Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer freezing randomly, RUNDLL error at start up. [Solved]

Started by isayomg , Aug 26 2012 08:02 PM

This topic is locked

#1
isayomg

Posted 26 August 2012 - 08:02 PM

Member

Member
21 posts

Good day!

Recently, my computer has been acting up, with random bouts of freezing. These freezes appear from anywhere between 5 minutes to 5 hours. Anytime it freezes, I am forced to restart. 5 minutes is when I start it up immediately after a freeze. The new record currently is it freezes on the windows logo. Is this a hardware problem?

Anyway, even if it is a hardware problem, I'm half convinced that my system has some kind of virus, as I have browsed the web about my problem, and it seems that a malware can freeze my computer.

Every time I start up my computer, it will give me this RUNDLL error.

Posted Image

Here is my OTL log:

OTL logfile created on: 8/27/2012 9:39:11 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = G:\Documents and Settings\Sin Han\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.83 Gb Available Physical Memory | 41.52% Memory free
3.85 Gb Paging File | 2.62 Gb Available in Paging File | 68.14% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 74.52 Gb Total Space | 7.26 Gb Free Space | 9.75% Space Free | Partition Type: NTFS

Computer Name: SINHAN-939BBBD3 | User Name: Sin Han | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 09:38:53 | 000,598,528 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Sin Han\My Documents\Downloads\OTL.exe
PRC - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
PRC - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/08/18 06:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/04 09:11:40 | 001,353,080 | ---- | M] (Valve Corporation) -- G:\Program Files\Steam\Steam.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/21 03:48:40 | 004,368,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgui.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/06/13 03:48:04 | 000,990,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgscanx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- G:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
PRC - [2008/04/14 08:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\explorer.exe
PRC - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/26 20:38:54 | 000,132,704 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll
MOD - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
MOD - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/08/22 12:20:35 | 020,317,008 | ---- | M] () -- G:\Program Files\Steam\bin\libcef.dll
MOD - [2012/08/22 12:19:57 | 001,099,616 | ---- | M] () -- G:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/08/22 12:19:57 | 000,902,480 | ---- | M] () -- G:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/08/22 12:19:57 | 000,190,816 | ---- | M] () -- G:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/08/22 12:19:57 | 000,123,232 | ---- | M] () -- G:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/08/18 06:28:55 | 000,442,392 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012/08/18 06:28:54 | 012,236,824 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/18 06:28:52 | 003,997,720 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/18 06:27:23 | 000,144,424 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/18 06:27:22 | 000,266,792 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/18 06:27:21 | 002,480,680 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012/07/06 08:34:37 | 000,771,584 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/07/06 08:34:29 | 011,817,472 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/07/06 08:33:56 | 000,971,264 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/07/06 08:32:36 | 000,025,600 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/07/06 07:35:08 | 005,450,752 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/07/06 07:34:59 | 012,433,920 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/07/06 07:34:37 | 001,592,320 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/07/06 00:20:05 | 007,953,408 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/07/06 00:19:51 | 011,492,352 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/04/23 20:48:43 | 000,266,240 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3075.38702__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:43 | 000,204,800 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3075.38763__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3075.38738__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3075.38722__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 001,683,456 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3075.38747__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,688,128 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3075.38957__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,364,544 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3075.38985__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3075.38976__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:41 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3075.38931__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:37 | 000,483,328 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3075.39016__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:17 | 000,135,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3075.39022__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3075.38756__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,073,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3075.38717__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:16 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3075.38754__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:15 | 000,348,160 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3075.38942__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:15 | 000,090,112 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3075.38949__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:15 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3075.38940__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:13 | 000,466,944 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3075.39050__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:13 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3075.39049__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:11 | 000,401,408 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3075.38965__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:10 | 000,806,912 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3075.38886__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:10 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3075.38885__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:09 | 000,438,272 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3075.38724__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,221,184 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3075.38771__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,118,784 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3075.38905__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3075.38904__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:08 | 000,794,624 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3075.38978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,585,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3075.38777__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3075.38783__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,663,552 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3075.38933__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,446,464 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3075.38868__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3075.38921__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:06 | 000,372,736 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3075.38877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:06 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3075.38884__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3036.27945__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3036.27937__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3036.27963__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3036.27961__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,006,656 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/04/23 20:47:02 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/04/23 20:47:02 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3036.27930__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3036.27933__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3036.27964__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3036.27960__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3036.27964__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/04/23 20:47:01 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3036.27933__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3036.28032__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3036.27948__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3036.27945__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3036.27940__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3036.27964__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3036.27944__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3036.27946__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3036.27990__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3036.27965__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/04/23 20:46:59 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3036.27988__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3036.27977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3036.27959__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3036.27962__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3036.27961__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/04/23 20:46:56 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3036.27944__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/04/23 20:46:27 | 000,011,264 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3075.39054__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:26 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3075.39039__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/04/23 20:46:26 | 000,014,848 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,013,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,007,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3075.38692__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/04/23 20:46:25 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.39003__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.39000__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3036.27961__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,417,792 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3075.38993__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012/04/23 20:46:24 | 000,397,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.38732__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/04/23 20:46:24 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3036.27937__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3075.38696__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3075.38693__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/04/23 20:46:23 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:22 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3036.27959__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/04/23 20:46:21 | 000,991,232 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3075.38710__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/04/23 20:46:20 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3036.27949__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/04/23 20:46:20 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3036.27979__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:19 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3075.38694__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/04/23 20:46:19 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/04/23 20:46:19 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.39002__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/04/23 20:46:18 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3075.38688__90ba9c70f846762e\APM.Server.dll
MOD - [2012/04/23 20:46:18 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3075.38691__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/11/03 23:28:36 | 001,292,288 | ---- | M] () -- G:\WINDOWS\system32\quartz.dll
MOD - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
MOD - [2008/04/14 08:11:59 | 000,014,336 | ---- | M] () -- G:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 08:11:51 | 000,059,904 | ---- | M] () -- G:\WINDOWS\system32\devenum.dll
MOD - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () [Auto | Running] -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/08/15 12:03:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/17 15:34:15 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- G:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/05/22 05:04:00 | 004,147,960 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- G:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2012/02/15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- G:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- G:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- G:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- G:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- G:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010/04/26 23:26:43 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- G:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/11/11 17:21:52 | 004,946,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/06/03 14:20:54 | 003,100,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/05/21 07:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2004/05/02 16:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- G:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}: "URL" = http://www.google.co...1I7SHCN_enSG491
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-08-26 20:38:56&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C37D63D8-14BE-4A9D-93C0-E23C953CA336}: "URL" = http://www.facebook....q={searchTerms}
IE - HKCU\..\SearchScopes\{CA0F88D3-C766-4992-839F-F43047F83007}: "URL" = http://websearch.ask...apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{E8CE8AF2-3CD7-4139-A439-5F9CA3ADA969}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{FDE9FF18-B3C4-40EF-87AE-B5F823AC30A4}: "URL" = http://search.yahoo....ei=utf-8&fr=ie8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: G:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: g:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: G:\Documents and Settings\Sin Han\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: G:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/27 15:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: G:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.0.5\ [2012/08/26 20:39:04 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = G:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = G:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = G:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = g:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Secure Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: Turn Off the Lights = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.3_0\
CHR - Extension: YouTube = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dead Frontier = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dglbaehakkaojfihjkgkpknbjldhhmmn\1.1_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
CHR - Extension: Google Maps = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Zombie Pandemic = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl\1_0\
CHR - Extension: AVG Do Not Track = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/02/28 20:00:00 | 000,000,734 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] G:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] G:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Easy-PrintToolBox] G:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] G:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] G:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] G:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] G:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [android 1] G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSE.tmp File not found
O4 - HKCU..\Run: [f1441709-27c6-49e7-9d83-921cacb4efb7_39] "G:\WINDOWS\system32\rundll32.exe" "G:\Documents and Settings\All Users\Application Data\f1441709-27c6-49e7-9d83-921cacb4efb7_39.avi", DllUnregisterServer File not found
O4 - HKCU..\Run: [PPS Accelerator] G:\Program Files\PPStream\ppsap.exe File not found
O4 - HKCU..\Run: [Steam] G:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [syncman] g:\documents and settings\sin han\wuaucldt.exe File not found
O4 - Startup: G:\Documents and Settings\All Users\Start Menu\Programs\Startup\Imation Flash Detect.lnk = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 218.186.2.16 218.186.1.58 218.186.2.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E80B3812-45BC-4247-A8AF-83B6DC35B845}: DhcpNameServer = 218.186.2.16 218.186.1.58 218.186.2.6
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - G:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (G:\WINDOWS\system32\userinit.exe) - G:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - G:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell - "" = AutoRun
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (G:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/26 20:38:54 | 000,027,496 | ---- | C] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/26 20:38:50 | 000,000,000 | ---D | C] -- G:\Program Files\AVG Secure Search
[2012/08/26 20:24:33 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\DriverCure
[2012/08/26 20:24:32 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\ParetoLogic
[2012/08/26 20:24:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\ParetoLogic
[2012/08/12 19:27:27 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Desktop\DreamerRO
[2012/08/07 22:53:19 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\DirectX
[2012/08/07 22:49:24 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\MicroVolts
[2012/08/07 22:45:30 | 000,000,000 | ---D | C] -- G:\Program Files\MicroVolts
[2012/08/04 09:55:02 | 000,000,000 | ---D | C] -- G:\Program Files\uTorrent
[2012/08/04 09:54:30 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\uTorrent
[2012/07/28 20:52:34 | 000,000,000 | ---D | C] -- G:\WINDOWS\System32\cache
[6 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/27 09:38:01 | 104,993,541 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/27 09:35:09 | 000,254,350 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\rundll error.bmp
[2012/08/27 09:31:22 | 000,000,884 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/27 09:31:12 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2012/08/26 23:17:00 | 000,000,888 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/26 23:16:00 | 000,000,986 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004UA.job
[2012/08/26 23:03:00 | 000,000,830 | ---- | M] () -- G:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/26 23:01:01 | 000,000,238 | ---- | M] () -- G:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/26 20:16:02 | 000,000,934 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004Core.job
[2012/08/22 10:19:44 | 000,002,280 | ---- | M] () -- G:\Documents and Settings\Sin Han\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/21 19:40:02 | 000,012,598 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2012/08/20 20:23:35 | 000,004,096 | ---- | M] () -- G:\WINDOWS\System32\crash
[2012/08/19 14:15:28 | 000,116,113 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/08/16 09:14:09 | 000,099,048 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/16 00:18:18 | 000,001,374 | ---- | M] () -- G:\WINDOWS\imsins.BAK
[2012/08/13 16:32:16 | 000,027,520 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk
[2012/08/04 12:15:30 | 000,000,789 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to irislauncher.lnk
[2012/07/28 20:59:55 | 000,003,289 | ---- | M] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[6 G:\WINDOWS\*.tmp files -> G:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/27 09:35:09 | 000,254,350 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\rundll error.bmp
[2012/08/13 16:32:16 | 000,027,520 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk
[2012/08/04 12:15:30 | 000,000,789 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to irislauncher.lnk
[2012/07/24 23:31:13 | 000,000,911 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\coreavc.ini
[2012/07/24 23:25:48 | 000,003,289 | ---- | C] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[2012/07/21 00:18:48 | 000,353,024 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-299502267-725345543-1004-0.dat
[2012/07/21 00:18:47 | 000,091,166 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/07/11 14:34:54 | 000,001,218 | ---- | C] () -- G:\WINDOWS\System32\funshion.ini
[2012/07/06 14:24:40 | 000,003,584 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/23 20:51:09 | 000,000,000 | ---- | C] () -- G:\WINDOWS\ativpsrm.bin
[2012/04/23 20:41:50 | 000,593,920 | ---- | C] () -- G:\WINDOWS\System32\ati2sgag.exe
[2012/04/23 20:41:38 | 000,887,724 | R--- | C] () -- G:\WINDOWS\System32\ativva6x.dat
[2012/04/23 20:41:36 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativva5x.dat
[2012/04/23 20:41:34 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativvaxx.dat
[2012/04/23 20:41:34 | 000,172,033 | R--- | C] () -- G:\WINDOWS\System32\atiicdxx.dat
[2012/02/22 10:06:59 | 000,003,072 | ---- | C] () -- G:\WINDOWS\System32\iacenc.dll
[2011/03/22 22:28:30 | 000,002,314 | -HS- | C] () -- G:\Documents and Settings\All Users\Application Data\f1441709-27c6-49e7-9d83-921cacb4efb7_.mkv
[2011/03/21 10:48:29 | 000,000,439 | ---- | C] () -- G:\WINDOWS\trview.ini
[2011/03/18 23:25:49 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb0.bin
[2011/03/18 23:25:46 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb1.bin
[2011/03/18 23:25:46 | 000,000,001 | ---- | C] () -- G:\WINDOWS\System32\nvdrssel.bin
[2011/03/18 22:32:08 | 000,000,664 | ---- | C] () -- G:\WINDOWS\System32\d3d9caps.dat
[2011/03/03 20:45:51 | 000,000,215 | ---- | C] () -- G:\WINDOWS\System32\MRT.INI
[2011/03/03 20:24:43 | 000,023,040 | R--- | C] () -- G:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010/08/10 00:11:38 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\proxy_port
[2010/04/26 23:25:53 | 000,000,016 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\kcmdte.dat
[2010/04/26 23:25:45 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\avdrn.dat

========== LOP Check ==========

[2010/08/06 23:11:55 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\88792539
[2012/02/22 09:59:05 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\Ask
[2012/08/26 20:39:05 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/07/27 15:59:00 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\AVG2012
[2012/08/22 20:28:42 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\Battle.net
[2011/03/21 09:47:41 | 000,000,000 | -H-D | M] -- G:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/02/22 10:03:18 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012/07/27 15:43:23 | 000,000,000 | -H-D | M] -- G:\Documents and Settings\All Users\Application Data\Common Files
[2009/12/30 00:28:28 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\FreshGames
[2012/08/27 09:38:19 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\MFAData
[2012/08/26 20:41:42 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/12/30 00:25:25 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\PlayFirst
[2012/07/27 15:48:39 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\AVG Secure Search
[2012/07/27 15:49:27 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\AVG2012
[2012/07/11 19:51:33 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\BitComet
[2009/03/19 01:51:27 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\CStar
[2012/07/06 09:31:30 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\DMCache
[2012/08/26 20:24:33 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\DriverCure
[2012/02/22 21:01:45 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\GFT Asia
[2012/08/26 20:24:32 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\ParetoLogic
[2009/12/20 23:51:06 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\PPStream
[2012/07/11 02:23:50 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\Unity
[2012/08/04 13:26:16 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\uTorrent
[2012/08/26 23:01:01 | 000,000,238 | ---- | M] () -- G:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

< End of report >

A few tips would be greatly appreciated!

#2
Essexboy

Posted 27 August 2012 - 05:46 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi on completion of this could you let me know what problems remain

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following
Posted Image

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\XDva398.sys -- (XDva398)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O4 - HKLM..\Run: [Regedit32] G:\WINDOWS\system32\regedit.exe File not found
O4 - HKCU..\Run: [android 1] G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSE.tmp File not found
O4 - HKCU..\Run: [f1441709-27c6-49e7-9d83-921cacb4efb7_39] "G:\WINDOWS\system32\rundll32.exe" "G:\Documents and Settings\All Users\Application Data\f1441709-27c6-49e7-9d83-921cacb4efb7_39.avi", DllUnregisterServer File not found
O4 - HKCU..\Run: [PPS Accelerator] G:\Program Files\PPStream\ppsap.exe File not found
O4 - HKCU..\Run: [syncman] g:\documents and settings\sin han\wuaucldt.exe File not found

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

#3
isayomg

Posted 27 August 2012 - 07:15 PM

Member

Topic Starter
Member
21 posts

Thank you very much for the quick reply!

Before this, I have done a full computer scan using avg free edition anti virus. It found nothing but a lot of tracking cookies. However when I opened the quarantined vault some time later, I found a back door trojan just sitting there.
I have encountered trojans before, and have successfully removed them using trojan remover from simplysup.com. Therefore, I downloaded it again, and did a scan with it.

It didn't find a trojan, so I was pretty suspicious.

Anyway, the point is, I somehow removed the RUNDLL error by manually operating trojan remover.

Nevertheless, I ran the solution you gave me.

My computer seems to be running at least 50% faster now. What kind of sorcery is this?

Thanks for your help! Here's what my OTL notes look like now:

OTL logfile created on: 8/28/2012 9:07:42 AM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = G:\Documents and Settings\Sin Han\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 68.06% Memory free
3.85 Gb Paging File | 3.26 Gb Available in Paging File | 84.71% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 74.52 Gb Total Space | 40.96 Gb Free Space | 54.96% Space Free | Partition Type: NTFS

Computer Name: SINHAN-939BBBD3 | User Name: Sin Han | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/27 09:38:53 | 000,598,528 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Sin Han\Desktop\OTL.exe
PRC - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
PRC - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/04 09:11:40 | 001,353,080 | ---- | M] (Valve Corporation) -- G:\Program Files\Steam\Steam.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/03 16:07:44 | 001,244,432 | ---- | M] (Simply Super Software) -- G:\Program Files\Trojan Remover\Trjscan.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- G:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
PRC - [2008/04/14 08:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\explorer.exe
PRC - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/27 10:43:53 | 020,317,008 | ---- | M] () -- G:\Program Files\Steam\bin\libcef.dll
MOD - [2012/08/27 10:43:40 | 000,902,480 | ---- | M] () -- G:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/08/27 10:43:39 | 001,099,616 | ---- | M] () -- G:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/08/27 10:43:39 | 000,190,816 | ---- | M] () -- G:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/08/27 10:43:39 | 000,123,232 | ---- | M] () -- G:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/08/26 20:38:54 | 000,132,704 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll
MOD - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
MOD - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/07/06 08:34:37 | 000,771,584 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/07/06 08:34:29 | 011,817,472 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/07/06 08:33:56 | 000,971,264 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/07/06 08:32:36 | 000,025,600 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/07/06 07:35:08 | 005,450,752 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/07/06 07:34:59 | 012,433,920 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/07/06 07:34:37 | 001,592,320 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/07/06 00:20:05 | 007,953,408 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/07/06 00:19:51 | 011,492,352 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/04/23 20:48:43 | 000,266,240 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3075.38702__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:43 | 000,204,800 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3075.38763__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3075.38738__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3075.38722__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 001,683,456 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3075.38747__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,688,128 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3075.38957__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,364,544 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3075.38985__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3075.38976__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:41 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3075.38931__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:37 | 000,483,328 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3075.39016__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:17 | 000,135,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3075.39022__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3075.38756__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,073,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3075.38717__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:16 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3075.38754__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:15 | 000,348,160 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3075.38942__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:15 | 000,090,112 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3075.38949__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:15 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3075.38940__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:13 | 000,466,944 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3075.39050__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:13 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3075.39049__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:11 | 000,401,408 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3075.38965__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:10 | 000,806,912 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3075.38886__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:10 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3075.38885__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:09 | 000,438,272 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3075.38724__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,221,184 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3075.38771__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,118,784 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3075.38905__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3075.38904__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:08 | 000,794,624 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3075.38978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,585,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3075.38777__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3075.38783__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,663,552 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3075.38933__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,446,464 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3075.38868__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3075.38921__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:06 | 000,372,736 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3075.38877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:06 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3075.38884__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3036.27945__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3036.27937__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3036.27963__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3036.27961__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,006,656 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/04/23 20:47:02 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/04/23 20:47:02 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3036.27930__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3036.27933__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3036.27964__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3036.27960__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3036.27964__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/04/23 20:47:01 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3036.27933__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3036.28032__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3036.27948__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3036.27945__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3036.27940__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3036.27964__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3036.27944__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3036.27946__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3036.27990__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3036.27965__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/04/23 20:46:59 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3036.27988__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3036.27977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3036.27959__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3036.27962__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3036.27961__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/04/23 20:46:56 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3036.27944__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/04/23 20:46:27 | 000,011,264 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3075.39054__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:26 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3075.39039__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/04/23 20:46:26 | 000,014,848 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,013,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,007,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3075.38692__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/04/23 20:46:25 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.39003__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.39000__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3036.27961__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,417,792 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3075.38993__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012/04/23 20:46:24 | 000,397,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.38732__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/04/23 20:46:24 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3036.27937__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3075.38696__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3075.38693__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/04/23 20:46:23 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:22 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3036.27959__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/04/23 20:46:21 | 000,991,232 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3075.38710__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/04/23 20:46:20 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3036.27949__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/04/23 20:46:20 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3036.27979__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:19 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3075.38694__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/04/23 20:46:19 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/04/23 20:46:19 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.39002__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/04/23 20:46:18 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3075.38688__90ba9c70f846762e\APM.Server.dll
MOD - [2012/04/23 20:46:18 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3075.38691__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/11/03 23:28:36 | 001,292,288 | ---- | M] () -- G:\WINDOWS\system32\quartz.dll
MOD - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
MOD - [2008/04/14 08:11:59 | 000,014,336 | ---- | M] () -- G:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 08:11:51 | 000,059,904 | ---- | M] () -- G:\WINDOWS\system32\devenum.dll
MOD - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () [Auto | Running] -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/08/15 12:03:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/17 15:34:15 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- G:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/05/22 05:04:00 | 004,147,960 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- G:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2012/02/15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- G:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- G:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- G:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- G:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- G:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010/04/26 23:26:43 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- G:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/11/11 17:21:52 | 004,946,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/06/03 14:20:54 | 003,100,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/05/21 07:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2004/05/02 16:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- G:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}: "URL" = http://www.google.co...1I7SHCN_enSG491
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-08-26 20:38:56&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C37D63D8-14BE-4A9D-93C0-E23C953CA336}: "URL" = http://www.facebook....q={searchTerms}
IE - HKCU\..\SearchScopes\{CA0F88D3-C766-4992-839F-F43047F83007}: "URL" = http://websearch.ask...apn_dtid=OSJ000
IE - HKCU\..\SearchScopes\{E8CE8AF2-3CD7-4139-A439-5F9CA3ADA969}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{FDE9FF18-B3C4-40EF-87AE-B5F823AC30A4}: "URL" = http://search.yahoo....ei=utf-8&fr=ie8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: G:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: g:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: G:\Documents and Settings\Sin Han\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: G:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/27 15:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: G:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.0.5\ [2012/08/26 20:39:04 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com.sg/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com.sg/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = G:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = G:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = G:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = g:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Secure Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: Turn Off the Lights = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.3_0\
CHR - Extension: YouTube = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dead Frontier = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dglbaehakkaojfihjkgkpknbjldhhmmn\1.1_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
CHR - Extension: Google Maps = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Zombie Pandemic = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl\1_0\
CHR - Extension: AVG Do Not Track = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/28 09:02:28 | 000,000,098 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] G:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] G:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Easy-PrintToolBox] G:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] G:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] G:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ROC_roc_ssl_v12] G:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrojanScanner] G:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [vProt] G:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Steam] G:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: G:\Documents and Settings\All Users\Start Menu\Programs\Startup\Imation Flash Detect.lnk = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 218.186.2.16 218.186.1.58 218.186.2.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E80B3812-45BC-4247-A8AF-83B6DC35B845}: DhcpNameServer = 218.186.2.16 218.186.1.58 218.186.2.6
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - G:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (G:\WINDOWS\system32\userinit.exe) - G:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - G:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell - "" = AutoRun
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (G:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/28 09:02:24 | 000,000,000 | ---D | C] -- G:\_OTL
[2012/08/27 13:04:27 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\TEMP
[2012/08/27 13:03:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\My Documents\Simply Super Software
[2012/08/27 13:03:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\Simply Super Software
[2012/08/27 13:03:14 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\Trojan Remover
[2012/08/27 13:03:13 | 000,605,968 | ---- | C] (Igor Pavlov) -- G:\WINDOWS\System32\ztv7z.dll
[2012/08/27 13:03:11 | 000,000,000 | ---D | C] -- G:\Program Files\Trojan Remover
[2012/08/27 13:03:11 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\Simply Super Software
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Start Menu\Programs\WinRAR
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\WinRAR
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/08/27 11:02:06 | 000,000,000 | ---D | C] -- G:\Program Files\WinRAR
[2012/08/27 09:38:51 | 000,598,528 | ---- | C] (OldTimer Tools) -- G:\Documents and Settings\Sin Han\Desktop\OTL.exe
[2012/08/26 20:38:54 | 000,027,496 | ---- | C] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/26 20:38:50 | 000,000,000 | ---D | C] -- G:\Program Files\AVG Secure Search
[2012/08/26 20:24:33 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\DriverCure
[2012/08/26 20:24:32 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\ParetoLogic
[2012/08/26 20:24:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\ParetoLogic
[2012/08/12 19:27:27 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Desktop\DreamerRO
[2012/08/07 22:53:19 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\DirectX
[2012/08/07 22:49:24 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\MicroVolts
[2012/08/07 22:45:30 | 000,000,000 | ---D | C] -- G:\Program Files\MicroVolts

========== Files - Modified Within 30 Days ==========

[2012/08/28 09:04:54 | 000,000,884 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/28 09:04:47 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2012/08/28 09:03:15 | 000,000,830 | ---- | M] () -- G:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/28 09:02:28 | 000,000,098 | ---- | M] () -- G:\WINDOWS\System32\drivers\etc\Hosts
[2012/08/28 09:02:26 | 105,088,910 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/28 09:01:00 | 000,000,238 | ---- | M] () -- G:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/08/28 08:17:00 | 000,000,888 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/28 08:16:01 | 000,000,986 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004UA.job
[2012/08/27 18:38:44 | 105,027,084 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[2012/08/27 13:00:12 | 000,003,177 | ---- | M] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[2012/08/27 09:38:53 | 000,598,528 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Sin Han\Desktop\OTL.exe
[2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/26 20:16:02 | 000,000,934 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004Core.job
[2012/08/22 10:19:44 | 000,002,280 | ---- | M] () -- G:\Documents and Settings\Sin Han\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/21 19:40:02 | 000,012,598 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2012/08/20 20:23:35 | 000,004,096 | ---- | M] () -- G:\WINDOWS\System32\crash
[2012/08/19 14:15:28 | 000,116,113 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/08/16 09:14:09 | 000,099,048 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/16 00:18:18 | 000,001,374 | ---- | M] () -- G:\WINDOWS\imsins.BAK
[2012/08/13 16:32:16 | 000,027,520 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk

========== Files Created - No Company Name ==========

[2012/08/27 13:03:13 | 000,185,616 | ---- | C] () -- G:\WINDOWS\System32\ztvunrar39.dll
[2012/08/27 13:03:13 | 000,169,744 | ---- | C] () -- G:\WINDOWS\System32\ztvunrar36.dll
[2012/08/27 13:03:13 | 000,153,088 | ---- | C] () -- G:\WINDOWS\System32\UNRAR3.dll
[2012/08/27 13:03:13 | 000,077,312 | ---- | C] () -- G:\WINDOWS\System32\ztvunace26.dll
[2012/08/27 13:03:13 | 000,075,264 | ---- | C] () -- G:\WINDOWS\System32\unacev2.dll
[2012/08/13 16:32:16 | 000,027,520 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk
[2012/07/24 23:31:13 | 000,000,911 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\coreavc.ini
[2012/07/24 23:25:48 | 000,003,177 | ---- | C] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[2012/07/21 00:18:48 | 000,353,024 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-299502267-725345543-1004-0.dat
[2012/07/21 00:18:47 | 000,091,166 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/07/11 14:34:54 | 000,001,218 | ---- | C] () -- G:\WINDOWS\System32\funshion.ini
[2012/07/06 14:24:40 | 000,003,584 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/23 20:51:09 | 000,000,000 | ---- | C] () -- G:\WINDOWS\ativpsrm.bin
[2012/04/23 20:41:50 | 000,593,920 | ---- | C] () -- G:\WINDOWS\System32\ati2sgag.exe
[2012/04/23 20:41:38 | 000,887,724 | R--- | C] () -- G:\WINDOWS\System32\ativva6x.dat
[2012/04/23 20:41:36 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativva5x.dat
[2012/04/23 20:41:34 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativvaxx.dat
[2012/04/23 20:41:34 | 000,172,033 | R--- | C] () -- G:\WINDOWS\System32\atiicdxx.dat
[2012/02/22 10:06:59 | 000,003,072 | ---- | C] () -- G:\WINDOWS\System32\iacenc.dll
[2011/03/22 22:28:30 | 000,002,314 | -HS- | C] () -- G:\Documents and Settings\All Users\Application Data\f1441709-27c6-49e7-9d83-921cacb4efb7_.mkv
[2011/03/21 10:48:29 | 000,000,439 | ---- | C] () -- G:\WINDOWS\trview.ini
[2011/03/18 23:25:49 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb0.bin
[2011/03/18 23:25:46 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb1.bin
[2011/03/18 23:25:46 | 000,000,001 | ---- | C] () -- G:\WINDOWS\System32\nvdrssel.bin
[2011/03/18 22:32:08 | 000,000,664 | ---- | C] () -- G:\WINDOWS\System32\d3d9caps.dat
[2011/03/03 20:45:51 | 000,000,215 | ---- | C] () -- G:\WINDOWS\System32\MRT.INI
[2011/03/03 20:24:43 | 000,023,040 | R--- | C] () -- G:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010/08/10 00:11:38 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\proxy_port
[2010/04/26 23:25:53 | 000,000,016 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\kcmdte.dat
[2010/04/26 23:25:45 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\avdrn.dat

========== LOP Check ==========

[2010/08/06 23:11:55 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\88792539
[2012/02/22 09:59:05 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\Ask
[2012/08/26 20:39:05 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2012/07/27 15:59:00 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\AVG2012
[2012/08/22 20:28:42 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\Battle.net
[2011/03/21 09:47:41 | 000,000,000 | -H-D | M] -- G:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/02/22 10:03:18 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\CanonIJPLM
[2012/07/27 15:43:23 | 000,000,000 | -H-D | M] -- G:\Documents and Settings\All Users\Application Data\Common Files
[2009/12/30 00:28:28 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\FreshGames
[2012/08/27 18:38:46 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\MFAData
[2012/08/26 20:41:42 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\ParetoLogic
[2009/12/30 00:25:25 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\PlayFirst
[2012/08/27 13:03:11 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\Simply Super Software
[2012/08/27 13:15:13 | 000,000,000 | ---D | M] -- G:\Documents and Settings\All Users\Application Data\TEMP
[2012/07/27 15:48:39 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\AVG Secure Search
[2012/07/27 15:49:27 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\AVG2012
[2012/07/11 19:51:33 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\BitComet
[2009/03/19 01:51:27 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\CStar
[2012/07/06 09:31:30 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\DMCache
[2012/08/26 20:24:33 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\DriverCure
[2012/02/22 21:01:45 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\GFT Asia
[2012/08/26 20:24:32 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\ParetoLogic
[2009/12/20 23:51:06 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\PPStream
[2012/08/27 13:03:22 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\Simply Super Software
[2012/07/11 02:23:50 | 000,000,000 | ---D | M] -- G:\Documents and Settings\Sin Han\Application Data\Unity
[2012/08/28 09:01:00 | 000,000,238 | ---- | M] () -- G:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 104 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:FC1216D7

< End of report >

#4
Essexboy

Posted 28 August 2012 - 07:03 AM

GeekU Moderator

Retired Staff
69,964 posts

My computer seems to be running at least 50% faster now. What kind of sorcery is this?

A secret white magic :lol:

I did clear all your temporary files especially from the web browsers, as they tend to slow things down

Are there any outstanding problems ?

#5
isayomg

Posted 28 August 2012 - 07:08 AM

Member

Topic Starter
Member
21 posts

No, in fact, my computer is running pretty smoothly now.

It does seem like your powerful white magic has purged the darkness that is malware yet again.

Although I don't know for sure that my computer is clean, at least it isn't giving me problems for now.

Thanks for your help!

#6
Essexboy

Posted 28 August 2012 - 07:11 AM

GeekU Moderator

Retired Staff
69,964 posts

No problem

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[resethosts]
[emptytemp]
[CLEARALLRESTOREPOINTS]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Do not show hidden files and folders.
Click Yes to confirm.
Click OK.

Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

Go to this site and click Do I have Java
It will check your current version and then offer to update to the latest version

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:

#7
isayomg

Posted 28 August 2012 - 07:10 PM

Member

Topic Starter
Member
21 posts

I've done everything that you mentioned above. :spoton:

My computer's castle walls should be around 10 inches thicker.

:cheers:

#8
Essexboy

Posted 31 August 2012 - 02:24 PM

GeekU Moderator

Retired Staff
69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

#9
Essexboy

Posted 01 September 2012 - 04:11 AM

GeekU Moderator

Retired Staff
69,964 posts

User returned

#10
isayomg

Posted 01 September 2012 - 04:43 AM

Member

Topic Starter
Member
21 posts

Thanks for reopening the topic!

Here are my messages to Essexboy for more infomation:

Hello!

I have a problem that was solved recently.
The topic title is "Computer freezing randomly, RUNDLL error at start up"

However, it seems like a problem is resurfacing. I am getting freezes once again. However, there are no errors, it simply freezes.
I am unable to do a full system scan, as the computer freezes up before the scan can finish, so I have no idea if this is another attack, or simply a hardware error.

I would appreciate if you could open up the topic again.

Here is the topic link:
http://www.geekstogo...22#entry2197722

Thanks for the reply!

It happens pretty randomly. There isn't a specific set time for it to happen, it simply happens. No specific programs comes to mind, as it has happened when I was playing online games, surfing the net, just chatting on msn, or even simply waiting for the computer to load. I have no idea why it's doing that, but if its a hardware problem, I'm guessing that it should have a set time.

Then again, I'm not good at guessing.

I did a full system scan with AVG free edition. It found nothing but lots of delicious tracking cookies.
Is this a hardware error after all?
Do I need to post a OTL log?

Edited by isayomg, 01 September 2012 - 04:47 AM.

#11
Essexboy

Posted 01 September 2012 - 05:09 AM

GeekU Moderator

Retired Staff
69,964 posts

First lets see if you have some minidumps..

Go to C:\Windows\minidump
Are there any files in there ?
If so then zip the last three or four and attach them to the next post

#12
isayomg

Posted 01 September 2012 - 05:23 AM

Member

Topic Starter
Member
21 posts

Here you go!

There're 10 files in there, I chose the last 4 of them.

Attached Files

Minidump.rar 61.39KB 108 downloads

#13
Essexboy

Posted 01 September 2012 - 05:56 AM

GeekU Moderator

Retired Staff
69,964 posts

Have you added or changed some memory sticks recently ?

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
sr.*
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs

#14
isayomg

Posted 01 September 2012 - 06:16 AM

Member

Topic Starter
Member
21 posts

I haven't added in anything extra from the last clean up. Only insignificant thing I did was plugging in a camera.

Since the last clean up, there were a few random freezes. But they were far and few in between, and didn't pose much of a problem. A simple restart would be fine.
However, just a few hours ago, it froze 3 times in a row in the span of 15 minutes, so I thought things were getting worse.
But there wasn't anymore of that since then.

Here are the logs!

OTL log:

OTL logfile created on: 9/1/2012 8:04:14 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = G:\Documents and Settings\Sin Han\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.07% Memory free
3.85 Gb Paging File | 2.96 Gb Available in Paging File | 77.02% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 74.52 Gb Total Space | 46.43 Gb Free Space | 62.30% Space Free | Partition Type: NTFS

Computer Name: SINHAN-939BBBD3 | User Name: Sin Han | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/01 20:02:20 | 000,598,528 | ---- | M] (OldTimer Tools) -- G:\Documents and Settings\Sin Han\My Documents\Downloads\OTL.exe
PRC - [2012/08/29 09:02:28 | 000,161,768 | ---- | M] (Oracle Corporation) -- G:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
PRC - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/08/18 06:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/08/04 09:11:40 | 001,353,080 | ---- | M] (Valve Corporation) -- G:\Program Files\Steam\Steam.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- G:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
PRC - [2008/04/14 08:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- G:\WINDOWS\explorer.exe
PRC - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/27 10:43:53 | 020,317,008 | ---- | M] () -- G:\Program Files\Steam\bin\libcef.dll
MOD - [2012/08/27 10:43:40 | 000,902,480 | ---- | M] () -- G:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012/08/27 10:43:39 | 001,099,616 | ---- | M] () -- G:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012/08/27 10:43:39 | 000,190,816 | ---- | M] () -- G:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012/08/27 10:43:39 | 000,123,232 | ---- | M] () -- G:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012/08/26 20:38:54 | 000,132,704 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll
MOD - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
MOD - [2012/08/26 20:38:51 | 001,162,848 | ---- | M] () -- G:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/08/18 06:28:55 | 000,442,392 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppgooglenaclpluginchrome.dll
MOD - [2012/08/18 06:28:54 | 012,236,824 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
MOD - [2012/08/18 06:28:52 | 003,997,720 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
MOD - [2012/08/18 06:27:23 | 000,144,424 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avutil-51.dll
MOD - [2012/08/18 06:27:22 | 000,266,792 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avformat-54.dll
MOD - [2012/08/18 06:27:21 | 002,480,680 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\avcodec-54.dll
MOD - [2012/07/06 08:34:37 | 000,771,584 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/07/06 08:34:29 | 011,817,472 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/07/06 08:33:56 | 000,971,264 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/07/06 08:32:36 | 000,025,600 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/07/06 07:35:08 | 005,450,752 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/07/06 07:34:59 | 012,433,920 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/07/06 07:34:37 | 001,592,320 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/07/06 00:20:05 | 007,953,408 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/07/06 00:19:51 | 011,492,352 | ---- | M] () -- G:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/04/23 20:48:43 | 000,266,240 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3075.38702__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:43 | 000,204,800 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3075.38763__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3075.38738__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:43 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3075.38722__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 001,683,456 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3075.38747__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,688,128 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3075.38957__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,364,544 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3075.38985__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012/04/23 20:48:42 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3075.38976__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:42 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:41 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3075.38931__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012/04/23 20:48:37 | 000,483,328 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3075.39016__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:17 | 000,135,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3075.39022__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3075.38756__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:17 | 000,073,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3075.38717__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:16 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3075.38754__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:15 | 000,348,160 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3075.38942__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:15 | 000,090,112 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3075.38949__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:15 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3075.38940__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:13 | 000,466,944 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3075.39050__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:13 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3075.39049__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:11 | 000,401,408 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3075.38965__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012/04/23 20:47:10 | 000,806,912 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3075.38886__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:10 | 000,077,824 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3075.38885__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:09 | 000,438,272 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3075.38724__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,221,184 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3075.38771__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,118,784 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3075.38905__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:09 | 000,036,864 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3075.38904__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:08 | 000,794,624 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3075.38978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,585,728 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3075.38777__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:08 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3075.38783__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,663,552 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3075.38933__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,446,464 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3075.38868__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:07 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3075.38875__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:07 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3075.38921__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:06 | 000,372,736 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3075.38877__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012/04/23 20:47:06 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3075.38884__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3036.27945__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3036.27937__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3036.27963__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012/04/23 20:47:05 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3036.27961__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3036.27993__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012/04/23 20:47:04 | 000,006,656 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012/04/23 20:47:02 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012/04/23 20:47:02 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3036.27930__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3036.27933__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3036.27964__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2012/04/23 20:47:02 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3036.27960__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3036.27964__90ba9c70f846762e\DEM.OS.dll
MOD - [2012/04/23 20:47:02 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012/04/23 20:47:01 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3036.27933__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3036.28032__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3036.27948__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3036.27945__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3036.27940__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3036.27964__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3036.27944__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012/04/23 20:47:01 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3036.27946__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3036.27990__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2012/04/23 20:47:00 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3036.27965__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012/04/23 20:46:59 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3036.27988__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3036.27974__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3036.27977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012/04/23 20:46:58 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,065,536 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3036.27976__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3036.27978__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3036.27959__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3036.27966__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012/04/23 20:46:57 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3036.27962__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2012/04/23 20:46:56 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3036.27961__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012/04/23 20:46:56 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3036.27944__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012/04/23 20:46:27 | 000,011,264 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3075.39054__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:26 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3075.39039__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012/04/23 20:46:26 | 000,014,848 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,013,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012/04/23 20:46:26 | 000,007,168 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3075.38692__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012/04/23 20:46:25 | 000,102,400 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3075.39003__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,061,440 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3075.39000__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012/04/23 20:46:25 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3036.27961__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012/04/23 20:46:25 | 000,016,384 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3036.27941__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,417,792 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3075.38993__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012/04/23 20:46:24 | 000,397,312 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3075.38732__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012/04/23 20:46:24 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3036.27937__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012/04/23 20:46:24 | 000,024,576 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3075.38696__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012/04/23 20:46:23 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3075.38693__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012/04/23 20:46:23 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3036.27962__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:22 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3036.27959__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012/04/23 20:46:21 | 000,991,232 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3075.38710__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012/04/23 20:46:20 | 000,040,960 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3036.27949__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012/04/23 20:46:20 | 000,020,480 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3036.27979__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012/04/23 20:46:19 | 000,069,632 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3075.38694__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2012/04/23 20:46:19 | 000,032,768 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012/04/23 20:46:19 | 000,028,672 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3075.39002__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012/04/23 20:46:18 | 000,053,248 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3075.38688__90ba9c70f846762e\APM.Server.dll
MOD - [2012/04/23 20:46:18 | 000,045,056 | ---- | M] () -- G:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3075.38691__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/11/03 23:28:36 | 001,292,288 | ---- | M] () -- G:\WINDOWS\system32\quartz.dll
MOD - [2010/02/25 20:29:11 | 000,774,144 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe
MOD - [2008/04/14 08:11:59 | 000,014,336 | ---- | M] () -- G:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 08:11:51 | 000,059,904 | ---- | M] () -- G:\WINDOWS\system32\devenum.dll
MOD - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/29 09:02:28 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- G:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/27 10:43:57 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- G:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/08/26 20:38:53 | 000,927,840 | ---- | M] () [Auto | Running] -- G:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/08/15 12:03:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- G:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- G:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/05/22 05:04:00 | 004,147,960 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- G:\WINDOWS\system32\GameMon.des -- (npggsvc)
SRV - [2012/02/15 13:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- G:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- G:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/10/21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- G:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- G:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2006/11/10 23:12:30 | 000,099,936 | ---- | M] () [Auto | Running] -- G:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\XDva399.sys -- (XDva399)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- G:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- G:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- G:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- G:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010/04/26 23:26:43 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- G:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/11/11 17:21:52 | 004,946,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008/10/30 21:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/06/03 14:20:54 | 003,100,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/05/21 07:53:36 | 000,093,696 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- G:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2004/05/02 16:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- G:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SE...S01?FORM=TOOLBR
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.c...ferrer:source?}
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes,DefaultScope = {678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{678ADE1B-F9AA-46F7-83EB-92FD2B83EC21}: "URL" = http://www.google.co...1I7SHCN_enSG491
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2012-08-26 20:38:56&v=12.2.0.5&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{C37D63D8-14BE-4A9D-93C0-E23C953CA336}: "URL" = http://www.facebook....q={searchTerms}
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{CA0F88D3-C766-4992-839F-F43047F83007}: "URL" = http://websearch.ask...apn_dtid=OSJ000
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{E8CE8AF2-3CD7-4139-A439-5F9CA3ADA969}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\SearchScopes\{FDE9FF18-B3C4-40EF-87AE-B5F823AC30A4}: "URL" = http://search.yahoo....ei=utf-8&fr=ie8
IE - HKU\S-1-5-21-73586283-299502267-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: G:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: G:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: G:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: g:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: G:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: G:\Documents and Settings\Sin Han\Application Data\nprhapengine.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: G:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/27 15:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: G:\Documents and Settings\All Users\Application Data\AVG Secure Search\12.2.0.5\ [2012/08/26 20:39:04 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - homepage: http://www.google.com.sg/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com.sg/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = G:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = G:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = G:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = G:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = G:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = G:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = g:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = g:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Secure Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bdgpjclefcppbhifgmbncakhhphkggdb\12.2.0.5_0\
CHR - Extension: Turn Off the Lights = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.5_0\
CHR - Extension: Turn Off the Lights = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\
CHR - Extension: YouTube = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Dead Frontier = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dglbaehakkaojfihjkgkpknbjldhhmmn\1.1_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
CHR - Extension: Realm of the Mad God = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
CHR - Extension: Google Maps = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Zombie Pandemic = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhkicdgidnfmdfnhhllffoplpaldkljl\1_0\
CHR - Extension: AVG Do Not Track = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/29 08:48:33 | 000,000,098 | ---- | M]) - G:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - G:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - G:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - G:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - G:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - G:\Program Files\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-73586283-299502267-725345543-1004\..\Toolbar\WebBrowser: (PlayFirst Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - G:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Alcmtr] G:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AVG_TRAY] G:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Easy-PrintToolBox] G:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] G:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] G:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] G:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [ROC_roc_ssl_v12] G:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [StartCCC] G:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrojanScanner] G:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [vProt] G:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-73586283-299502267-725345543-1004..\Run: [Steam] G:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: G:\Documents and Settings\All Users\Start Menu\Programs\Startup\Imation Flash Detect.lnk = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - G:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 218.186.2.16 218.186.2.6 202.156.1.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E80B3812-45BC-4247-A8AF-83B6DC35B845}: DhcpNameServer = 218.186.2.16 218.186.2.6 202.156.1.6
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - G:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - G:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - G:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - G:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - G:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (G:\WINDOWS\system32\userinit.exe) - G:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - G:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: G:\Documents and Settings\Sin Han\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{66796c03-0960-11de-a935-d3b2df16d5ec}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell - "" = AutoRun
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{cf0981c1-091a-11de-a934-87b3edd9e720}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (G:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 15:16:28 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Desktop\dragon nest mod
[2012/08/29 16:04:56 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Sun
[2012/08/29 15:38:53 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Desktop\New Folder
[2012/08/29 09:03:23 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\Java
[2012/08/29 09:03:08 | 000,821,736 | ---- | C] (Oracle Corporation) -- G:\WINDOWS\System32\npDeployJava1.dll
[2012/08/29 09:03:08 | 000,246,760 | ---- | C] (Oracle Corporation) -- G:\WINDOWS\System32\javaws.exe
[2012/08/29 09:02:55 | 000,093,672 | ---- | C] (Oracle Corporation) -- G:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/08/29 09:02:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- G:\WINDOWS\System32\javaw.exe
[2012/08/29 09:02:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- G:\WINDOWS\System32\java.exe
[2012/08/29 09:02:51 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\Malwarebytes
[2012/08/29 09:02:35 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/29 09:02:32 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/08/29 09:02:29 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- G:\WINDOWS\System32\drivers\mbam.sys
[2012/08/29 09:02:29 | 000,000,000 | ---D | C] -- G:\Program Files\Malwarebytes' Anti-Malware
[2012/08/28 11:28:46 | 000,000,000 | R--D | C] -- G:\Documents and Settings\Sin Han\Start Menu\Programs\Administrative Tools
[2012/08/27 13:04:27 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\TEMP
[2012/08/27 13:03:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\My Documents\Simply Super Software
[2012/08/27 13:03:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\Simply Super Software
[2012/08/27 13:03:14 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\Trojan Remover
[2012/08/27 13:03:13 | 000,605,968 | ---- | C] (Igor Pavlov) -- G:\WINDOWS\System32\ztv7z.dll
[2012/08/27 13:03:13 | 000,077,072 | ---- | C] (Microsoft Corporation) -- G:\WINDOWS\System32\ztvcabinet.dll
[2012/08/27 13:03:11 | 000,000,000 | ---D | C] -- G:\Program Files\Trojan Remover
[2012/08/27 13:03:11 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\Simply Super Software
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Start Menu\Programs\WinRAR
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\WinRAR
[2012/08/27 11:02:13 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2012/08/27 11:02:06 | 000,000,000 | ---D | C] -- G:\Program Files\WinRAR
[2012/08/26 20:38:54 | 000,027,496 | ---- | C] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/26 20:38:50 | 000,000,000 | ---D | C] -- G:\Program Files\AVG Secure Search
[2012/08/26 20:24:33 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\DriverCure
[2012/08/26 20:24:32 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Application Data\ParetoLogic
[2012/08/26 20:24:22 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Application Data\ParetoLogic
[2012/08/12 19:27:27 | 000,000,000 | ---D | C] -- G:\Documents and Settings\Sin Han\Desktop\DreamerRO
[2012/08/07 22:53:19 | 000,000,000 | ---D | C] -- G:\Program Files\Common Files\DirectX
[2012/08/07 22:49:24 | 000,000,000 | ---D | C] -- G:\Documents and Settings\All Users\Start Menu\Programs\MicroVolts
[2012/08/07 22:45:30 | 000,000,000 | ---D | C] -- G:\Program Files\MicroVolts

========== Files - Modified Within 30 Days ==========

[2012/09/01 20:03:01 | 000,000,830 | ---- | M] () -- G:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/01 20:01:02 | 000,000,238 | ---- | M] () -- G:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/09/01 19:17:00 | 000,000,888 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/01 19:16:00 | 000,000,986 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004UA.job
[2012/09/01 18:23:36 | 105,493,013 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/09/01 18:16:52 | 000,000,884 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/01 18:16:43 | 000,002,048 | --S- | M] () -- G:\WINDOWS\bootstat.dat
[2012/08/31 20:16:03 | 000,000,934 | ---- | M] () -- G:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-299502267-725345543-1004Core.job
[2012/08/30 09:25:43 | 000,012,598 | ---- | M] () -- G:\WINDOWS\System32\wpa.dbl
[2012/08/29 09:02:28 | 000,093,672 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/08/29 09:02:26 | 000,821,736 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\npDeployJava1.dll
[2012/08/29 09:02:26 | 000,246,760 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\javaws.exe
[2012/08/29 09:02:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\javaw.exe
[2012/08/29 09:02:26 | 000,174,056 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\java.exe
[2012/08/29 09:02:26 | 000,143,872 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\javacpl.cpl
[2012/08/29 09:02:25 | 000,746,984 | ---- | M] (Oracle Corporation) -- G:\WINDOWS\System32\deployJava1.dll
[2012/08/29 08:56:29 | 000,099,048 | ---- | M] () -- G:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/29 08:48:33 | 000,000,098 | ---- | M] () -- G:\WINDOWS\System32\drivers\etc\Hosts
[2012/08/27 13:00:12 | 000,003,177 | ---- | M] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[2012/08/26 20:38:54 | 000,027,496 | ---- | M] (AVG Technologies) -- G:\WINDOWS\System32\drivers\avgtpx86.sys
[2012/08/22 10:19:44 | 000,002,280 | ---- | M] () -- G:\Documents and Settings\Sin Han\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/20 20:23:35 | 000,004,096 | ---- | M] () -- G:\WINDOWS\System32\crash
[2012/08/19 14:15:28 | 000,116,113 | ---- | M] () -- G:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/08/16 00:18:18 | 000,001,374 | ---- | M] () -- G:\WINDOWS\imsins.BAK
[2012/08/15 12:03:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- G:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/15 12:03:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- G:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/13 16:32:16 | 000,027,520 | ---- | M] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | M] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk

========== Files Created - No Company Name ==========

[2012/08/27 13:03:13 | 000,185,616 | ---- | C] () -- G:\WINDOWS\System32\ztvunrar39.dll
[2012/08/27 13:03:13 | 000,169,744 | ---- | C] () -- G:\WINDOWS\System32\ztvunrar36.dll
[2012/08/27 13:03:13 | 000,153,088 | ---- | C] () -- G:\WINDOWS\System32\UNRAR3.dll
[2012/08/27 13:03:13 | 000,077,312 | ---- | C] () -- G:\WINDOWS\System32\ztvunace26.dll
[2012/08/27 13:03:13 | 000,075,264 | ---- | C] () -- G:\WINDOWS\System32\unacev2.dll
[2012/08/13 16:32:16 | 000,027,520 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\dt.dat
[2012/08/12 19:34:30 | 000,000,572 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\Shortcut to DreamerRO.lnk
[2012/08/07 22:49:38 | 000,000,696 | ---- | C] () -- G:\Documents and Settings\Sin Han\Desktop\MicroVolts.lnk
[2012/07/24 23:31:13 | 000,000,911 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\coreavc.ini
[2012/07/24 23:25:48 | 000,003,177 | ---- | C] () -- G:\Documents and Settings\Sin Han\FunShion.ini
[2012/07/21 00:18:48 | 000,353,024 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-73586283-299502267-725345543-1004-0.dat
[2012/07/21 00:18:47 | 000,091,166 | ---- | C] () -- G:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/07/11 14:34:54 | 000,001,218 | ---- | C] () -- G:\WINDOWS\System32\funshion.ini
[2012/07/06 14:24:40 | 000,003,584 | ---- | C] () -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/23 20:51:09 | 000,000,000 | ---- | C] () -- G:\WINDOWS\ativpsrm.bin
[2012/04/23 20:41:50 | 000,593,920 | ---- | C] () -- G:\WINDOWS\System32\ati2sgag.exe
[2012/04/23 20:41:38 | 000,887,724 | R--- | C] () -- G:\WINDOWS\System32\ativva6x.dat
[2012/04/23 20:41:36 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativva5x.dat
[2012/04/23 20:41:34 | 003,107,788 | R--- | C] () -- G:\WINDOWS\System32\ativvaxx.dat
[2012/04/23 20:41:34 | 000,172,033 | R--- | C] () -- G:\WINDOWS\System32\atiicdxx.dat
[2012/02/22 10:06:59 | 000,003,072 | ---- | C] () -- G:\WINDOWS\System32\iacenc.dll
[2011/03/22 22:28:30 | 000,002,314 | -HS- | C] () -- G:\Documents and Settings\All Users\Application Data\f1441709-27c6-49e7-9d83-921cacb4efb7_.mkv
[2011/03/21 10:48:29 | 000,000,439 | ---- | C] () -- G:\WINDOWS\trview.ini
[2011/03/18 23:25:49 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb0.bin
[2011/03/18 23:25:46 | 000,232,968 | ---- | C] () -- G:\WINDOWS\System32\nvdrsdb1.bin
[2011/03/18 23:25:46 | 000,000,001 | ---- | C] () -- G:\WINDOWS\System32\nvdrssel.bin
[2011/03/18 22:32:08 | 000,000,664 | ---- | C] () -- G:\WINDOWS\System32\d3d9caps.dat
[2011/03/03 20:45:51 | 000,000,215 | ---- | C] () -- G:\WINDOWS\System32\MRT.INI
[2011/03/03 20:24:43 | 000,023,040 | R--- | C] () -- G:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010/08/10 00:11:38 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\proxy_port
[2010/04/26 23:25:53 | 000,000,016 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\kcmdte.dat
[2010/04/26 23:25:45 | 000,000,004 | ---- | C] () -- G:\Documents and Settings\Sin Han\Application Data\avdrn.dat

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- G:\install.exe

< MD5 for: SR.DLL >
[2012/08/14 12:30:38 | 000,008,728 | ---- | M] () MD5=59295E74E504E722AF4E33644C9C8EF5 -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\Locales\sr.dll
[2012/08/18 06:28:33 | 000,008,728 | ---- | M] () MD5=A92879E4EBB078D3D16A8750EB58816C -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\Locales\sr.dll

< MD5 for: SR.INF >
[2006/02/28 20:00:00 | 000,005,038 | ---- | M] () MD5=C51F64A45FE82FE926113698908F7C15 -- G:\WINDOWS\inf\sr.inf

< MD5 for: SR.MOF >
[2006/02/28 20:00:00 | 000,003,799 | ---- | M] () MD5=010ED42FE2EE754B65FA8FC1DE7B67E1 -- G:\WINDOWS\system32\wbem\sr.mof

< MD5 for: SR.PAK >
[2012/08/14 11:15:50 | 000,334,042 | ---- | M] () MD5=A434E901B2266F7C14FD56B9BAA0954B -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.79\Locales\sr.pak
[2012/08/18 05:28:22 | 000,334,042 | ---- | M] () MD5=A434E901B2266F7C14FD56B9BAA0954B -- G:\Documents and Settings\Sin Han\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\Locales\sr.pak

< MD5 for: SR.PNF >
[2009/03/05 08:19:27 | 000,012,064 | ---- | M] () MD5=2B1C7DEC614C6BE6BA320120B939E9FD -- G:\WINDOWS\inf\sr.PNF

< MD5 for: SR.SYS >
[2008/04/14 02:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- G:\WINDOWS\ServicePackFiles\i386\sr.sys
[2008/04/14 02:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- G:\WINDOWS\system32\drivers\sr.sys
[2006/02/28 20:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=E41B6D037D6CD08461470AF04500DC24 -- G:\WINDOWS\$NtServicePackUninstall$\sr.sys

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"Type" = 32
"Start" = 3
"ErrorControl" = 1
"ImagePath" = %SystemRoot%\system32\svchost.exe -k netsvcs -- [2008/04/14 08:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation)
"DisplayName" = Background Intelligent Transfer Service
"DependOnService" = Rpcss [binary data] -- [2009/02/09 20:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation)
"DependOnGroup" = [binary data]
"ObjectName" = LocalSystem
"Description" = Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled.
"FailureActions" = 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 E3 0C 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 60 EA 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = G:\WINDOWS\system32\qmgr.dll -- [2008/04/14 08:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]
"0" = Root\LEGACY_BITS\0000
"Count" = 1
"NextInstance" = 1

========== Alternate Data Streams ==========

@Alternate Data Stream - 134 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9
@Alternate Data Stream - 104 bytes -> G:\Documents and Settings\All Users\Application Data\TEMP:FC1216D7

< End of report >

Extras log:

OTL Extras logfile created on: 9/1/2012 8:04:14 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = G:\Documents and Settings\Sin Han\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.07% Memory free
3.85 Gb Paging File | 2.96 Gb Available in Paging File | 77.02% Paging File free
Paging file location(s): G:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = G: | %SystemRoot% = G:\WINDOWS | %ProgramFiles% = G:\Program Files
Drive G: | 74.52 Gb Total Space | 46.43 Gb Free Space | 62.30% Space Free | Partition Type: NTFS

Computer Name: SINHAN-939BBBD3 | User Name: Sin Han | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [kwopen] -- "G:\Program Files\KWMUSIC\KwMusic.exe" \dir "%1"
Directory [kwplaylist] -- "G:\Program Files\KWMUSIC\KwMusic.exe" \dirlist "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"G:\Program Files\MSN Messenger\livecall.exe" = G:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"G:\Program Files\MSN Messenger\livecall.exe" = G:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSD.tmp" = G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSD.tmp:*:Enabled:Microsoft Office
":\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSE.tmp" = :\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSE.tmp:*:Enabled:Microsoft Office
"G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSC.tmp" = G:\DOCUME~1\SINHAN~1\LOCALS~1\Temp\NSC.tmp:*:Enabled:Microsoft Office
"G:\Program Files\DealBook 360\DealBook 360.exe" = G:\Program Files\DealBook 360\DealBook 360.exe:*:Enabled:DealBook 360 -- ()
"G:\Documents and Settings\Sin Han\Desktop\DragonNest\DragonNest.exe" = G:\Documents and Settings\Sin Han\Desktop\DragonNest\DragonNest.exe:*:Enabled:Dragon Nest -- ()
"G:\Program Files\Steam\Steam.exe" = G:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"G:\Program Files\Funshion Online\Funshion\FunshionService.exe" = G:\Program Files\Funshion Online\Funshion\FunshionService.exe:*:Enabled:FunshionService
"G:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe" = G:\Program Files\Funshion Online\Funshion\FunshionUpgrade.exe:*:Enabled:FunshionUpgrade
"G:\Program Files\AVG\AVG2012\avgnsx.exe" = G:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"G:\Program Files\AVG\AVG2012\avgdiagex.exe" = G:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.)
"G:\Program Files\AVG\AVG2012\avgmfapx.exe" = G:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"G:\Program Files\AVG\AVG2012\avgemcx.exe" = G:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.954\Agent.exe" = G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.954\Agent.exe:*:Enabled:Blizzard Agent -- (Blizzard Entertainment)
"G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1040\Agent.exe" = G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Blizzard Agent
"G:\Program Files\Diablo III\Diablo III.exe" = G:\Program Files\Diablo III\Diablo III.exe:*:Enabled:Diablo III -- (Blizzard Entertainment)
"G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1225\Agent.exe" = G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1225\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1267\Agent.exe" = G:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.1267\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"G:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe" = G:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E494A7-F504-DA41-3079-9E2FB36736BC}" = CCC Help English
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04A94422-A264-81D4-D65E-87276F5B402D}" = Catalyst Control Center Localization Italian
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0E73A14F-23FD-E1B8-ED38-108ECFA08440}" = Catalyst Control Center Localization Portuguese
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}" = Catalyst Control Center Graphics Previews Common
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23655B51-F898-DC12-A2A1-3348D875F659}" = CCC Help Czech
"{25611B0A-54C2-69B9-723D-668201C22CD4}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{27F38AC0-298C-F7E2-F3AE-F7D12BBBE9D5}" = CCC Help Chinese Traditional
"{30B695C3-C7B0-69E1-197B-409587BC1FD7}" = CCC Help Norwegian
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3566D7DB-EA10-49DE-A95B-F4AB41FC0A93}" = Dragon Nest SEA
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{399B10AC-4E84-20F8-5913-82526B16F561}" = Catalyst Control Center Graphics Light
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EC34F85-AF61-5B18-42D6-306B6B80E92E}" = Catalyst Control Center Localization Swedish
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B494547-1410-C77E-B6F0-86F394ABAF94}" = CCC Help Hungarian
"{4D7E8B72-AEA2-8493-F5F3-DA10E2EE2D22}" = Catalyst Control Center Localization Chinese Traditional
"{55663DF0-3559-AE1E-0B9E-ED5353914B5D}" = CCC Help Japanese
"{59F83B00-970D-511C-D9DE-52B233780020}" = CCC Help Portuguese
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E550CD5-051A-421B-9E43-BD6FD9BFED6F}" = Chinese Star XP
"{5E7A8F05-013C-44FD-B450-5434CA581098}_is1" = MicroVolts
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64ACFE24-FB82-84A6-9FB8-B90539752E5B}" = Catalyst Control Center Localization German
"{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}" = Catalyst Control Center Graphics Full New
"{6D12EC75-E7D3-4EAD-AB10-E1F3AFF94AA6}" = AVG 2012
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F4C1C17-C647-3CE0-4426-F368132A66A6}" = CCC Help Turkish
"{81946C2A-5269-A6F5-4566-A9F253007A7E}" = Catalyst Control Center Localization Turkish
"{8615E5FC-8906-AACF-5A1A-FB65046F647B}" = CCC Help Swedish
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8959A774-3FB3-B315-ACDF-4B7B70F5A169}" = Catalyst Control Center Core Implementation
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A62A068-3FD6-495A-9F66-26FE94F32EC9}" = Rhapsody Player Engine
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{906B417C-6F6C-2A5A-DB5E-5C7499941C58}" = CCC Help Spanish
"{93CB830F-517E-1695-C61B-2A1AA105CD78}" = Catalyst Control Center Localization French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}" = CCC Help German
"{984880C1-7AC7-5267-A7D9-AEC19C932950}" = Catalyst Control Center Graphics Full Existing
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3F8688-4F15-B77D-73A1-B0363517D1B1}" = Catalyst Control Center Localization Danish
"{9B1BFDE6-3B65-FB41-BC54-353227EE742A}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0793FD9-9505-BF02-FF47-83C984DC814B}" = Catalyst Control Center Localization Chinese Standard
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A32A0DF0-6650-6503-293D-64AAF212CBF8}" = Catalyst Control Center Localization Japanese
"{A44D0AC2-0891-5AB9-EE23-3EF3339BC2FE}" = Catalyst Control Center Localization Russian
"{A54BEBF5-D7F9-2B34-6475-FB07780C80CA}" = Catalyst Control Center Localization Polish
"{A8280D9A-D6A4-1E52-E85F-99E3BB19CEEA}" = Catalyst Control Center Localization Czech
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A960DA53-C5C4-37A4-3671-C0236BF41E99}" = CCC Help Chinese Standard
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.2
"{B0D2BC40-119B-AD18-E697-E6073DD6D149}" = ccc-utility
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B2C78A98-20EA-D90A-69E3-B15587D51588}" = CCC Help Thai
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B59DA9F5-3630-FFF1-C47C-B2CA172CF876}" = CCC Help Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B84AE471-81DD-D81F-CD20-B3464877E525}" = Skins
"{BBFEA1AF-ECCE-1114-2EC8-AC304AB6B753}" = Catalyst Control Center Localization Hungarian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C397AE7E-CFA4-9D60-880D-D0BA7CF3F596}" = CCC Help Finnish
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D20100AC-608D-1A4C-372E-75009E7C168E}" = CCC Help Danish
"{D801FEB6-53DF-CE1C-67E2-A977E43A7E8F}" = CCC Help Russian
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}" = CCC Help Dutch
"{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}" = CCC Help French
"{DBB18C43-FE45-36DF-D171-E209B79A76F3}" = Catalyst Control Center Localization Dutch
"{E1BCF465-85F4-C303-944E-9E416977C560}" = CCC Help Korean
"{E3AEC354-AD4C-51D3-E345-CEE6CA8A9C3A}" = Catalyst Control Center Localization Greek
"{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EA024A36-5934-05B8-550B-60DA131B90C4}" = CCC Help Greek
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE5AC826-8731-6406-9947-D0420143A7BD}" = ccc-core-preinstall
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EEB193CE-2B04-B568-29FF-FAFA34BB3F19}" = Catalyst Control Center Localization Spanish
"{EF0A8C24-E239-45D5-492D-D5895518ACB3}" = Catalyst Control Center Localization Thai
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F88183B1-BD65-F87C-855F-BB7D1AA3AEA2}" = Catalyst Control Center Localization Norwegian
"{FC70949F-1417-A3F5-8E84-EBF5ACB93B58}" = Catalyst Control Center Localization Korean
"{FE22679C-7CE4-8633-CE7F-8122B52C52CF}" = Catalyst Control Center Localization Finnish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2012
"CANONIJPLM100" = PIXMA Extended Survey Program
"Diablo III" = Diablo III
"DriverAgent.exe" = DriverAgent by eSupport.com
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Trojan Remover_is1" = Trojan Remover 6.8.4
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-73586283-299502267-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}" = DealBook 360
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/26/2012 5:33:57 AM | Computer Name = SINHAN-939BBBD3 | Source = Application Hang | ID = 1002
Description = Hanging application Diablo III.exe, version 1.0.4.11327, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/26/2012 10:01:01 PM | Computer Name = SINHAN-939BBBD3 | Source = ESENT | ID = 490
Description = svchost (1172) An attempt to open the file "G:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 8/26/2012 10:53:01 PM | Computer Name = SINHAN-939BBBD3 | Source = Application Hang | ID = 1002
Description = Hanging application Microvolts.exe, version 0.8.11.18, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 8/28/2012 1:46:52 AM | Computer Name = SINHAN-939BBBD3 | Source = Application Error | ID = 1000
Description = Faulting application microvolts.exe, version 0.8.10.8, faulting module
, version 0.0.0.0, fault address 0x00000000.

[ System Events ]
Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The Ati HotKey Poller service terminated unexpectedly. It has done
this 1 time(s).

Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The Bing Bar Update Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The PIXMA Extended Survey Program service terminated unexpectedly.
It has done this 1 time(s).

Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The BBUpdate service terminated unexpectedly. It has done this 1
time(s).

Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 8/28/2012 8:48:32 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The Skype C2C Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 8/28/2012 8:48:33 PM | Computer Name = SINHAN-939BBBD3 | Source = Service Control Manager | ID = 7034
Description = The vToolbarUpdater12.2.0 service terminated unexpectedly. It has
done this 1 time(s).

Error - 8/30/2012 9:04:02 AM | Computer Name = SINHAN-939BBBD3 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.14 on
the Network Card with network address 0030670157CF.

Error - 8/30/2012 9:04:25 AM | Computer Name = SINHAN-939BBBD3 | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.14 on
the Network Card with network address 0030670157CF.

Error - 8/30/2012 9:42:46 PM | Computer Name = SINHAN-939BBBD3 | Source = DCOM | ID = 10010
Description = The server {CC957078-B838-47C4-A7CF-626E7A82FC58} did not register
with DCOM within the required timeout.

< End of report >

Edited by isayomg, 01 September 2012 - 06:19 AM.

#15
Essexboy

Posted 01 September 2012 - 09:43 AM

GeekU Moderator

Retired Staff
69,964 posts

OK lets replace the file that appears to be causing the crashes, also remove some redundant items

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following
Posted Image

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\WINDOWS\system32\XDva399.sys -- (XDva399)
O4 - Startup: G:\Documents and Settings\All Users\Start Menu\Programs\Startup\Imation Flash Detect.lnk = G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation\IFM\Imation Flash Detect.exe ()

:Files
G:\WINDOWS\system32\drivers\sr.sys|G:\WINDOWS\ServicePackFiles\i386\sr.sys /replace
G:\Documents and Settings\Sin Han\Local Settings\Application Data\Imation

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.