AB28B-F929-370A-B3AB-5BB99DFD73DF}" = Catalyst Control Center Localization Chinese Standard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{843081BD-351F-46FC-8A17-517A0D9117A3}" = helptut
"{84E98285-BEC0-8C52-EB74-10C281737023}" = Catalyst Control Center Localization Portuguese
"{862673D1-8F64-A109-47A9-CD5CFAABBD2A}" = Catalyst Control Center Localization Finnish
"{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"{89EFA70F-87DF-4B19-6366-77B9D693C20E}" = CCC Help Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DB9E645-E6DB-A4BB-B18A-265435D13274}" = Catalyst Control Center Graphics Full Existing
"{8E62F311-A40C-A7B3-C595-FE1E17D838F8}" = Skins
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901DD5DE-0798-883F-8B23-55D3843F3E59}" = Catalyst Control Center Localization Turkish
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92933B9E-3273-9DD6-7F47-EB6DD029C6AC}" = Catalyst Control Center Localization Chinese Traditional
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{954513A8-AAE3-97E9-1FB8-A1D70FD1A549}" = CCC Help Greek
"{9738C893-02C6-6694-DD7B-D50CC8D57248}" = Catalyst Control Center Core Implementation
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1" = WinZip Driver Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9DF93979-12BD-D361-0624-9025215FD8B5}" = CCC Help Finnish
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4BEC8AC-0E57-E1F8-C3C5-01ED0F27ECB9}" = Catalyst Control Center Localization French
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A91FB756-A9B5-7A88-7637-21B3061B97A7}" = Catalyst Control Center Graphics Full New
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AC4451B3-1CC2-7C5D-F0EC-AD2DADE9DFF2}" = CCC Help Japanese
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AC9450D2-2344-132D-AAA8-DB418BC6F3E5}" = CCC Help Hungarian
"{AE7AAFD1-C631-4B60-B62E-434F0A435317}" = Motorola Mobile Drivers Installation 5.6.0
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2F6A8F0-927A-D0CC-D1CB-FCEBD7528799}" = Catalyst Control Center Localization Czech
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{C0251585-1BE8-4278-B3CB-964B6E01C59D}" = aioscnnr
"{C0AF881D-EB63-A1D6-F29A-1EAD7BAEDB95}" = Catalyst Control Center Localization Japanese
"{C49624DD-C504-4279-B9E0-65A2EB6E1619}" = PG583_32_inf
"{C75252FF-A765-B58A-44D1-D10C24E69E59}" = Catalyst Control Center Localization Thai
"{CAAF4EB9-68E8-6BC9-ADC2-24491B70A84D}" = Catalyst Control Center Graphics Previews Vista
"{CC25FBAD-153D-0EB7-5EC5-0DE97A7A8788}" = Catalyst Control Center Localization Danish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = KODAK All-in-One Printer Software
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}" = helpug
"{EA34B5D9-A3C9-333A-B1CD-ABCC975FB5EF}" = CCC Help French
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EBCDE4F2-C6F7-1188-DDE7-15966902EC6A}" = Catalyst Control Center Localization Swedish
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F66208C6-E88B-27B6-9C49-09E78739F017}" = Catalyst Control Center Localization German
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F9E0767F-6DB6-9B56-3BEF-50BAFC430934}" = Catalyst Control Center Localization Greek
"{FCB5EE95-A308-F826-9C6B-18DD2EEA1992}" = CCC Help Polish
"{FE8A68F6-3C7C-D143-F898-C6C1F26CB41E}" = CCC Help Czech
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"A622B79B943ECA1F0AECF1FF5BE13D458F345EBB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"AVG" = AVG 2012
"blekkotb_soc" = Blekko search bar
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"Counter-Strike: Source v17" = Counter-Strike: Source v17
"D7EC1A6C98F357A7E4C53FF66325D99F66B1F590" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (12/14/2007 6.1.32.42)
"DAEMON Tools Pro" = DAEMON Tools Pro
"EA Download Manager" = EA Download Manager
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Impulse" = Impulse
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NaturalMotion endorphin_is1" = NaturalMotion endorphin 2.7.1
"NetDevil_LEGO_Universe_is1" = LEGO Universe
"NSS" = Norton Security Scan
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Speakonia_is1" = Speakonia
"Starcraft" = Starcraft
"Steam App 17500" = Zombie Panic Source
"Steam App 500" = Left 4 Dead
"Steam App 513" = Left 4 Dead Authoring Tools
"Sumotori Full Version" = Sumotori Full Version
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Outlaw
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/27/2012 2:09:53 PM | Computer Name = Outlaw-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 12.0.0.4493 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1380 Start Time: 01cd6c22d97e32c6 Termination Time: 979

Error - 7/27/2012 2:10:24 PM | Computer Name = Outlaw-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 7/27/2012 2:10:24 PM | Computer Name = Outlaw-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 7/27/2012 2:10:25 PM | Computer Name = Outlaw-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 7/27/2012 2:10:25 PM | Computer Name = Outlaw-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 7/27/2012 6:24:48 PM | Computer Name = Outlaw-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/27/2012 6:25:27 PM | Computer Name = Outlaw-PC | Source = EventSystem | ID = 4621
Description =

Error - 7/28/2012 3:37:48 PM | Computer Name = Outlaw-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/29/2012 6:34:26 PM | Computer Name = Outlaw-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/29/2012 7:31:06 PM | Computer Name = Outlaw-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16447 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 3e4 Start Time: 01cd6de1e3a8c77b Termination Time: 9

[ Media Center Events ]
Error - 3/31/2010 12:50:42 PM | Computer Name = Outlaw-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 3/31/2010 1:01:20 PM | Computer Name = Outlaw-PC | Source = McrMgr | ID = 109
Description =

Error - 5/10/2010 6:03:28 AM | Computer Name = Outlaw-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 2/1/2011 3:09:18 PM | Computer Name = Outlaw-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 7/31/2012 6:55:18 PM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/2/2012 7:41:25 PM | Computer Name = Outlaw-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:23:36 PM on 7/31/2012 was unexpected.

Error - 8/2/2012 7:42:56 PM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/3/2012 12:34:33 AM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/3/2012 12:45:22 AM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 8/3/2012 12:45:22 AM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/3/2012 12:47:50 PM | Computer Name = Outlaw-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer KODAK 5500 AiO with shared
resource name KODAK 5500 AiO. Error 2114. The printer cannot be used by others
on the network.

Error - 8/3/2012 12:49:02 PM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/3/2012 1:02:49 PM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8/3/2012 4:45:50 PM | Computer Name = Outlaw-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#12
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Thank you for the logs. :)

Step 1.

I noticed that you have two anti-virus programs running ( AVG 2012& Avast Anti-Virus). I strongly recommend that you have only one antivirus product installed and running on your computer at a time. I would recommend you uninstall AVG 2012 and keep Avast.

Multiple installed antivirus products can lead to a clash as products fight for access to files which are being opened since they need to be checked for viruses. In general terms, the programs may conflict and cause:
False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
System Performance Problems: Your system may lock up due to multiple products attempting to access the same file at the same time.

Please uninstall AVG 20 12 then run their cleanup utiility:

AVG Removal Tool

Go here

Download the removal tool for you system. 32 bit

Run it to remove AVG. After this, please restart your computer.





Step 2.

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from "Start with Windows"
Reboot and then run OTL
Posted Image




  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aqxrydkq)
    IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
    IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{C7AB36FE-5875-4521-B93B-CBCD087E1EEE}: "URL" = http://search.avg.co...{language}&nt=1
    IE - HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\..\SearchScopes\{CCEFF5E5-422B-4347-A3FF-ED27FE915CE7}: "URL" = http://search.condui...&ctid=CT3131886
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    [2011/06/25 00:01:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2012/05/04 16:46:14 | 000,000,000 | ---D | M] (Blekko search bar) -- C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}
    [2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2012/05/04 16:46:13 | 000,002,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\search.xml
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (Blekko search bar) - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files\blekkotb_soc\blekkotb_019X.dll ()
    O3 - HKLM\..\Toolbar: (Blekko search bar) - {7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} - C:\Program Files\blekkotb_soc\blekkotb_019X.dll ()
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
    O33 - MountPoints2\{15bd98c3-33f9-11df-8a23-001c25e7c607}\Shell\AutoRun\command - "" = K:\InstallTomTomHOME.exe
    O33 - MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\Shell\AutoRun\command - "" = J:\autorun.exe
    O33 - MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\Shell - "" = AutoRun
    O33 - MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\Shell\AutoRun\command - "" = K:\setup.exe -a
    O33 - MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\Shell - "" = AutoRun
    O33 - MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\Shell\AutoRun\command - "" = K:\setup.exe -a
    O33 - MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\Shell - "" = AutoRun
    O33 - MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\Shell\AutoRun\command - "" = K:\autorun.exe
    O33 - MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\Shell - "" = AutoRun
    O33 - MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\Shell\AutoRun\command - "" = K:\setup.exe -a
    O33 - MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\Shell - "" = AutoRun
    O33 - MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\Shell\AutoRun\command - "" = J:\setup.exe -a
    O33 - MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\Shell\AutoRun\command - "" = slacker.synclauncher.exe
    O33 - MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\Shell\slacker\command - "" = slacker.synclauncher.exe
    
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 3.

Please post:
OTL fix log

Please attach mbr.dat, it was created by aswMBR and should be on the desktop.



Finally, please give me an update on the computer issues with this machine
  • 0

#13
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
All processes killed
========== OTL ==========
Error: No service named aqxrydkq was found to stop!
Service\Driver key aqxrydkq not found.
HKU\S-1-5-21-1661878680-1354857675-3093604309-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1661878680-1354857675-3093604309-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C7AB36FE-5875-4521-B93B-CBCD087E1EEE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7AB36FE-5875-4521-B93B-CBCD087E1EEE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1661878680-1354857675-3093604309-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CCEFF5E5-422B-4347-A3FF-ED27FE915CE7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCEFF5E5-422B-4347-A3FF-ED27FE915CE7}\ not found.
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
File C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll not found.
Folder C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\ not found.
Folder C:\Users\Outlaw\AppData\Roaming\Mozilla\Firefox\Profiles\xkvslzcz.default\extensions\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}\ not found.
File C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll not found.
File C:\Program Files\mozilla firefox\searchplugins\search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}\ not found.
File C:\Program Files\blekkotb_soc\blekkotb_019X.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}\ not found.
File C:\Program Files\blekkotb_soc\blekkotb_019X.dll not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{15bd98c3-33f9-11df-8a23-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15bd98c3-33f9-11df-8a23-001c25e7c607}\ not found.
File K:\InstallTomTomHOME.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2e6c3028-36d5-11df-b96c-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e6c3028-36d5-11df-b96c-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2e6c3028-36d5-11df-b96c-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39a672fd-7532-11df-a960-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39a672fd-7532-11df-a960-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39a672fd-7532-11df-a960-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{547654c0-92e6-11e1-bd52-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{547654c0-92e6-11e1-bd52-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{547654c0-92e6-11e1-bd52-806e6f6e6963}\ not found.
File J:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a23d9da9-c659-11df-9ffa-001c25e7c607}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a23d9da9-c659-11df-9ffa-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a23d9da9-c659-11df-9ffa-001c25e7c607}\ not found.
File K:\setup.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a60c61bd-eaf2-11e0-9cfc-001c25e7c607}\ not found.
File K:\setup.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc39be9c-6226-11df-a248-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc39be9c-6226-11df-a248-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bc39be9c-6226-11df-a248-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cbc4363d-d1c7-11e1-9563-001c25e7c607}\ not found.
File K:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9c254c0-4f87-11e1-afc0-944452645031}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d9c254c0-4f87-11e1-afc0-944452645031}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9c254c0-4f87-11e1-afc0-944452645031}\ not found.
File K:\setup.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e68a7693-45bd-11e0-be11-001c25e7c607}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e68a7693-45bd-11e0-be11-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e68a7693-45bd-11e0-be11-001c25e7c607}\ not found.
File J:\setup.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f007c6c2-a61c-11df-8b99-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f007c6c2-a61c-11df-8b99-001c25e7c607}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f007c6c2-a61c-11df-8b99-001c25e7c607}\ not found.
File slacker.synclauncher.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Outlaw\Downloads\cmd.bat deleted successfully.
C:\Users\Outlaw\Downloads\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Outlaw
->Temp folder emptied: 447770113 bytes
->Temporary Internet Files folder emptied: 185064649 bytes
->Java cache emptied: 1115743 bytes
->FireFox cache emptied: 213195673 bytes
->Google Chrome cache emptied: 7927543 bytes
->Opera cache emptied: 15914200 bytes
->Flash cache emptied: 794426 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5739787873 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 326720803 bytes

Total Files Cleaned = 6,617.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.55.0 log created on 08052012_230044

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP00000001BDD7E805D23D714B not found!

PendingFileRenameOperations files...
[2012/08/05 23:08:34 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5
[2012/08/05 23:08:22 | 000,000,000 | ---- | M] () C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt : Unable to obtain MD5
[2012/08/05 23:08:24 | 000,000,084 | ---- | M] () C:\Windows\temp\CLDigitalHome\PCMMediaServer.log : Unable to obtain MD5
File C:\Windows\temp\TMP00000001BDD7E805D23D714B not found!

Registry entries deleted on Reboot...
  • 0

#14
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Please attach mbr.dat
  • 0

#15
Emma Grace

Emma Grace

    Member

  • Topic Starter
  • Member
  • PipPip
  • 41 posts
still looking for it. It's not on the desktop, the only one I can find is in the downloads folder but it's dated 08.03
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP