Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

i want my pc back [Solved]

Started by jr chambers , Jul 11 2013 10:09 PM

  • This topic is locked This topic is locked

#16
Jasmyne
Posted 14 July 2013 - 11:17 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
:blush: Oops, I'm sorry. Maybe this will help.

Attached File  scan.txt   127bytes   59 downloads
  • 0

Advertisements

#17
jr chambers
Posted 14 July 2013 - 12:07 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
Well....let me back things up a minute,
i had started your last request to load and use the OTLPE and it did not work, would not load. i thought maybe it was the hard drive order, so i changed it to be, 1st boot the usb,2nd the 1tb drive and 3rd the 500gig drive, would get me the black screen and state load media drive(or something to that affect). so i disabled both hard drives in the bios to see what would happen-hoping the usb/iso would boot, it did not, removed the stick and the pc loaded windows xp home addition (when i built the tower in 09 i had loaded xp home and xp pro64 on the 500 gig HD and never used it again. so i have a clean version of xp to use at the moment. so i went back to your first request to use the Kaspersky TDSSKiller and it worked all the way through and fixed a problem. the next step is to use the FRST. i had issue with that trying to access windows because of it asking for a password. so I'll stop here and post the TDSSKiller txt file and wait for your instructions, at least now i can use this pc just not yet on the win7 or xp pro64
Joel
13:31:30.0921 3496 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:31:31.0625 3496 ============================================================
13:31:31.0625 3496 Current date / time: 2013/07/14 13:31:31.0625
13:31:31.0625 3496 SystemInfo:
13:31:31.0625 3496
13:31:31.0625 3496 OS Version: 5.1.2600 ServicePack: 3.0
13:31:31.0625 3496 Product type: Workstation
13:31:31.0625 3496 ComputerName: ASUSMINI
13:31:31.0625 3496 UserName: Joel
13:31:31.0625 3496 Windows directory: C:\WINDOWS
13:31:31.0625 3496 System windows directory: C:\WINDOWS
13:31:31.0625 3496 Processor architecture: Intel x86
13:31:31.0625 3496 Number of processors: 4
13:31:31.0625 3496 Page size: 0x1000
13:31:31.0625 3496 Boot type: Normal boot
13:31:31.0625 3496 ============================================================
13:31:39.0687 3496 BG loaded
13:31:41.0250 3496 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:31:41.0921 3496 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:31:41.0937 3496 ============================================================
13:31:41.0937 3496 \Device\Harddisk0\DR0:
13:31:42.0187 3496 MBR partitions:
13:31:42.0187 3496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
13:31:42.0187 3496 \Device\Harddisk1\DR1:
13:31:42.0187 3496 MBR partitions:
13:31:42.0187 3496 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x15F90DA4
13:31:42.0187 3496 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x15F91000, BlocksNum 0x5E775000
13:31:42.0187 3496 ============================================================
13:31:43.0062 3496 C: <-> \Device\Harddisk0\DR0\Partition1
13:31:43.0093 3496 E: <-> \Device\Harddisk1\DR1\Partition1
13:31:43.0125 3496 F: <-> \Device\Harddisk1\DR1\Partition2
13:31:43.0125 3496 ============================================================
13:31:43.0125 3496 Initialize success
13:31:43.0125 3496 ============================================================
13:31:46.0671 3584 ============================================================
13:31:46.0671 3584 Scan started
13:31:46.0671 3584 Mode: Manual;
13:31:46.0671 3584 ============================================================
13:32:38.0906 3584 ================ Scan system memory ========================
13:32:38.0906 3584 System memory - ok
13:32:38.0906 3584 ================ Scan services =============================
13:32:41.0687 3584 Abiosdsk - ok
13:32:41.0687 3584 abp480n5 - ok
13:32:41.0734 3584 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:32:41.0750 3584 ACPI - ok
13:32:41.0843 3584 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:32:41.0843 3584 ACPIEC - ok
13:32:41.0843 3584 adpu160m - ok
13:32:41.0906 3584 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:32:41.0906 3584 aec - ok
13:32:42.0000 3584 [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:32:42.0000 3584 AFD - ok
13:32:42.0000 3584 Aha154x - ok
13:32:42.0000 3584 aic78u2 - ok
13:32:42.0000 3584 aic78xx - ok
13:32:42.0078 3584 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:32:42.0093 3584 Alerter - ok
13:32:42.0093 3584 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
13:32:42.0093 3584 ALG - ok
13:32:42.0109 3584 AliIde - ok
13:32:42.0109 3584 amsint - ok
13:32:42.0312 3584 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:32:42.0359 3584 AppMgmt - ok
13:32:42.0359 3584 asc - ok
13:32:42.0375 3584 asc3350p - ok
13:32:42.0375 3584 asc3550 - ok
13:32:42.0406 3584 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\WINDOWS\system32\drivers\AsIO.sys
13:32:42.0406 3584 AsIO - ok
13:32:42.0843 3584 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:32:42.0921 3584 aspnet_state - ok
13:32:42.0968 3584 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:32:42.0968 3584 AsyncMac - ok
13:32:43.0375 3584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:32:43.0375 3584 atapi - ok
13:32:43.0375 3584 Atdisk - ok
13:32:45.0484 3584 [ A08FDA1AA3B5F74F71895AE247AD9152 ] Ati HotKey Poller C:\WINDOWS\System32\Ati2evxx.exe
13:32:45.0484 3584 Ati HotKey Poller - ok
13:32:51.0781 3584 [ 20B10AF9D6A7EEBDAA5C0C9461EDAF7D ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:32:51.0796 3584 ati2mtag - ok
13:32:52.0140 3584 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:32:52.0156 3584 Atmarpc - ok
13:32:52.0781 3584 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:32:52.0812 3584 AudioSrv - ok
13:32:53.0906 3584 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:32:53.0906 3584 audstub - ok
13:32:54.0296 3584 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:32:54.0296 3584 Beep - ok
13:32:55.0875 3584 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
13:32:55.0906 3584 BITS - ok
13:32:56.0546 3584 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
13:32:56.0546 3584 Browser - ok
13:32:57.0796 3584 [ 42EBCE48178CE5D0998EB1CA62DB1E9B ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:32:57.0796 3584 btaudio - ok
13:32:58.0140 3584 [ 39309739BADD058C8F4B845D9A3C58D2 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:32:58.0140 3584 BTDriver - ok
13:32:58.0812 3584 [ C9253AB5F6611FA2CA5C914D0FE384C5 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:32:58.0812 3584 BTKRNL - ok
13:32:58.0812 3584 BTSERIAL - ok
13:32:58.0828 3584 BTSLBCSP - ok
13:32:59.0796 3584 [ A1E2ED3E0640999DE683367A4F716F61 ] btwdins C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
13:32:59.0812 3584 btwdins - ok
13:33:00.0140 3584 [ 9A794455B18D815DB25D991452D4266A ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:33:00.0140 3584 BTWDNDIS - ok
13:33:00.0171 3584 [ 843E656DB562FFFF197AFAF98042FACA ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:33:00.0171 3584 BTWUSB - ok
13:33:00.0453 3584 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:33:00.0468 3584 cbidf2k - ok
13:33:00.0812 3584 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:33:00.0812 3584 CCDECODE - ok
13:33:00.0812 3584 cd20xrnt - ok
13:33:01.0203 3584 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:33:01.0203 3584 Cdaudio - ok
13:33:01.0218 3584 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:33:01.0218 3584 Cdfs - ok
13:33:01.0234 3584 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:33:01.0234 3584 Cdrom - ok
13:33:01.0234 3584 Changer - ok
13:33:01.0578 3584 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:33:01.0578 3584 CiSvc - ok
13:33:01.0906 3584 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:33:01.0906 3584 ClipSrv - ok
13:33:01.0953 3584 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:33:02.0671 3584 clr_optimization_v2.0.50727_32 - ok
13:33:02.0671 3584 CmdIde - ok
13:33:03.0000 3584 COMSysApp - ok
13:33:03.0000 3584 Cpqarray - ok
13:33:03.0328 3584 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:33:03.0328 3584 CryptSvc - ok
13:33:03.0328 3584 dac2w2k - ok
13:33:03.0328 3584 dac960nt - ok
13:33:03.0953 3584 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:33:03.0953 3584 DcomLaunch - ok
13:33:04.0281 3584 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:33:04.0281 3584 Dhcp - ok
13:33:04.0312 3584 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:33:04.0593 3584 Disk - ok
13:33:04.0593 3584 dmadmin - ok
13:33:05.0187 3584 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:33:05.0734 3584 dmboot - ok
13:33:06.0093 3584 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:33:06.0093 3584 dmio - ok
13:33:06.0437 3584 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:33:06.0437 3584 dmload - ok
13:33:06.0781 3584 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:33:06.0781 3584 dmserver - ok
13:33:06.0781 3584 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:33:06.0781 3584 DMusic - ok
13:33:07.0109 3584 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:33:07.0109 3584 Dnscache - ok
13:33:07.0171 3584 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:33:07.0453 3584 Dot3svc - ok
13:33:07.0453 3584 dpti2o - ok
13:33:07.0875 3584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:33:07.0875 3584 drmkaud - ok
13:33:07.0937 3584 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:33:07.0937 3584 EapHost - ok
13:33:08.0328 3584 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:33:08.0328 3584 ERSvc - ok
13:33:08.0781 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
13:33:08.0781 3584 Eventlog - ok
13:33:09.0171 3584 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
13:33:09.0171 3584 EventSystem - ok
13:33:09.0468 3584 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:33:09.0484 3584 Fastfat - ok
13:33:09.0765 3584 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:33:10.0046 3584 FastUserSwitchingCompatibility - ok
13:33:10.0078 3584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:33:10.0078 3584 Fdc - ok
13:33:10.0093 3584 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:33:10.0093 3584 Fips - ok
13:33:10.0125 3584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:33:10.0125 3584 Flpydisk - ok
13:33:10.0437 3584 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:33:10.0453 3584 FltMgr - ok
13:33:11.0093 3584 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:33:11.0093 3584 FontCache3.0.0.0 - ok
13:33:11.0109 3584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:33:11.0109 3584 Fs_Rec - ok
13:33:11.0125 3584 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:33:11.0390 3584 Ftdisk - ok
13:33:11.0421 3584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:33:11.0421 3584 Gpc - ok
13:33:11.0687 3584 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:33:11.0687 3584 HDAudBus - ok
13:33:12.0062 3584 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:33:12.0062 3584 helpsvc - ok
13:33:12.0062 3584 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:33:12.0062 3584 HidServ - ok
13:33:12.0390 3584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:33:12.0390 3584 hidusb - ok
13:33:12.0421 3584 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:33:12.0687 3584 hkmsvc - ok
13:33:12.0687 3584 hpn - ok
13:33:13.0031 3584 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
13:33:13.0031 3584 HPZid412 - ok
13:33:13.0359 3584 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
13:33:13.0359 3584 HPZipr12 - ok
13:33:13.0390 3584 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
13:33:13.0390 3584 HPZius12 - ok
13:33:14.0062 3584 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:33:14.0062 3584 HTTP - ok
13:33:14.0375 3584 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:33:14.0390 3584 HTTPFilter - ok
13:33:14.0390 3584 i2omgmt - ok
13:33:14.0390 3584 i2omp - ok
13:33:14.0656 3584 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
13:33:14.0656 3584 i8042prt - ok
13:33:15.0359 3584 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:33:16.0046 3584 idsvc - ok
13:33:16.0078 3584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:33:16.0078 3584 Imapi - ok
13:33:16.0453 3584 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\System32\imapi.exe
13:33:16.0453 3584 ImapiService - ok
13:33:16.0453 3584 ini910u - ok
13:33:19.0140 3584 [ FB4293B1EAB313C28D4A1B8DB61ACA72 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:33:19.0171 3584 IntcAzAudAddService - ok
13:33:19.0171 3584 IntelIde - ok
13:33:19.0484 3584 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:33:19.0484 3584 ip6fw - ok
13:33:19.0500 3584 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:33:19.0796 3584 IpFilterDriver - ok
13:33:19.0812 3584 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:33:19.0812 3584 IpInIp - ok
13:33:20.0156 3584 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:33:20.0156 3584 IpNat - ok
13:33:20.0171 3584 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:33:20.0171 3584 IPSec - ok
13:33:20.0187 3584 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:33:20.0187 3584 IRENUM - ok
13:33:20.0515 3584 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:33:20.0531 3584 isapnp - ok
13:33:20.0578 3584 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:33:20.0578 3584 Kbdclass - ok
13:33:20.0859 3584 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:33:20.0859 3584 kbdhid - ok
13:33:20.0875 3584 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:33:20.0875 3584 kmixer - ok
13:33:21.0265 3584 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:33:21.0265 3584 KSecDD - ok
13:33:21.0281 3584 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:33:21.0281 3584 lanmanserver - ok
13:33:21.0593 3584 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:33:21.0593 3584 lanmanworkstation - ok
13:33:21.0609 3584 lbrtfdc - ok
13:33:21.0890 3584 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:33:21.0890 3584 LmHosts - ok
13:33:21.0906 3584 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:33:22.0171 3584 Messenger - ok
13:33:22.0250 3584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:33:22.0250 3584 mnmdd - ok
13:33:22.0281 3584 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
13:33:22.0562 3584 mnmsrvc - ok
13:33:22.0593 3584 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:33:22.0593 3584 Modem - ok
13:33:22.0875 3584 [ C741717B0A18813DD7D12085937CEE72 ] motccgp C:\WINDOWS\system32\DRIVERS\motccgp.sys
13:33:22.0875 3584 motccgp - ok
13:33:23.0218 3584 [ B812DA6605CAF02641312F1F65C75419 ] motccgpfl C:\WINDOWS\system32\DRIVERS\motccgpfl.sys
13:33:23.0250 3584 motccgpfl - ok
13:33:23.0265 3584 [ E190ED75BCC7928143F8F2AF4C34D91D ] MotDev C:\WINDOWS\system32\DRIVERS\motodrv.sys
13:33:23.0265 3584 MotDev - ok
13:33:23.0562 3584 [ 54FEE02961C70FD9D4D7E2F87AFA23FA ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
13:33:23.0562 3584 motmodem - ok
13:33:23.0906 3584 [ BB9DE58AC6513DA62C005D92E2DB4981 ] MotoConnect Service C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
13:33:23.0906 3584 MotoConnect Service - ok
13:33:24.0250 3584 [ 54FEE02961C70FD9D4D7E2F87AFA23FA ] motport C:\WINDOWS\system32\DRIVERS\motport.sys
13:33:24.0265 3584 motport - ok
13:33:24.0265 3584 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:33:24.0265 3584 Mouclass - ok
13:33:24.0593 3584 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:33:24.0593 3584 mouhid - ok
13:33:24.0640 3584 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:33:24.0890 3584 MountMgr - ok
13:33:24.0890 3584 mraid35x - ok
13:33:25.0234 3584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:33:25.0234 3584 MRxDAV - ok
13:33:25.0562 3584 [ 421F7B922CEC5A5F340E7574A98F7B7C ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:33:25.0562 3584 MRxSmb - ok
13:33:25.0859 3584 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:33:25.0859 3584 MSDTC - ok
13:33:26.0156 3584 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:33:26.0156 3584 Msfs - ok
13:33:26.0171 3584 MSIServer - ok
13:33:26.0468 3584 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:33:26.0468 3584 MSKSSRV - ok
13:33:26.0484 3584 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:33:26.0734 3584 MSPCLOCK - ok
13:33:26.0734 3584 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:33:26.0734 3584 MSPQM - ok
13:33:27.0062 3584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:33:27.0062 3584 mssmbios - ok
13:33:27.0093 3584 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:33:27.0093 3584 MSTEE - ok
13:33:27.0125 3584 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
13:33:27.0125 3584 MTsensor - ok
13:33:27.0421 3584 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:33:27.0453 3584 Mup - ok
13:33:27.0468 3584 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:33:27.0734 3584 NABTSFEC - ok
13:33:28.0093 3584 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:33:28.0375 3584 napagent - ok
13:33:28.0687 3584 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:33:28.0687 3584 NDIS - ok
13:33:29.0000 3584 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:33:29.0015 3584 NdisIP - ok
13:33:29.0031 3584 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:33:29.0031 3584 NdisTapi - ok
13:33:29.0046 3584 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:33:29.0046 3584 Ndisuio - ok
13:33:29.0375 3584 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:33:29.0375 3584 NdisWan - ok
13:33:29.0375 3584 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:33:29.0375 3584 NDProxy - ok
13:33:29.0656 3584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:33:29.0656 3584 NetBIOS - ok
13:33:29.0687 3584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:33:29.0687 3584 NetBT - ok
13:33:30.0015 3584 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
13:33:30.0031 3584 NetDDE - ok
13:33:30.0031 3584 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:33:30.0031 3584 NetDDEdsdm - ok
13:33:30.0375 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\System32\lsass.exe
13:33:30.0375 3584 Netlogon - ok
13:33:30.0671 3584 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
13:33:30.0671 3584 Netman - ok
13:33:31.0015 3584 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:33:31.0015 3584 NetTcpPortSharing - ok
13:33:31.0343 3584 [ 832E4DD8964AB7ACC880B2837CB1ED20 ] Nla C:\WINDOWS\System32\mswsock.dll
13:33:31.0343 3584 Nla - ok
13:33:31.0640 3584 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:33:31.0640 3584 Npfs - ok
13:33:31.0921 3584 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:33:32.0250 3584 Ntfs - ok
13:33:32.0515 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
13:33:32.0515 3584 NtLmSsp - ok
13:33:32.0843 3584 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:33:33.0171 3584 NtmsSvc - ok
13:33:33.0812 3584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:33:33.0812 3584 Null - ok
13:33:33.0828 3584 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:33:33.0828 3584 NwlnkFlt - ok
13:33:34.0140 3584 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:33:34.0140 3584 NwlnkFwd - ok
13:33:34.0437 3584 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:33:34.0437 3584 Parport - ok
13:33:34.0484 3584 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:33:34.0796 3584 PartMgr - ok
13:33:34.0828 3584 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:33:34.0828 3584 ParVdm - ok
13:33:34.0828 3584 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:33:35.0093 3584 PCI - ok
13:33:35.0093 3584 PCIDump - ok
13:33:35.0453 3584 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:33:35.0453 3584 PCIIde - ok
13:33:35.0781 3584 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:33:35.0781 3584 Pcmcia - ok
13:33:35.0781 3584 PDCOMP - ok
13:33:35.0796 3584 PDFRAME - ok
13:33:35.0796 3584 PDRELI - ok
13:33:35.0796 3584 PDRFRAME - ok
13:33:35.0812 3584 perc2 - ok
13:33:35.0812 3584 perc2hib - ok
13:33:36.0093 3584 [ E6712585EAA6D44CF9B86116BC0A5419 ] PLCND532 C:\WINDOWS\system32\Drivers\PLCND532.sys
13:33:36.0093 3584 PLCND532 - ok
13:33:36.0125 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
13:33:36.0125 3584 PlugPlay - ok
13:33:36.0437 3584 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
13:33:36.0437 3584 Pml Driver HPZ12 - ok
13:33:36.0734 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
13:33:36.0734 3584 PolicyAgent - ok
13:33:36.0750 3584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:33:36.0750 3584 PptpMiniport - ok
13:33:37.0000 3584 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:33:37.0000 3584 Processor - ok
13:33:37.0015 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:33:37.0015 3584 ProtectedStorage - ok
13:33:37.0031 3584 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:33:37.0031 3584 PSched - ok
13:33:37.0343 3584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:33:37.0343 3584 Ptilink - ok
13:33:37.0687 3584 [ 7C81AE3C9B82BA2DA437ED4D31BC56CF ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:33:37.0687 3584 PxHelp20 - ok
13:33:37.0687 3584 ql1080 - ok
13:33:37.0687 3584 Ql10wnt - ok
13:33:37.0687 3584 ql12160 - ok
13:33:37.0703 3584 ql1240 - ok
13:33:37.0703 3584 ql1280 - ok
13:33:38.0031 3584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:33:38.0031 3584 RasAcd - ok
13:33:38.0093 3584 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:33:38.0140 3584 RasAuto - ok
13:33:38.0500 3584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:33:38.0500 3584 Rasl2tp - ok
13:33:40.0359 3584 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:33:41.0468 3584 RasMan - ok
13:33:43.0234 3584 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:34:20.0875 3584 RasPppoe - ok
13:34:23.0531 3584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:34:32.0187 3584 Raspti - ok
13:34:32.0218 3584 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:34:32.0218 3584 Rdbss - ok
13:34:32.0546 3584 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:34:32.0546 3584 RDPCDD - ok
13:34:32.0734 3584 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:34:32.0734 3584 rdpdr - ok
13:34:32.0843 3584 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:34:32.0859 3584 RDPWD - ok
13:34:33.0015 3584 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:34:33.0015 3584 RDSessMgr - ok
13:34:33.0093 3584 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:34:33.0093 3584 redbook - ok
13:34:33.0156 3584 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:34:33.0218 3584 RemoteAccess - ok
13:34:33.0234 3584 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:34:33.0250 3584 RemoteRegistry - ok
13:34:33.0562 3584 [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:34:33.0562 3584 RichVideo - ok
13:34:33.0625 3584 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
13:34:33.0640 3584 RpcLocator - ok
13:34:33.0812 3584 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:34:33.0812 3584 RpcSs - ok
13:34:33.0843 3584 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
13:34:34.0140 3584 RSVP - ok
13:34:35.0890 3584 [ FFFDFA85CF01DEE5457F4EA41FD9ED04 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMI.sys
13:34:35.0906 3584 RTHDMIAzAudService - ok
13:34:36.0218 3584 [ 185641AD7E80BFCE0AA545D3EC79D557 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:34:36.0218 3584 RTLE8023xp - ok
13:34:36.0546 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
13:34:36.0546 3584 SamSs - ok
13:34:36.0562 3584 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:34:36.0578 3584 SCardSvr - ok
13:34:36.0781 3584 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:34:36.0796 3584 Schedule - ok
13:34:37.0296 3584 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:34:37.0296 3584 Secdrv - ok
13:34:37.0328 3584 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:34:37.0328 3584 seclogon - ok
13:34:37.0734 3584 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
13:34:37.0734 3584 SENS - ok
13:34:38.0093 3584 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:34:38.0093 3584 serenum - ok
13:34:38.0171 3584 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:34:38.0171 3584 Serial - ok
13:34:38.0234 3584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:34:38.0234 3584 Sfloppy - ok
13:34:38.0937 3584 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:34:38.0937 3584 SharedAccess - ok
13:34:39.0312 3584 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:34:39.0312 3584 ShellHWDetection - ok
13:34:39.0312 3584 Simbad - ok
13:34:39.0625 3584 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:34:39.0671 3584 SLIP - ok
13:34:43.0546 3584 [ E5ED59A5840D43ED0F6B00E0AEB4376D ] SNPPRO C:\WINDOWS\system32\DRIVERS\snppro.sys
13:34:43.0578 3584 SNPPRO - ok
13:34:43.0593 3584 Sparrow - ok
13:34:43.0796 3584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:34:43.0796 3584 splitter - ok
13:34:43.0921 3584 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:34:43.0921 3584 Spooler - ok
13:34:44.0390 3584 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:34:44.0390 3584 sr - ok
13:34:44.0421 3584 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
13:34:44.0421 3584 srservice - ok
13:34:44.0859 3584 [ 89220B427890AA1DFFD1A02648AE51C3 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:34:44.0859 3584 Srv - ok
13:34:45.0296 3584 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:34:45.0296 3584 SSDPSRV - ok
13:34:45.0812 3584 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:34:45.0812 3584 stisvc - ok
13:34:46.0125 3584 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:34:46.0125 3584 streamip - ok
13:34:46.0156 3584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:34:46.0156 3584 swenum - ok
13:34:46.0500 3584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:34:46.0500 3584 swmidi - ok
13:34:46.0500 3584 SwPrv - ok
13:34:46.0500 3584 symc810 - ok
13:34:46.0515 3584 symc8xx - ok
13:34:46.0515 3584 sym_hi - ok
13:34:46.0515 3584 sym_u3 - ok
13:34:46.0765 3584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:34:46.0765 3584 sysaudio - ok
13:34:46.0828 3584 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:34:47.0140 3584 SysmonLog - ok
13:34:47.0265 3584 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:34:47.0265 3584 TapiSrv - ok
13:34:47.0593 3584 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:34:47.0593 3584 Tcpip - ok
13:34:47.0937 3584 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:34:48.0265 3584 TDPIPE - ok
13:34:48.0328 3584 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:34:48.0328 3584 TDTCP - ok
13:34:48.0687 3584 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:34:48.0687 3584 TermDD - ok
13:34:49.0062 3584 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
13:34:49.0062 3584 TermService - ok
13:34:49.0640 3584 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:34:49.0640 3584 Themes - ok
13:34:49.0718 3584 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
13:34:50.0109 3584 TlntSvr - ok
13:34:50.0109 3584 TosIde - ok
13:34:50.0171 3584 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:34:50.0171 3584 TrkWks - ok
13:34:50.0500 3584 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:34:50.0500 3584 Udfs - ok
13:34:50.0500 3584 ultra - ok
13:34:50.0937 3584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:34:50.0937 3584 Update - ok
13:34:51.0359 3584 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:34:51.0359 3584 upnphost - ok
13:34:51.0796 3584 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
13:34:51.0796 3584 UPS - ok
13:34:52.0156 3584 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
13:34:52.0156 3584 usbaudio - ok
13:34:52.0234 3584 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:34:52.0234 3584 usbccgp - ok
13:34:52.0250 3584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:34:52.0250 3584 usbehci - ok
13:34:52.0546 3584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:34:52.0546 3584 usbhub - ok
13:34:52.0687 3584 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:34:52.0687 3584 usbohci - ok
13:34:53.0187 3584 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:34:53.0187 3584 usbprint - ok
13:34:53.0187 3584 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:34:53.0187 3584 usbscan - ok
13:34:53.0546 3584 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:34:53.0546 3584 USBSTOR - ok
13:34:53.0890 3584 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:34:53.0890 3584 usbvideo - ok
13:34:53.0906 3584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:34:53.0906 3584 VgaSave - ok
13:34:53.0906 3584 ViaIde - ok
13:34:54.0312 3584 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:34:54.0328 3584 VolSnap - ok
13:34:54.0328 3584 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
13:34:54.0625 3584 VSS - ok
13:34:54.0921 3584 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
13:34:54.0921 3584 W32Time - ok
13:34:55.0156 3584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:34:55.0156 3584 Wanarp - ok
13:34:55.0718 3584 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:34:56.0093 3584 Wdf01000 - ok
13:34:56.0093 3584 WDICA - ok
13:34:56.0453 3584 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:34:56.0453 3584 wdmaud - ok
13:34:56.0609 3584 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:34:56.0609 3584 WebClient - ok
13:34:57.0734 3584 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:34:57.0734 3584 winmgmt - ok
13:34:58.0531 3584 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:34:58.0546 3584 WmdmPmSN - ok
13:34:58.0937 3584 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:34:58.0937 3584 Wmi - ok
13:34:59.0687 3584 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:34:59.0687 3584 WmiAcpi - ok
13:34:59.0765 3584 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:34:59.0796 3584 WmiApSrv - ok
13:35:00.0796 3584 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:35:02.0531 3584 WMPNetworkSvc - ok
13:35:03.0609 3584 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:35:03.0625 3584 wscsvc - ok
13:35:04.0031 3584 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:35:04.0031 3584 WSTCODEC - ok
13:35:04.0468 3584 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:35:04.0484 3584 wuauserv - ok
13:35:05.0140 3584 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:35:05.0156 3584 WudfPf - ok
13:35:05.0765 3584 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:35:05.0765 3584 WudfRd - ok
13:35:06.0171 3584 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:35:06.0203 3584 WudfSvc - ok
13:35:06.0375 3584 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:35:06.0375 3584 WZCSVC - ok
13:35:06.0484 3584 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:35:06.0500 3584 xmlprov - ok
13:35:06.0515 3584 ================ Scan global ===============================
13:35:06.0546 3584 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:35:06.0875 3584 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
13:35:06.0890 3584 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
13:35:06.0921 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:35:06.0921 3584 [Global] - ok
13:35:06.0921 3584 ================ Scan MBR ==================================
13:35:06.0953 3584 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
13:35:08.0468 3584 \Device\Harddisk0\DR0 - ok
13:35:08.0984 3584 [ C3C93F1CA51BBACBABEA804D2CC62CA1 ] \Device\Harddisk1\DR1
13:35:09.0015 3584 \Device\Harddisk1\DR1 ( Rootkit.Boot.Harbinger.a ) - infected
13:35:09.0015 3584 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Harbinger.a (0)
13:35:09.0031 3584 ================ Scan VBR ==================================
13:35:09.0078 3584 [ D87692FFC02C0C9AB3704E17160D82F0 ] \Device\Harddisk0\DR0\Partition1
13:35:09.0078 3584 \Device\Harddisk0\DR0\Partition1 - ok
13:35:09.0078 3584 [ FE165168FF47341B823AC1413A57F319 ] \Device\Harddisk1\DR1\Partition1
13:35:09.0078 3584 \Device\Harddisk1\DR1\Partition1 - ok
13:35:09.0109 3584 [ AE40256D8926D872ACE7323B09980E9A ] \Device\Harddisk1\DR1\Partition2
13:35:09.0109 3584 \Device\Harddisk1\DR1\Partition2 - ok
13:35:09.0109 3584 ================ Scan active images ========================
13:35:09.0125 3584 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
13:35:09.0125 3584 C:\WINDOWS\system32\drivers\processr.sys - ok
13:35:09.0125 3584 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
13:35:09.0125 3584 C:\WINDOWS\system32\drivers\videoprt.sys - ok
13:35:09.0125 3584 [ 20B10AF9D6A7EEBDAA5C0C9461EDAF7D ] C:\WINDOWS\system32\drivers\ati2mtag.sys
13:35:09.0125 3584 C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
13:35:09.0140 3584 [ 3FCC124B6E08EE0E9351F717DD136939 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
13:35:09.0140 3584 C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
13:35:09.0140 3584 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
13:35:09.0140 3584 C:\WINDOWS\system32\drivers\imapi.sys - ok
13:35:09.0140 3584 [ 185641AD7E80BFCE0AA545D3EC79D557 ] C:\WINDOWS\system32\drivers\Rtenicxp.sys
13:35:09.0140 3584 C:\WINDOWS\system32\drivers\Rtenicxp.sys - ok
13:35:09.0156 3584 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
13:35:09.0156 3584 C:\WINDOWS\system32\drivers\cdrom.sys - ok
13:35:09.0156 3584 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
13:35:09.0156 3584 C:\WINDOWS\system32\drivers\ks.sys - ok
13:35:09.0156 3584 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
13:35:09.0156 3584 C:\WINDOWS\system32\drivers\redbook.sys - ok
13:35:09.0171 3584 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
13:35:09.0171 3584 C:\WINDOWS\system32\drivers\usbport.sys - ok
13:35:09.0171 3584 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
13:35:09.0171 3584 C:\WINDOWS\system32\drivers\usbehci.sys - ok
13:35:09.0171 3584 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
13:35:09.0171 3584 C:\WINDOWS\system32\drivers\usbohci.sys - ok
13:35:09.0187 3584 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
13:35:09.0250 3584 C:\WINDOWS\system32\drivers\parport.sys - ok
13:35:09.0250 3584 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
13:35:09.0250 3584 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
13:35:09.0265 3584 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
13:35:09.0265 3584 C:\WINDOWS\system32\drivers\serenum.sys - ok
13:35:09.0265 3584 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
13:35:09.0265 3584 C:\WINDOWS\system32\drivers\serial.sys - ok
13:35:09.0265 3584 [ C42584FD66CE9E17403AEBCA199F7BDB ] C:\WINDOWS\system32\drivers\wmiacpi.sys
13:35:09.0265 3584 C:\WINDOWS\system32\drivers\wmiacpi.sys - ok
13:35:09.0281 3584 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
13:35:09.0281 3584 C:\WINDOWS\system32\drivers\audstub.sys - ok
13:35:09.0281 3584 [ C9253AB5F6611FA2CA5C914D0FE384C5 ] C:\WINDOWS\system32\drivers\btkrnl.sys
13:35:09.0281 3584 C:\WINDOWS\system32\drivers\btkrnl.sys - ok
13:35:09.0296 3584 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
13:35:09.0296 3584 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
13:35:09.0296 3584 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys
13:35:09.0296 3584 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
13:35:09.0296 3584 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
13:35:09.0296 3584 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
13:35:09.0312 3584 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
13:35:09.0312 3584 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
13:35:09.0312 3584 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
13:35:09.0312 3584 C:\WINDOWS\system32\drivers\raspptp.sys - ok
13:35:09.0312 3584 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
13:35:09.0312 3584 C:\WINDOWS\system32\drivers\tdi.sys - ok
13:35:09.0328 3584 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
13:35:09.0328 3584 C:\WINDOWS\system32\drivers\psched.sys - ok
13:35:09.0328 3584 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
13:35:09.0328 3584 C:\WINDOWS\system32\drivers\msgpc.sys - ok
13:35:09.0328 3584 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
13:35:09.0328 3584 C:\WINDOWS\system32\drivers\ptilink.sys - ok
13:35:09.0343 3584 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
13:35:09.0343 3584 C:\WINDOWS\system32\drivers\raspti.sys - ok
13:35:09.0343 3584 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
13:35:09.0343 3584 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
13:35:09.0343 3584 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
13:35:09.0343 3584 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
13:35:09.0359 3584 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
13:35:09.0359 3584 C:\WINDOWS\system32\drivers\mouclass.sys - ok
13:35:09.0359 3584 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
13:35:09.0359 3584 C:\WINDOWS\system32\drivers\termdd.sys - ok
13:35:09.0359 3584 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
13:35:09.0359 3584 C:\WINDOWS\system32\drivers\swenum.sys - ok
13:35:09.0375 3584 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
13:35:09.0375 3584 C:\WINDOWS\system32\drivers\update.sys - ok
13:35:09.0375 3584 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
13:35:09.0375 3584 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
13:35:09.0375 3584 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
13:35:09.0375 3584 C:\WINDOWS\system32\drivers\usbd.sys - ok
13:35:09.0390 3584 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
13:35:09.0390 3584 C:\WINDOWS\system32\drivers\usbhub.sys - ok
13:35:09.0390 3584 [ 6215023940CFD3702B46ABC304E1D45A ] C:\WINDOWS\system32\drivers\ndproxy.sys
13:35:09.0390 3584 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
13:35:09.0390 3584 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
13:35:09.0390 3584 C:\WINDOWS\system32\drivers\drmk.sys - ok
13:35:09.0406 3584 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
13:35:09.0406 3584 C:\WINDOWS\system32\drivers\portcls.sys - ok
13:35:09.0406 3584 [ FFFDFA85CF01DEE5457F4EA41FD9ED04 ] C:\WINDOWS\system32\drivers\RtHDMI.sys
13:35:09.0406 3584 C:\WINDOWS\system32\drivers\RtHDMI.sys - ok
13:35:09.0421 3584 [ FB4293B1EAB313C28D4A1B8DB61ACA72 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:35:09.0421 3584 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok
13:35:09.0421 3584 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
13:35:09.0421 3584 C:\WINDOWS\system32\drivers\fdc.sys - ok
13:35:09.0421 3584 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
13:35:09.0421 3584 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
13:35:09.0437 3584 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
13:35:09.0437 3584 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
13:35:09.0437 3584 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
13:35:09.0437 3584 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
13:35:09.0437 3584 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
13:35:09.0437 3584 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
13:35:09.0453 3584 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
13:35:09.0453 3584 C:\WINDOWS\system32\drivers\null.sys - ok
13:35:09.0453 3584 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
13:35:09.0453 3584 C:\WINDOWS\system32\drivers\beep.sys - ok
13:35:09.0453 3584 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
13:35:09.0453 3584 C:\WINDOWS\system32\drivers\hidparse.sys - ok
13:35:09.0468 3584 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
13:35:09.0468 3584 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
13:35:09.0468 3584 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
13:35:09.0468 3584 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
13:35:09.0468 3584 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
13:35:09.0468 3584 C:\WINDOWS\system32\drivers\vga.sys - ok
13:35:09.0484 3584 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
13:35:09.0484 3584 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
13:35:09.0484 3584 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
13:35:09.0484 3584 C:\WINDOWS\system32\drivers\msfs.sys - ok
13:35:09.0500 3584 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
13:35:09.0500 3584 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
13:35:09.0500 3584 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
13:35:09.0500 3584 C:\WINDOWS\system32\drivers\npfs.sys - ok
13:35:09.0500 3584 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
13:35:09.0500 3584 C:\WINDOWS\system32\drivers\rasacd.sys - ok
13:35:09.0515 3584 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
13:35:09.0515 3584 C:\WINDOWS\system32\drivers\ipsec.sys - ok
13:35:09.0515 3584 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
13:35:09.0515 3584 C:\WINDOWS\system32\drivers\tcpip.sys - ok
13:35:09.0515 3584 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
13:35:09.0515 3584 C:\WINDOWS\system32\drivers\ipnat.sys - ok
13:35:09.0531 3584 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
13:35:09.0531 3584 C:\WINDOWS\system32\drivers\netbt.sys - ok
13:35:09.0531 3584 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
13:35:09.0531 3584 C:\WINDOWS\system32\drivers\wanarp.sys - ok
13:35:09.0531 3584 [ 7E775010EF291DA96AD17CA4B17137D7 ] C:\WINDOWS\system32\drivers\afd.sys
13:35:09.0531 3584 C:\WINDOWS\system32\drivers\afd.sys - ok
13:35:09.0546 3584 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
13:35:09.0546 3584 C:\WINDOWS\system32\drivers\netbios.sys - ok
13:35:09.0546 3584 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
13:35:09.0546 3584 C:\WINDOWS\system32\drivers\rdbss.sys - ok
13:35:09.0546 3584 [ 421F7B922CEC5A5F340E7574A98F7B7C ] C:\WINDOWS\system32\drivers\mrxsmb.sys
13:35:09.0546 3584 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
13:35:09.0562 3584 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
13:35:09.0562 3584 C:\WINDOWS\system32\drivers\fips.sys - ok
13:35:09.0562 3584 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] C:\WINDOWS\system32\drivers\AsIO.sys
13:35:09.0562 3584 C:\WINDOWS\system32\drivers\AsIO.sys - ok
13:35:09.0578 3584 [ 843E656DB562FFFF197AFAF98042FACA ] C:\WINDOWS\system32\drivers\btwusb.sys
13:35:09.0578 3584 C:\WINDOWS\system32\drivers\btwusb.sys - ok
13:35:09.0578 3584 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
13:35:09.0578 3584 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
13:35:09.0578 3584 [ 911DDF2E16761643A47225F654D811E5 ] C:\WINDOWS\system32\ntdll.dll
13:35:09.0578 3584 C:\WINDOWS\system32\ntdll.dll - ok
13:35:09.0593 3584 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
13:35:09.0593 3584 C:\WINDOWS\system32\smss.exe - ok
13:35:09.0593 3584 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
13:35:09.0593 3584 C:\WINDOWS\system32\autochk.exe - ok
13:35:09.0593 3584 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
13:35:09.0593 3584 C:\WINDOWS\system32\drivers\hidclass.sys - ok
13:35:09.0609 3584 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
13:35:09.0609 3584 C:\WINDOWS\system32\drivers\hidusb.sys - ok
13:35:09.0609 3584 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] C:\WINDOWS\system32\drivers\usbvideo.sys
13:35:09.0609 3584 C:\WINDOWS\system32\drivers\usbvideo.sys - ok
13:35:09.0609 3584 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
13:35:09.0609 3584 C:\WINDOWS\system32\drivers\mouhid.sys - ok
13:35:09.0625 3584 [ E919708DB44ED8543A7C017953148330 ] C:\WINDOWS\system32\drivers\USBAUDIO.sys
13:35:09.0625 3584 C:\WINDOWS\system32\drivers\USBAUDIO.sys - ok
13:35:09.0625 3584 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
13:35:09.0625 3584 C:\WINDOWS\system32\sfcfiles.dll - ok
13:35:09.0625 3584 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
13:35:09.0625 3584 C:\WINDOWS\system32\drivers\cdfs.sys - ok
13:35:09.0640 3584 [ 42EBCE48178CE5D0998EB1CA62DB1E9B ] C:\WINDOWS\system32\drivers\btaudio.sys
13:35:09.0640 3584 C:\WINDOWS\system32\drivers\btaudio.sys - ok
13:35:09.0640 3584 [ 39309739BADD058C8F4B845D9A3C58D2 ] C:\WINDOWS\system32\drivers\btport.sys
13:35:09.0640 3584 C:\WINDOWS\system32\drivers\btport.sys - ok
13:35:09.0640 3584 [ 9A794455B18D815DB25D991452D4266A ] C:\WINDOWS\system32\drivers\btwdndis.sys
13:35:09.0640 3584 C:\WINDOWS\system32\drivers\btwdndis.sys - ok
13:35:09.0656 3584 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
13:35:09.0656 3584 C:\WINDOWS\system32\drivers\wmilib.sys - ok
13:35:09.0656 3584 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
13:35:09.0656 3584 C:\WINDOWS\system32\drivers\atapi.sys - ok
13:35:09.0656 3584 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
13:35:09.0656 3584 C:\WINDOWS\system32\drivers\dxapi.sys - ok
13:35:09.0671 3584 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
13:35:09.0671 3584 C:\WINDOWS\system32\watchdog.sys - ok
13:35:09.0671 3584 [ 51C5B2BC37AE9EC5FED75B4AEEE04B18 ] C:\WINDOWS\system32\csrsrv.dll
13:35:09.0671 3584 C:\WINDOWS\system32\csrsrv.dll - ok
13:35:09.0687 3584 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
13:35:09.0687 3584 C:\WINDOWS\system32\csrss.exe - ok
13:35:09.0687 3584 [ 716ED09D8D9A9E1E4A03549B32B68186 ] C:\WINDOWS\system32\win32k.sys
13:35:09.0687 3584 C:\WINDOWS\system32\win32k.sys - ok
13:35:09.0687 3584 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
13:35:09.0687 3584 C:\WINDOWS\system32\basesrv.dll - ok
13:35:09.0703 3584 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
13:35:09.0703 3584 C:\WINDOWS\system32\winsrv.dll - ok
13:35:09.0703 3584 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
13:35:09.0703 3584 C:\WINDOWS\system32\gdi32.dll - ok
13:35:09.0703 3584 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
13:35:09.0703 3584 C:\WINDOWS\system32\kernel32.dll - ok
13:35:09.0718 3584 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
13:35:09.0718 3584 C:\WINDOWS\system32\user32.dll - ok
13:35:09.0718 3584 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
13:35:09.0718 3584 C:\WINDOWS\system32\drivers\dxg.sys - ok
13:35:09.0718 3584 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
13:35:09.0718 3584 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
13:35:09.0734 3584 [ 89E2337E3DF05A94BDE2A247EF423FBC ] C:\WINDOWS\system32\ati2dvag.dll
13:35:09.0734 3584 C:\WINDOWS\system32\ati2dvag.dll - ok
13:35:09.0734 3584 [ 7080AC008431E39B4CA28CBD1B65DD35 ] C:\WINDOWS\system32\ati2cqag.dll
13:35:09.0734 3584 C:\WINDOWS\system32\ati2cqag.dll - ok
13:35:09.0734 3584 [ 8CC331656454FC71ED27DA784BCE6E08 ] C:\WINDOWS\system32\atikvmag.dll
13:35:09.0734 3584 C:\WINDOWS\system32\atikvmag.dll - ok
13:35:09.0750 3584 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
13:35:09.0750 3584 C:\WINDOWS\system32\vga.dll - ok
13:35:09.0750 3584 [ FF96B2823B005A5853B4D76909739B8A ] C:\WINDOWS\system32\atiok3x2.dll
13:35:09.0750 3584 C:\WINDOWS\system32\atiok3x2.dll - ok
13:35:09.0765 3584 [ 459DAB33AA3FF883871F56DC570B2DAE ] C:\WINDOWS\system32\ati3duag.dll
13:35:09.0765 3584 C:\WINDOWS\system32\ati3duag.dll - ok
13:35:09.0765 3584 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
13:35:09.0765 3584 C:\WINDOWS\system32\winlogon.exe - ok
13:35:09.0765 3584 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
13:35:09.0765 3584 C:\WINDOWS\system32\advapi32.dll - ok
13:35:09.0781 3584 [ 2193C150DE9C29649B1503093F0C6569 ] C:\WINDOWS\system32\rpcrt4.dll
13:35:09.0781 3584 C:\WINDOWS\system32\rpcrt4.dll - ok
13:35:09.0781 3584 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
13:35:09.0781 3584 C:\WINDOWS\system32\secur32.dll - ok
13:35:09.0781 3584 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
13:35:09.0781 3584 C:\WINDOWS\system32\authz.dll - ok
13:35:09.0796 3584 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
13:35:09.0796 3584 C:\WINDOWS\system32\msvcrt.dll - ok
13:35:09.0796 3584 [ BDAAF79DD63F194434D31A74B9BB8B77 ] C:\WINDOWS\system32\crypt32.dll
13:35:09.0796 3584 C:\WINDOWS\system32\crypt32.dll - ok
13:35:09.0796 3584 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
13:35:09.0796 3584 C:\WINDOWS\system32\msasn1.dll - ok
13:35:09.0812 3584 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
13:35:09.0812 3584 C:\WINDOWS\system32\nddeapi.dll - ok
13:35:09.0812 3584 [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll
13:35:09.0812 3584 C:\WINDOWS\system32\netapi32.dll - ok
13:35:09.0812 3584 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
13:35:09.0812 3584 C:\WINDOWS\system32\profmap.dll - ok
13:35:09.0828 3584 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
13:35:09.0828 3584 C:\WINDOWS\system32\userenv.dll - ok
13:35:09.0828 3584 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
13:35:09.0828 3584 C:\WINDOWS\system32\psapi.dll - ok
13:35:09.0828 3584 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
13:35:09.0828 3584 C:\WINDOWS\system32\regapi.dll - ok
13:35:09.0843 3584 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
13:35:09.0843 3584 C:\WINDOWS\system32\setupapi.dll - ok
13:35:09.0843 3584 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
13:35:09.0843 3584 C:\WINDOWS\system32\version.dll - ok
13:35:09.0843 3584 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
13:35:09.0843 3584 C:\WINDOWS\system32\winsta.dll - ok
13:35:09.0859 3584 [ B25D14DCBBB6623C1A63CD07A97DF32B ] C:\WINDOWS\system32\wintrust.dll
13:35:09.0859 3584 C:\WINDOWS\system32\wintrust.dll - ok
13:35:09.0859 3584 [ CA648BD638245EB83F971FF71B031BEC ] C:\WINDOWS\system32\imagehlp.dll
13:35:09.0859 3584 C:\WINDOWS\system32\imagehlp.dll - ok
13:35:09.0859 3584 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
13:35:09.0859 3584 C:\WINDOWS\system32\ws2help.dll - ok
13:35:09.0875 3584 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
13:35:09.0875 3584 C:\WINDOWS\system32\ws2_32.dll - ok
13:35:09.0875 3584 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
13:35:09.0875 3584 C:\WINDOWS\system32\imm32.dll - ok
13:35:09.0890 3584 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
13:35:09.0890 3584 C:\WINDOWS\system32\kbdus.dll - ok
13:35:09.0890 3584 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
13:35:09.0890 3584 C:\WINDOWS\system32\msgina.dll - ok
13:35:09.0890 3584 [ 06F247492BC786CE5C24A23E178C711A ] C:\WINDOWS\system32\comctl32.dll
13:35:09.0890 3584 C:\WINDOWS\system32\comctl32.dll - ok
13:35:09.0906 3584 [ 52A5A388661FF3A889593185367B7226 ] C:\WINDOWS\system32\odbc32.dll
13:35:09.0906 3584 C:\WINDOWS\system32\odbc32.dll - ok
13:35:09.0906 3584 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
13:35:09.0906 3584 C:\WINDOWS\system32\comdlg32.dll - ok
13:35:09.0906 3584 [ 08B99916C98E15F6C28D24D73E53B45A ] C:\WINDOWS\system32\shell32.dll
13:35:09.0906 3584 C:\WINDOWS\system32\shell32.dll - ok
13:35:09.0921 3584 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
13:35:09.0921 3584 C:\WINDOWS\system32\shlwapi.dll - ok
13:35:09.0921 3584 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
13:35:09.0921 3584 C:\WINDOWS\system32\sxs.dll - ok
13:35:09.0921 3584 [ BD38D1EBE24A46BD3EDA059560AFBA12 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
13:35:09.0921 3584 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok
13:35:09.0937 3584 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
13:35:09.0937 3584 C:\WINDOWS\system32\odbcint.dll - ok
13:35:09.0937 3584 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
13:35:09.0937 3584 C:\WINDOWS\system32\sfc.dll - ok
13:35:09.0937 3584 [ 1926899BF9FFE2602B63074971700412 ] C:\WINDOWS\system32\shsvcs.dll
13:35:09.0937 3584 C:\WINDOWS\system32\shsvcs.dll - ok
13:35:09.0953 3584 [ ECCE74BC6168375016450A86A164D976 ] C:\WINDOWS\system32\ole32.dll
13:35:09.0953 3584 C:\WINDOWS\system32\ole32.dll - ok
13:35:09.0953 3584 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
13:35:09.0953 3584 C:\WINDOWS\system32\sfc_os.dll - ok
13:35:09.0968 3584 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
13:35:09.0968 3584 C:\WINDOWS\system32\apphelp.dll - ok
13:35:09.0968 3584 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
13:35:09.0968 3584 C:\WINDOWS\system32\lsass.exe - ok
13:35:09.0968 3584 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
13:35:09.0968 3584 C:\WINDOWS\system32\services.exe - ok
13:35:09.0984 3584 [ 6A77C91890CFE08135301574BB29559F ] C:\WINDOWS\system32\lsasrv.dll
13:35:09.0984 3584 C:\WINDOWS\system32\lsasrv.dll - ok
13:35:09.0984 3584 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
13:35:09.0984 3584 C:\WINDOWS\system32\msvcp60.dll - ok
13:35:09.0984 3584 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
13:35:09.0984 3584 C:\WINDOWS\system32\ncobjapi.dll - ok
13:35:10.0000 3584 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
13:35:10.0000 3584 C:\WINDOWS\system32\scesrv.dll - ok
13:35:10.0000 3584 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
13:35:10.0000 3584 C:\WINDOWS\system32\mpr.dll - ok
13:35:10.0000 3584 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
13:35:10.0000 3584 C:\WINDOWS\system32\ntdsapi.dll - ok
13:35:10.0015 3584 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
13:35:10.0015 3584 C:\WINDOWS\system32\umpnpmgr.dll - ok
13:35:10.0015 3584 [ 5D3FDE8FB2801A2041D1B965372C4928 ] C:\WINDOWS\system32\dnsapi.dll
13:35:10.0015 3584 C:\WINDOWS\system32\dnsapi.dll - ok
13:35:10.0015 3584 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
13:35:10.0015 3584 C:\WINDOWS\system32\shimeng.dll - ok
13:35:10.0031 3584 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
13:35:10.0031 3584 C:\WINDOWS\AppPatch\acadproc.dll - ok
13:35:10.0031 3584 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
13:35:10.0031 3584 C:\WINDOWS\system32\wldap32.dll - ok
13:35:10.0046 3584 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
13:35:10.0046 3584 C:\WINDOWS\system32\samlib.dll - ok
13:35:10.0046 3584 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
13:35:10.0046 3584 C:\WINDOWS\system32\samsrv.dll - ok
13:35:10.0046 3584 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
13:35:10.0046 3584 C:\WINDOWS\AppPatch\acgenral.dll - ok
13:35:10.0062 3584 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
13:35:10.0062 3584 C:\WINDOWS\system32\cryptdll.dll - ok
13:35:10.0062 3584 [ F1300D0B4C40754A01DF16F350F0EF60 ] C:\WINDOWS\system32\winmm.dll
13:35:10.0062 3584 C:\WINDOWS\system32\winmm.dll - ok
13:35:10.0062 3584 [ 387006CF9983000BAB76DD250D424045 ] C:\WINDOWS\system32\oleaut32.dll
13:35:10.0062 3584 C:\WINDOWS\system32\oleaut32.dll - ok
13:35:10.0078 3584 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
13:35:10.0078 3584 C:\WINDOWS\system32\msacm32.dll - ok
13:35:10.0078 3584 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
13:35:10.0078 3584 C:\WINDOWS\system32\uxtheme.dll - ok
13:35:10.0078 3584 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
13:35:10.0078 3584 C:\WINDOWS\system32\msapsspc.dll - ok
13:35:10.0093 3584 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
13:35:10.0093 3584 C:\WINDOWS\system32\msvcrt40.dll - ok
13:35:10.0093 3584 [ BFDECE69E293E6DB4E25DEF862418428 ] C:\WINDOWS\system32\schannel.dll
13:35:10.0093 3584 C:\WINDOWS\system32\schannel.dll - ok
13:35:10.0093 3584 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
13:35:10.0093 3584 C:\WINDOWS\system32\digest.dll - ok
13:35:10.0109 3584 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
13:35:10.0109 3584 C:\WINDOWS\system32\msnsspc.dll - ok
13:35:10.0109 3584 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
13:35:10.0109 3584 C:\WINDOWS\system32\msctfime.ime - ok
13:35:10.0109 3584 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
13:35:10.0109 3584 C:\WINDOWS\system32\msprivs.dll - ok
13:35:10.0125 3584 [ 99EA6AC9B3FEE42E0438A3A24720EE3F ] C:\WINDOWS\system32\kerberos.dll
13:35:10.0125 3584 C:\WINDOWS\system32\kerberos.dll - ok
13:35:10.0125 3584 [ 34EF4739A4D9D09A96069198F42B8D99 ] C:\WINDOWS\system32\atmfd.dll
13:35:10.0125 3584 C:\WINDOWS\system32\atmfd.dll - ok
13:35:10.0140 3584 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
13:35:10.0140 3584 C:\WINDOWS\system32\msv1_0.dll - ok
13:35:10.0140 3584 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
13:35:10.0140 3584 C:\WINDOWS\system32\iphlpapi.dll - ok
13:35:10.0140 3584 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
13:35:10.0140 3584 C:\WINDOWS\system32\netlogon.dll - ok
13:35:10.0156 3584 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
13:35:10.0156 3584 C:\WINDOWS\system32\w32time.dll - ok
13:35:10.0156 3584 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
13:35:10.0156 3584 C:\WINDOWS\system32\wdigest.dll - ok
13:35:10.0156 3584 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
13:35:10.0156 3584 C:\WINDOWS\system32\rsaenh.dll - ok
13:35:10.0171 3584 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
13:35:10.0171 3584 C:\WINDOWS\system32\winscard.dll - ok
13:35:10.0171 3584 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
13:35:10.0171 3584 C:\WINDOWS\system32\wtsapi32.dll - ok
13:35:10.0171 3584 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
13:35:10.0171 3584 C:\WINDOWS\system32\scecli.dll - ok
13:35:10.0187 3584 [ A08FDA1AA3B5F74F71895AE247AD9152 ] C:\WINDOWS\system32\ati2evxx.exe
13:35:10.0187 3584 C:\WINDOWS\system32\ati2evxx.exe - ok
13:35:10.0187 3584 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
13:35:10.0187 3584 C:\WINDOWS\system32\cfgmgr32.dll - ok
13:35:10.0187 3584 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
13:35:10.0187 3584 C:\WINDOWS\system32\powrprof.dll - ok
13:35:10.0203 3584 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
13:35:10.0203 3584 C:\WINDOWS\system32\svchost.exe - ok
13:35:10.0203 3584 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
13:35:10.0203 3584 C:\WINDOWS\system32\ntmarta.dll - ok
13:35:10.0218 3584 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
13:35:10.0218 3584 C:\WINDOWS\system32\rpcss.dll - ok
13:35:10.0218 3584 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
13:35:10.0218 3584 C:\WINDOWS\system32\xpsp2res.dll - ok
13:35:10.0218 3584 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
13:35:10.0218 3584 C:\WINDOWS\system32\eventlog.dll - ok
13:35:10.0234 3584 [ 5DE345E1A9D914966CB1F1420D573C2A ] C:\WINDOWS\system32\ati2edxx.dll
13:35:10.0234 3584 C:\WINDOWS\system32\ati2edxx.dll - ok
13:35:10.0234 3584 [ 4F71D5BD0B79AD8881552565DD0108BA ] C:\WINDOWS\system32\atipdlxx.dll
13:35:10.0234 3584 C:\WINDOWS\system32\atipdlxx.dll - ok
13:35:10.0234 3584 [ 832E4DD8964AB7ACC880B2837CB1ED20 ] C:\WINDOWS\system32\mswsock.dll
13:35:10.0234 3584 C:\WINDOWS\system32\mswsock.dll - ok
13:35:10.0250 3584 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
13:35:10.0250 3584 C:\WINDOWS\system32\hnetcfg.dll - ok
13:35:10.0250 3584 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
13:35:10.0250 3584 C:\WINDOWS\system32\wshtcpip.dll - ok
13:35:10.0250 3584 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
13:35:10.0250 3584 C:\WINDOWS\system32\winrnr.dll - ok
13:35:10.0265 3584 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
13:35:10.0265 3584 C:\WINDOWS\system32\rasadhlp.dll - ok
13:35:10.0265 3584 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
13:35:10.0265 3584 C:\WINDOWS\system32\dhcpcsvc.dll - ok
13:35:10.0265 3584 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
13:35:10.0265 3584 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
13:35:10.0281 3584 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
13:35:10.0281 3584 C:\WINDOWS\system32\dnsrslvr.dll - ok
13:35:10.0281 3584 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
13:35:10.0281 3584 C:\WINDOWS\system32\lmhsvc.dll - ok
13:35:10.0296 3584 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
13:35:10.0296 3584 C:\WINDOWS\system32\wzcsvc.dll - ok
13:35:10.0296 3584 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
13:35:10.0296 3584 C:\WINDOWS\system32\rtutils.dll - ok
13:35:10.0296 3584 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
13:35:10.0296 3584 C:\WINDOWS\system32\eapolqec.dll - ok
13:35:10.0312 3584 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
13:35:10.0312 3584 C:\WINDOWS\system32\wmi.dll - ok
13:35:10.0312 3584 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
13:35:10.0312 3584 C:\WINDOWS\system32\atl.dll - ok
13:35:10.0312 3584 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
13:35:10.0312 3584 C:\WINDOWS\system32\qutil.dll - ok
13:35:10.0328 3584 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
13:35:10.0328 3584 C:\WINDOWS\system32\dot3api.dll - ok
13:35:10.0328 3584 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
13:35:10.0328 3584 C:\WINDOWS\system32\esent.dll - ok
13:35:10.0328 3584 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
13:35:10.0328 3584 C:\WINDOWS\system32\clbcatq.dll - ok
13:35:10.0343 3584 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
13:35:10.0343 3584 C:\WINDOWS\system32\comres.dll - ok
13:35:10.0343 3584 [ A87D7A9AE9ACE505CA9A9A458A7D77D3 ] C:\WINDOWS\system32\ati2evxx.dll
13:35:10.0343 3584 C:\WINDOWS\system32\ati2evxx.dll - ok
13:35:10.0343 3584 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
13:35:10.0343 3584 C:\WINDOWS\system32\logonui.exe - ok
13:35:10.0359 3584 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
13:35:10.0359 3584 C:\WINDOWS\system32\rastls.dll - ok
13:35:10.0359 3584 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
13:35:10.0359 3584 C:\WINDOWS\system32\cryptui.dll - ok
13:35:10.0359 3584 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
13:35:10.0359 3584 C:\WINDOWS\system32\cscdll.dll - ok
13:35:10.0375 3584 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
13:35:10.0375 3584 C:\WINDOWS\system32\duser.dll - ok
13:35:10.0375 3584 [ 7A42CFED96CDA7F2FB1A26D1F9F65775 ] C:\WINDOWS\system32\wininet.dll
13:35:10.0375 3584 C:\WINDOWS\system32\wininet.dll - ok
13:35:10.0375 3584 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
13:35:10.0375 3584 C:\WINDOWS\system32\dimsntfy.dll - ok
13:35:10.0390 3584 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
13:35:10.0390 3584 C:\WINDOWS\system32\wlnotify.dll - ok
13:35:10.0390 3584 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
13:35:10.0390 3584 C:\WINDOWS\system32\winspool.drv - ok
13:35:10.0390 3584 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
13:35:10.0390 3584 C:\WINDOWS\system32\msimg32.dll - ok
13:35:10.0406 3584 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
13:35:10.0406 3584 C:\WINDOWS\system32\WgaLogon.dll - ok
13:35:10.0406 3584 [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
13:35:10.0406 3584 C:\WINDOWS\system32\oleacc.dll - ok
13:35:10.0421 3584 [ 2C3E7260A4D8FD5B37EEC7D0852F5085 ] C:\WINDOWS\system32\msxml3.dll
13:35:10.0421 3584 C:\WINDOWS\system32\msxml3.dll - ok
13:35:10.0421 3584 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
13:35:10.0421 3584 C:\WINDOWS\system32\shgina.dll - ok
13:35:10.0421 3584 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
13:35:10.0421 3584 C:\WINDOWS\system32\normaliz.dll - ok
13:35:10.0437 3584 [ 9C56C8C957F6AC4C7FA1378E108C42EA ] C:\WINDOWS\system32\urlmon.dll
13:35:10.0437 3584 C:\WINDOWS\system32\urlmon.dll - ok
13:35:10.0437 3584 [ 95825F207451C184CF341255B2212249 ] C:\WINDOWS\system32\iertutil.dll
13:35:10.0437 3584 C:\WINDOWS\system32\iertutil.dll - ok
13:35:10.0437 3584 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
13:35:10.0437 3584 C:\WINDOWS\system32\mprapi.dll - ok
13:35:10.0453 3584 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
13:35:10.0453 3584 C:\WINDOWS\system32\activeds.dll - ok
13:35:10.0453 3584 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
13:35:10.0453 3584 C:\WINDOWS\system32\adsldpc.dll - ok
13:35:10.0453 3584 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
13:35:10.0453 3584 C:\WINDOWS\system32\rasapi32.dll - ok
13:35:10.0468 3584 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
13:35:10.0468 3584 C:\WINDOWS\system32\rasman.dll - ok
13:35:10.0468 3584 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
13:35:10.0468 3584 C:\WINDOWS\system32\tapi32.dll - ok
13:35:10.0468 3584 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
13:35:10.0468 3584 C:\WINDOWS\system32\riched20.dll - ok
13:35:10.0484 3584 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
13:35:10.0484 3584 C:\WINDOWS\system32\raschap.dll - ok
13:35:10.0484 3584 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
13:35:10.0484 3584 C:\WINDOWS\system32\schedsvc.dll - ok
13:35:10.0500 3584 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
13:35:10.0500 3584 C:\WINDOWS\system32\msidle.dll - ok
13:35:10.0500 3584 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] C:\WINDOWS\system32\spoolsv.exe
13:35:10.0500 3584 C:\WINDOWS\system32\spoolsv.exe - ok
13:35:10.0500 3584 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
13:35:10.0500 3584 C:\WINDOWS\system32\audiosrv.dll - ok
13:35:10.0515 3584 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
13:35:10.0515 3584 C:\WINDOWS\system32\wkssvc.dll - ok
13:35:10.0515 3584 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
13:35:10.0515 3584 C:\WINDOWS\system32\cscui.dll - ok
13:35:10.0515 3584 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
13:35:10.0515 3584 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
13:35:10.0531 3584 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
13:35:10.0531 3584 C:\WINDOWS\system32\wdmaud.drv - ok
13:35:10.0531 3584 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
13:35:10.0531 3584 C:\WINDOWS\system32\webclnt.dll - ok
13:35:10.0531 3584 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
13:35:10.0531 3584 C:\WINDOWS\system32\dpcdll.dll - ok
13:35:10.0546 3584 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
13:35:10.0546 3584 C:\WINDOWS\system32\drivers\parvdm.sys - ok
13:35:10.0546 3584 [ A1E2ED3E0640999DE683367A4F716F61 ] C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe
13:35:10.0546 3584 C:\Program Files\IOGEAR\Bluetooth Software\bin\btwdins.exe - ok
13:35:10.0546 3584 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
13:35:10.0546 3584 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
13:35:10.0562 3584 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
13:35:10.0562 3584 C:\WINDOWS\system32\qmgr.dll - ok
13:35:10.0562 3584 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
13:35:10.0562 3584 C:\WINDOWS\system32\hid.dll - ok
13:35:10.0578 3584 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
13:35:10.0578 3584 C:\WINDOWS\system32\userinit.exe - ok
13:35:10.0578 3584 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
13:35:10.0578 3584 C:\WINDOWS\system32\WgaTray.exe - ok
13:35:10.0578 3584 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
13:35:10.0578 3584 C:\WINDOWS\explorer.exe - ok
13:35:10.0593 3584 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
13:35:10.0593 3584 C:\WINDOWS\system32\browseui.dll - ok
13:35:10.0593 3584 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
13:35:10.0593 3584 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
13:35:10.0593 3584 [ BB9DE58AC6513DA62C005D92E2DB4981 ] C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
13:35:10.0593 3584 C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe - ok
13:35:10.0593 3584 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
13:35:10.0593 3584 C:\WINDOWS\system32\drivers\splitter.sys - ok
13:35:10.0609 3584 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
13:35:10.0609 3584 C:\WINDOWS\system32\drivers\aec.sys - ok
13:35:10.0609 3584 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
13:35:10.0609 3584 C:\WINDOWS\system32\drivers\swmidi.sys - ok
13:35:10.0625 3584 [ 9D84376931440F3679BEEF2A414FA493 ] C:\WINDOWS\system32\HPZipm12.exe
13:35:10.0625 3584 C:\WINDOWS\system32\HPZipm12.exe - ok
13:35:10.0625 3584 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
13:35:10.0625 3584 C:\WINDOWS\system32\wsock32.dll - ok
13:35:10.0625 3584 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
13:35:10.0625 3584 C:\WINDOWS\system32\ipsecsvc.dll - ok
13:35:10.0640 3584 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
13:35:10.0640 3584 C:\WINDOWS\system32\drivers\dmusic.sys - ok
13:35:10.0640 3584 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
13:35:10.0640 3584 C:\WINDOWS\system32\shfolder.dll - ok
13:35:10.0640 3584 [ 8C77ECF3C7DCBB926312B7ECED6ECA75 ] C:\WINDOWS\system32\winhttp.dll
13:35:10.0640 3584 C:\WINDOWS\system32\winhttp.dll - ok
13:35:10.0656 3584 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
13:35:10.0656 3584 C:\WINDOWS\system32\drivers\kmixer.sys - ok
13:35:10.0656 3584 [ 06A49B7BDC36CFBF97DD90804F833369 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
13:35:10.0656 3584 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
13:35:10.0656 3584 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
13:35:10.0656 3584 C:\WINDOWS\system32\cryptnet.dll - ok
13:35:10.0671 3584 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
13:35:10.0671 3584 C:\WINDOWS\system32\oakley.dll - ok
13:35:10.0671 3584 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
13:35:10.0671 3584 C:\WINDOWS\system32\regsvc.dll - ok
13:35:10.0671 3584 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
13:35:10.0671 3584 C:\WINDOWS\system32\sensapi.dll - ok
13:35:10.0687 3584 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
13:35:10.0687 3584 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
13:35:10.0687 3584 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
13:35:10.0687 3584 C:\WINDOWS\system32\cryptsvc.dll - ok
13:35:10.0703 3584 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
13:35:10.0703 3584 C:\WINDOWS\system32\LegitCheckControl.dll - ok
13:35:10.0703 3584 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
13:35:10.0703 3584 C:\WINDOWS\system32\pstorsvc.dll - ok
13:35:10.0703 3584 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
13:35:10.0703 3584 C:\WINDOWS\system32\winipsec.dll - ok
13:35:10.0718 3584 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
13:35:10.0718 3584 C:\WINDOWS\system32\psbase.dll - ok
13:35:10.0718 3584 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
13:35:10.0718 3584 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
13:35:10.0718 3584 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
13:35:10.0718 3584 C:\WINDOWS\system32\wiaservc.dll - ok
13:35:10.0734 3584 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
13:35:10.0734 3584 C:\WINDOWS\system32\msacm32.drv - ok
13:35:10.0734 3584 [ 62BDF8E945F23BEE485BB3CB4ED19CB7 ] C:\WINDOWS\system32\shdocvw.dll
13:35:10.0734 3584 C:\WINDOWS\system32\shdocvw.dll - ok
13:35:10.0734 3584 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
13:35:10.0734 3584 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
13:35:10.0750 3584 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
13:35:10.0750 3584 C:\WINDOWS\system32\certcli.dll - ok
13:35:10.0750 3584 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
13:35:10.0750 3584 C:\WINDOWS\system32\midimap.dll - ok
13:35:10.0750 3584 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
13:35:10.0750 3584 C:\WINDOWS\system32\dssenh.dll - ok
13:35:10.0765 3584 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
13:35:10.0765 3584 C:\WINDOWS\system32\mscms.dll - ok
13:35:10.0765 3584 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
13:35:10.0765 3584 C:\WINDOWS\system32\desk.cpl - ok
13:35:10.0781 3584 [ 39DD0C97932CDFDCF006569E1A942728 ] C:\WINDOWS\system32\wiavusd.dll
13:35:10.0781 3584 C:\WINDOWS\system32\wiavusd.dll - ok
13:35:10.0781 3584 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
13:35:10.0781 3584 C:\WINDOWS\system32\themeui.dll - ok
13:35:10.0781 3584 [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
13:35:10.0781 3584 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
13:35:10.0796 3584 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
13:35:10.0796 3584 C:\WINDOWS\system32\actxprxy.dll - ok
13:35:10.0796 3584 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
13:35:10.0796 3584 C:\WINDOWS\system32\dmserver.dll - ok
13:35:10.0796 3584 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
13:35:10.0796 3584 C:\WINDOWS\system32\ersvc.dll - ok
13:35:10.0812 3584 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
13:35:10.0812 3584 C:\WINDOWS\system32\es.dll - ok
13:35:10.0812 3584 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:35:10.0812 3584 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
13:35:10.0812 3584 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
13:35:10.0812 3584 C:\WINDOWS\system32\hidserv.dll - ok
13:35:10.0828 3584 [ F385F4B02C535BFFE1D70CAB80838123 ] C:\WINDOWS\system32\srvsvc.dll
13:35:10.0828 3584 C:\WINDOWS\system32\srvsvc.dll - ok
13:35:10.0828 3584 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
13:35:10.0828 3584 C:\WINDOWS\system32\netmsg.dll - ok
13:35:10.0828 3584 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
13:35:10.0828 3584 C:\WINDOWS\system32\seclogon.dll - ok
13:35:10.0843 3584 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
13:35:10.0843 3584 C:\WINDOWS\system32\srsvc.dll - ok
13:35:10.0843 3584 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
13:35:10.0843 3584 C:\WINDOWS\system32\cmd.exe - ok
13:35:10.0843 3584 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
13:35:10.0843 3584 C:\WINDOWS\system32\netman.dll - ok
13:35:10.0859 3584 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
13:35:10.0859 3584 C:\WINDOWS\system32\netshell.dll - ok
13:35:10.0859 3584 [ 0D5C62E6462FEE517C7FB3B64A58EF1B ] C:\WINDOWS\system32\ieframe.dll
13:35:10.0859 3584 C:\WINDOWS\system32\ieframe.dll - ok
13:35:10.0859 3584 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
13:35:10.0859 3584 C:\WINDOWS\system32\credui.dll - ok
13:35:10.0875 3584 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
13:35:10.0875 3584 C:\WINDOWS\system32\dot3dlg.dll - ok
13:35:10.0875 3584 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
13:35:10.0875 3584 C:\WINDOWS\system32\onex.dll - ok
13:35:10.0890 3584 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
13:35:10.0890 3584 C:\WINDOWS\system32\eappcfg.dll - ok
13:35:10.0890 3584 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
13:35:10.0890 3584 C:\WINDOWS\system32\eappprxy.dll - ok
13:35:10.0890 3584 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
13:35:10.0890 3584 C:\WINDOWS\system32\wzcsapi.dll - ok
13:35:10.0906 3584 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
13:35:10.0906 3584 C:\WINDOWS\system32\trkwks.dll - ok
13:35:10.0906 3584 [ 89220B427890AA1DFFD1A02648AE51C3 ] C:\WINDOWS\system32\drivers\srv.sys
13:35:10.0906 3584 C:\WINDOWS\system32\drivers\srv.sys - ok
13:35:10.0906 3584 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
13:35:10.0906 3584 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
13:35:10.0921 3584 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
13:35:10.0921 3584 C:\WINDOWS\system32\vssapi.dll - ok
13:35:10.0921 3584 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
13:35:10.0921 3584 C:\WINDOWS\system32\wuaueng.dll - ok
13:35:10.0921 3584 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
13:35:10.0921 3584 C:\WINDOWS\system32\wuauserv.dll - ok
13:35:10.0937 3584 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
13:35:10.0937 3584 C:\WINDOWS\system32\cabinet.dll - ok
13:35:10.0937 3584 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
13:35:10.0937 3584 C:\WINDOWS\system32\mspatcha.dll - ok
13:35:10.0937 3584 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
13:35:10.0937 3584 C:\WINDOWS\system32\ipnathlp.dll - ok
13:35:10.0953 3584 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
13:35:10.0953 3584 C:\WINDOWS\system32\sens.dll - ok
13:35:10.0953 3584 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
13:35:10.0953 3584 C:\WINDOWS\system32\spoolss.dll - ok
13:35:10.0968 3584 [ AA897735D5AB916297A6823A9B2D61B1 ] C:\WINDOWS\system32\localspl.dll
13:35:10.0968 3584 C:\WINDOWS\system32\localspl.dll - ok
13:35:10.0968 3584 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
13:35:10.0968 3584 C:\WINDOWS\system32\wscsvc.dll - ok
13:35:10.0968 3584 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
13:35:10.0968 3584 C:\WINDOWS\system32\cnbjmon.dll - ok
13:35:10.0984 3584 [ 66B28A82A1442EE52424246577A364B5 ] C:\WINDOWS\system32\bthcrp.dll
13:35:10.0984 3584 C:\WINDOWS\system32\bthcrp.dll - ok
13:35:10.0984 3584 [ 750060588DDAA3390EE106F625831BCC ] C:\WINDOWS\system32\WidcommSdk.dll
13:35:10.0984 3584 C:\WINDOWS\system32\WidcommSdk.dll - ok
13:35:10.0984 3584 [ E7EB663D2B5804B4D1EC4844C9140336 ] C:\WINDOWS\system32\wbtapi.dll
13:35:10.0984 3584 C:\WINDOWS\system32\wbtapi.dll - ok
13:35:11.0000 3584 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
13:35:11.0000 3584 C:\WINDOWS\system32\msi.dll - ok
13:35:11.0000 3584 [ 6807B4DD2CCF60745C1333D6C17DE173 ] C:\WINDOWS\system32\mfc42.dll
13:35:11.0000 3584 C:\WINDOWS\system32\mfc42.dll - ok
13:35:11.0000 3584 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
13:35:11.0000 3584 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
13:35:11.0015 3584 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
13:35:11.0015 3584 C:\WINDOWS\system32\wbem\esscli.dll - ok
13:35:11.0015 3584 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
13:35:11.0015 3584 C:\WINDOWS\system32\wbem\fastprox.dll - ok
13:35:11.0015 3584 [ E0B83ADFB16D794A0D207FE119D03182 ] C:\WINDOWS\system32\HPTcpMon.dll
13:35:11.0015 3584 C:\WINDOWS\system32\HPTcpMon.dll - ok
13:35:11.0031 3584 [ 16FC2C309998C6D55C182652D6A1C5B1 ] C:\WINDOWS\system32\hpzjrd01.dll
13:35:11.0031 3584 C:\WINDOWS\system32\hpzjrd01.dll - ok
13:35:11.0031 3584 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
13:35:11.0031 3584 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
13:35:11.0031 3584 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
13:35:11.0031 3584 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
13:35:11.0062 3584 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
13:35:11.0062 3584 C:\WINDOWS\system32\clusapi.dll - ok
13:35:11.0062 3584 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
13:35:11.0062 3584 C:\WINDOWS\system32\comsvcs.dll - ok
13:35:11.0062 3584 [ 5CC3838902A9257B79BD43F56D8B7275 ] C:\WINDOWS\system32\HPTcpMUI.dll
13:35:11.0062 3584 C:\WINDOWS\system32\HPTcpMUI.dll - ok
13:35:11.0078 3584 [ 36247C6D5E1FE03A56EE81BB99D7E68C ] C:\WINDOWS\system32\HPTcpMib.dll
13:35:11.0078 3584 C:\WINDOWS\system32\HPTcpMib.dll - ok
13:35:11.0078 3584 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
13:35:11.0078 3584 C:\WINDOWS\system32\mgmtapi.dll - ok
13:35:11.0078 3584 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
13:35:11.0078 3584 C:\WINDOWS\system32\snmpapi.dll - ok
13:35:11.0093 3584 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
13:35:11.0093 3584 C:\WINDOWS\system32\wsnmp32.dll - ok
13:35:11.0093 3584 [ A2973A14FD05F6A5BD61F3528DFAE922 ] C:\WINDOWS\system32\hpzsnt12.dll
13:35:11.0093 3584 C:\WINDOWS\system32\hpzsnt12.dll - ok
13:35:11.0093 3584 [ 6D64131C22EDD8B39702725B4F4EDAE8 ] C:\Program Files\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll
13:35:11.0093 3584 C:\Program Files\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll - ok
13:35:11.0109 3584 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
13:35:11.0109 3584 C:\WINDOWS\system32\pjlmon.dll - ok
13:35:11.0109 3584 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
13:35:11.0109 3584 C:\WINDOWS\system32\tcpmon.dll - ok
13:35:11.0109 3584 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
13:35:11.0109 3584 C:\WINDOWS\system32\usbmon.dll - ok
13:35:11.0125 3584 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
13:35:11.0125 3584 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
13:35:11.0125 3584 [ 75A57EE09F656B6BBBC74F2D5128F2AB ] C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
13:35:11.0125 3584 C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe - ok
13:35:11.0125 3584 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
13:35:11.0125 3584 C:\WINDOWS\system32\win32spl.dll - ok
13:35:11.0140 3584 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
13:35:11.0140 3584 C:\WINDOWS\system32\colbact.dll - ok
13:35:11.0140 3584 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
13:35:11.0140 3584 C:\WINDOWS\system32\mtxclu.dll - ok
13:35:11.0140 3584 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
13:35:11.0140 3584 C:\WINDOWS\system32\netrap.dll - ok
13:35:11.0156 3584 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
13:35:11.0156 3584 C:\WINDOWS\system32\inetpp.dll - ok
13:35:11.0156 3584 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
13:35:11.0156 3584 C:\WINDOWS\system32\resutils.dll - ok
13:35:11.0171 3584 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
13:35:11.0171 3584 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
13:35:11.0171 3584 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
13:35:11.0171 3584 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
13:35:11.0171 3584 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
13:35:11.0171 3584 C:\WINDOWS\system32\wbem\wbemess.dll - ok
13:35:11.0187 3584 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
13:35:11.0187 3584 C:\WINDOWS\system32\wuapi.dll - ok
13:35:11.0187 3584 [ 3FB565C6CC9F233A325AD229109AACD6 ] C:\WINDOWS\system32\bt2k_ins.dll
13:35:11.0187 3584 C:\WINDOWS\system32\bt2k_ins.dll - ok
13:35:11.0187 3584 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
13:35:11.0187 3584 C:\WINDOWS\system32\wbem\ncprov.dll - ok
13:35:11.0203 3584 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll
13:35:11.0203 3584 C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll - ok
13:35:11.0203 3584 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
13:35:11.0203 3584 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
13:35:11.0203 3584 [ FBDB9D0935B9907B809B381FDDF1627F ] C:\WINDOWS\system32\regsvr32.exe
13:35:11.0203 3584 C:\WINDOWS\system32\regsvr32.exe - ok
13:35:11.0218 3584 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
13:35:11.0218 3584 C:\WINDOWS\system32\wups.dll - ok
13:35:11.0218 3584 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
13:35:11.0218 3584 C:\WINDOWS\system32\wups2.dll - ok
13:35:11.0218 3584 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
13:35:11.0218 3584 C:\WINDOWS\system32\wuauclt.exe - ok
13:35:11.0234 3584 [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll
13:35:11.0234 3584 C:\WINDOWS\system32\browser.dll - ok
13:35:11.0234 3584 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
13:35:11.0234 3584 C:\WINDOWS\system32\termsrv.dll - ok
13:35:11.0234 3584 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
13:35:11.0234 3584 C:\WINDOWS\system32\icaapi.dll - ok
13:35:11.0250 3584 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
13:35:11.0250 3584 C:\WINDOWS\system32\mstlsapi.dll - ok
13:35:11.0250 3584 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
13:35:11.0250 3584 C:\WINDOWS\system32\alg.exe - ok
13:35:11.0265 3584 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
13:35:11.0265 3584 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
13:35:11.0265 3584 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
13:35:11.0265 3584 C:\WINDOWS\system32\licwmi.dll - ok
13:35:11.0265 3584 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
13:35:11.0265 3584 C:\WINDOWS\system32\netcfgx.dll - ok
13:35:11.0281 3584 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
13:35:11.0281 3584 C:\WINDOWS\system32\wbem\framedyn.dll - ok
13:35:11.0281 3584 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
13:35:11.0281 3584 C:\WINDOWS\system32\licdll.dll - ok
13:35:11.0281 3584 [ 2FA8B03CB4C0BE92BF43C5EDE8B17846 ] C:\WINDOWS\system32\msxml6.dll
13:35:11.0281 3584 C:\WINDOWS\system32\msxml6.dll - ok
13:35:11.0296 3584 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
13:35:11.0296 3584 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
13:35:11.0296 3584 [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Joel\LOCALS~1\Temp\C37155C3-40C6-471C-946D-9DF467DA5FCE.exe
13:35:11.0296 3584 C:\DOCUME~1\Joel\LOCALS~1\Temp\C37155C3-40C6-471C-946D-9DF467DA5FCE.exe - ok
13:35:11.0296 3584 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
13:35:11.0296 3584 C:\WINDOWS\system32\mlang.dll - ok
13:35:11.0312 3584 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
13:35:11.0312 3584 C:\WINDOWS\system32\ntshrui.dll - ok
13:35:11.0312 3584 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
13:35:11.0312 3584 C:\WINDOWS\system32\linkinfo.dll - ok
13:35:11.0312 3584 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
13:35:11.0312 3584 C:\WINDOWS\system32\verclsid.exe - ok
13:35:11.0328 3584 [ 3B1764F98494B0C93F0DF5572C7629E8 ] C:\WINDOWS\RTHDCPL.EXE
13:35:11.0328 3584 C:\WINDOWS\RTHDCPL.EXE - ok
13:35:11.0328 3584 [ EA31039E691C6F8F5469649526EEA5FB ] C:\WINDOWS\ALCMTR.EXE
13:35:11.0328 3584 C:\WINDOWS\ALCMTR.EXE - ok
13:35:11.0343 3584 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
13:35:11.0343 3584 C:\WINDOWS\system32\dsound.dll - ok
13:35:11.0343 3584 [ E28D00EC675F5F5A5A0555E7A4523A6E ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
13:35:11.0343 3584 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
13:35:11.0343 3584 [ 7169DBC28AC7780DAEC53443690EADD8 ] C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
13:35:11.0343 3584 C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe - ok
13:35:11.0343 3584 [ C286FD724A807657E936FBEAF50DA95E ] C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
13:35:11.0343 3584 C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe - ok
13:35:11.0359 3584 [ E6178A6593B109C6E4553C43B81D5340 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:35:11.0359 3584 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
13:35:11.0359 3584 [ E1F3AB2CC3521E68F242FB4D60C52AE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
13:35:11.0359 3584 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll - ok
13:35:11.0375 3584 [ 1C4D0F52B4238B9388F2A28DD0903588 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
13:35:11.0375 3584 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll - ok
13:35:11.0375 3584 [ DB03D0807D6629639B50A3C58458ABE1 ] C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\AsMultiLang.dll
13:35:11.0375 3584 C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\AsMultiLang.dll - ok
13:35:11.0375 3584 [ B2B2FE2671DD98A322B0AD7079C0B2B2 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
13:35:11.0375 3584 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe - ok
13:35:11.0390 3584 [ 6B87742F27B087AF7FD4ADC2DB685DE0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
13:35:11.0390 3584 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
13:35:11.0390 3584 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
13:35:11.0390 3584 C:\WINDOWS\system32\upnp.dll - ok
13:35:11.0390 3584 [ A4E85BDA66CF4DE8070D6F744D181C12 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
13:35:11.0390 3584 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe - ok
13:35:11.0406 3584 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\92292761.sys
13:35:11.0406 3584 C:\WINDOWS\system32\drivers\92292761.sys - ok
13:35:11.0406 3584 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
13:35:11.0406 3584 C:\WINDOWS\system32\ssdpapi.dll - ok
13:35:11.0406 3584 [ C99248B969A799B771F484CD68BCB96E ] C:\WINDOWS\system32\mscoree.dll
13:35:11.0406 3584 C:\WINDOWS\system32\mscoree.dll - ok
13:35:11.0421 3584 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
13:35:11.0421 3584 C:\WINDOWS\system32\drivers\http.sys - ok
13:35:11.0421 3584 [ FA5CF5CC82D4E39103DEC713E3790FF9 ] C:\Program Files\ASUS\EPU-4 Engine\AiGear.dll
13:35:11.0421 3584 C:\Program Files\ASUS\EPU-4 Engine\AiGear.dll - ok
13:35:11.0421 3584 [ 9ACFD9D5E12D849B28C78FED6D620EB3 ] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
13:35:11.0421 3584 C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe - ok
13:35:11.0437 3584 [ C420DCB1F333CB3DE5F446CEDEC8C354 ] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
13:35:11.0437 3584 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe - ok
13:35:11.0437 3584 [ D01F0643525B29C6B49FD1EA6E84A788 ] C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll
13:35:11.0437 3584 C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll - ok
13:35:11.0453 3584 [ A29E27328CAA54EE94104694270FD8D0 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
13:35:11.0453 3584 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
13:35:11.0453 3584 [ 96CE1FCB4579147B49F63DB46E3E191B ] C:\Program Files\CyberLink\PowerDVD\msvcr71.dll
13:35:11.0453 3584 C:\Program Files\CyberLink\PowerDVD\msvcr71.dll - ok
13:35:11.0453 3584 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
13:35:11.0453 3584 C:\WINDOWS\system32\ssdpsrv.dll - ok
13:35:11.0468 3584 [ 601D77C0AA637A99073210894554B6BA ] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
13:35:11.0468 3584 C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe - ok
13:35:11.0468 3584 [ FDADDEA50790D895D56455C78016E058 ] C:\Program Files\lg_fwupdate\fwupdate.exe
13:35:11.0468 3584 C:\Program Files\lg_fwupdate\fwupdate.exe - ok
13:35:11.0468 3584 [ AC116F16A7716A720A45D7EA47CFD983 ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
13:35:11.0468 3584 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
13:35:11.0484 3584 [ 4CB77D9AFF6A8621EC6E17818E7DBE4C ] C:\WINDOWS\vsnppro.exe
13:35:11.0484 3584 C:\WINDOWS\vsnppro.exe - ok
13:35:11.0484 3584 [ 5BBC951150E738F108C6D3D325BD4029 ] C:\Program Files\ASUS\EPU-4 Engine\pngio.dll
13:35:11.0484 3584 C:\Program Files\ASUS\EPU-4 Engine\pngio.dll - ok
13:35:11.0484 3584 [ 64B33CC5BF131DEF2721394CF9B3F8ED ] C:\WINDOWS\system32\msvbvm60.dll
13:35:11.0484 3584 C:\WINDOWS\system32\msvbvm60.dll - ok
13:35:11.0500 3584 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
13:35:11.0500 3584 C:\WINDOWS\system32\webcheck.dll - ok
13:35:11.0500 3584 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
13:35:11.0500 3584 C:\WINDOWS\system32\rasmans.dll - ok
13:35:11.0500 3584 [ 5CDAA57EA3C7B3D57708CA4D06F75D65 ] C:\Program Files\Motorola\Software Update\mumservice.exe
13:35:11.0500 3584 C:\Program Files\Motorola\Software Update\mumservice.exe - ok
13:35:11.0515 3584 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
13:35:11.0515 3584 C:\WINDOWS\system32\imapi.exe - ok
13:35:11.0515 3584 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
13:35:11.0515 3584 C:\WINDOWS\system32\stobject.dll - ok
13:35:11.0531 3584 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
13:35:11.0531 3584 C:\WINDOWS\system32\batmeter.dll - ok
13:35:11.0531 3584 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
13:35:11.0531 3584 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
13:35:11.0531 3584 [ EEC17187C9CE2FF35CC8294DC3CB39AC ] C:\Documents and Settings\Joel\Bluebirds\BlueBirds.exe
13:35:11.0531 3584 C:\Documents and Settings\Joel\Bluebirds\BlueBirds.exe - ok
13:35:11.0546 3584 [ 390679F7A217A5E73D756276C40AE887 ] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
13:35:11.0546 3584 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - ok
13:35:11.0546 3584 [ 54B276674CF3621094ADF9FDBA0D26A1 ] C:\WINDOWS\system32\BTNCopy.dll
13:35:11.0546 3584 C:\WINDOWS\system32\BTNCopy.dll - ok
13:35:11.0546 3584 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
13:35:11.0546 3584 C:\WINDOWS\system32\mydocs.dll - ok
13:35:11.0562 3584 [ 212F87EE837B4E35E43A93BBFC44E7A7 ] C:\WINDOWS\system32\AsIO.dll
13:35:11.0562 3584 C:\WINDOWS\system32\AsIO.dll - ok
13:35:11.0562 3584 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
13:35:11.0562 3584 C:\WINDOWS\system32\tapisrv.dll - ok
13:35:11.0562 3584 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
13:35:11.0562 3584 C:\WINDOWS\system32\ctfmon.exe - ok
13:35:11.0578 3584 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
13:35:11.0578 3584 C:\WINDOWS\system32\msctf.dll - ok
13:35:11.0578 3584 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
13:35:11.0578 3584 C:\WINDOWS\system32\msutb.dll - ok
13:35:11.0578 3584 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
13:35:11.0578 3584 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
13:35:11.0593 3584 [ F4FB024A16ACBA4AAA40C8A8855AEDE5 ] C:\WINDOWS\system32\asycfilt.dll
13:35:11.0593 3584 C:\WINDOWS\system32\asycfilt.dll - ok
13:35:11.0593 3584 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
13:35:11.0593 3584 C:\WINDOWS\system32\riched32.dll - ok
13:35:11.0593 3584 [ FC6427FFB3D95CF1BB9BABE68BAA8385 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
13:35:11.0593 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll - ok
13:35:11.0609 3584 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
13:35:11.0609 3584 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
13:35:11.0609 3584 [ 65A9495A436F5402BC1C467E1B926C27 ] C:\WINDOWS\winhlp32.exe
13:35:11.0609 3584 C:\WINDOWS\winhlp32.exe - ok
13:35:11.0609 3584 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
13:35:11.0609 3584 C:\WINDOWS\system32\rastapi.dll - ok
13:35:11.0625 3584 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
13:35:11.0625 3584 C:\WINDOWS\ime\sptip.dll - ok
13:35:11.0625 3584 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx
13:35:11.0625 3584 C:\WINDOWS\system32\hhctrl.ocx - ok
13:35:11.0625 3584 [ C3D89EDF751E21CC51943543A728D568 ] C:\Program Files\lg_fwupdate\getadmin.exe
13:35:11.0625 3584 C:\Program Files\lg_fwupdate\getadmin.exe - ok
13:35:11.0640 3584 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
13:35:11.0640 3584 C:\WINDOWS\system32\unimdm.tsp - ok
13:35:11.0640 3584 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
13:35:11.0640 3584 C:\WINDOWS\system32\msisip.dll - ok
13:35:11.0656 3584 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
13:35:11.0656 3584 C:\WINDOWS\system32\wshext.dll - ok
13:35:11.0656 3584 [ F606C20ECA32821101C60DC56F992B12 ] C:\Program Files\lg_fwupdate\getodd.exe
13:35:11.0656 3584 C:\Program Files\lg_fwupdate\getodd.exe - ok
13:35:11.0656 3584 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
13:35:11.0656 3584 C:\WINDOWS\system32\uniplat.dll - ok
13:35:11.0671 3584 [ 582B7231703D80E87CB397F15E1584A5 ] C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe
13:35:11.0671 3584 C:\Program Files\IOGEAR\Bluetooth Software\BTTray.exe - ok
13:35:11.0671 3584 [ 5597D0075861CB0A6E6087752D205C0D ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
13:35:11.0671 3584 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
13:35:11.0671 3584 [ C4300F2DF3654CBFD87ED1A216845358 ] C:\WINDOWS\system32\btosif.dll
13:35:11.0671 3584 C:\WINDOWS\system32\btosif.dll - ok
13:35:11.0687 3584 [ 2680247EC7ABA50B8D468139DA7722D4 ] C:\WINDOWS\system32\btwhidcs.dll
13:35:11.0687 3584 C:\WINDOWS\system32\btwhidcs.dll - ok
13:35:11.0687 3584 [ EA99B12613E5909526123EEC64D6ABDC ] C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll
13:35:11.0687 3584 C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll - ok
13:35:11.0687 3584 [ 806EE198284D569253EB6A1D1180B37D ] C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
13:35:11.0687 3584 C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe - ok
13:35:11.0703 3584 [ 5E24944ED69C839410B2B5A4AADEFFF6 ] C:\Program Files\IOGEAR\Bluetooth Software\BtBalloon.dll
13:35:11.0703 3584 C:\Program Files\IOGEAR\Bluetooth Software\BtBalloon.dll - ok
13:35:11.0703 3584 [ 398F5BD3729E72EDE7EFE917CF035227 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
13:35:11.0703 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok
13:35:11.0703 3584 [ 0E2EBB670C1476F2964FF292F9E57203 ] C:\Program Files\Microsoft Office\Office\OSA9.EXE
13:35:11.0703 3584 C:\Program Files\Microsoft Office\Office\OSA9.EXE - ok
13:35:11.0718 3584 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
13:35:11.0718 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok
13:35:11.0718 3584 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
13:35:11.0718 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok
13:35:11.0734 3584 [ 4CCCFAE4FE90BF82B2C19E5AB017E539 ] C:\Program Files\Microsoft Office\Office\MSO9.DLL
13:35:11.0734 3584 C:\Program Files\Microsoft Office\Office\MSO9.DLL - ok
13:35:11.0734 3584 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
13:35:11.0734 3584 C:\WINDOWS\system32\kmddsp.tsp - ok
13:35:11.0734 3584 [ 1DFE3FBE7E2CD236218AD6A6ECCD6824 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
13:35:11.0734 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok
13:35:11.0750 3584 [ 14BD9768D66EF0859F7473AAED23C31C ] C:\WINDOWS\system32\btrez.dll
13:35:11.0750 3584 C:\WINDOWS\system32\btrez.dll - ok
13:35:11.0750 3584 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
13:35:11.0750 3584 C:\WINDOWS\system32\ndptsp.tsp - ok
13:35:11.0750 3584 [ 82E047AC9DCFA908F169EBB20C157198 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
13:35:11.0750 3584 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
13:35:11.0765 3584 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
13:35:11.0765 3584 C:\WINDOWS\system32\ipconf.tsp - ok
13:35:11.0765 3584 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
13:35:11.0765 3584 C:\WINDOWS\system32\h323.tsp - ok
13:35:11.0765 3584 [ 972297BAE5220EB376E52839BAE013B0 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
13:35:11.0765 3584 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
13:35:11.0781 3584 [ 621D873625B55315D248204E6588BA2D ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
13:35:11.0781 3584 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
13:35:11.0781 3584 [ 2AC1469E7C098D624C804A703D552EE8 ] C:\WINDOWS\system32\jsproxy.dll
13:35:11.0781 3584 C:\WINDOWS\system32\jsproxy.dll - ok
13:35:11.0781 3584 [ 134B9F721233F82C62AEA20CB62065CA ] C:\Program Files\lg_fwupdate\GetODDModel.exe
13:35:11.0781 3584 C:\Program Files\lg_fwupdate\GetODDModel.exe - ok
13:35:11.0796 3584 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
13:35:11.0796 3584 C:\WINDOWS\system32\hidphone.tsp - ok
13:35:11.0796 3584 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
13:35:11.0796 3584 C:\WINDOWS\system32\rasppp.dll - ok
13:35:11.0812 3584 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
13:35:11.0812 3584 C:\WINDOWS\system32\ntlsapi.dll - ok
13:35:11.0812 3584 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
13:35:11.0812 3584 C:\WINDOWS\system32\rasqec.dll - ok
13:35:11.0812 3584 [ DA18BB51D8D75EFD3E27DE315BE32F73 ] C:\Program Files\lg_fwupdate\Buyer.exe
13:35:11.0812 3584 C:\Program Files\lg_fwupdate\Buyer.exe - ok
13:35:11.0828 3584 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
13:35:11.0828 3584 C:\WINDOWS\system32\oledlg.dll - ok
13:35:11.0828 3584 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
13:35:11.0828 3584 C:\WINDOWS\system32\ksuser.dll - ok
13:35:11.0828 3584 [ 6F9A1FEF17123A52D9935AAA2EC6A44C ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_777c0083\mscorlib.dll
13:35:11.0828 3584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_777c0083\mscorlib.dll - ok
13:35:11.0843 3584 [ 26AA1984EC4E50E4D91C25EC46E11AA8 ] C:\WINDOWS\system32\CSH.DLL
13:35:11.0843 3584 C:\WINDOWS\system32\CSH.DLL - ok
13:35:11.0843 3584 [ 30B7CF178A3823436A7FD17F3ABD2066 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
13:35:11.0843 3584 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
13:35:11.0843 3584 [ B9A6DDE053D32AE313E7FD295F14FC7F ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
13:35:11.0843 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll - ok
13:35:11.0859 3584 [ C710AE9090389E218152995074F5C576 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
13:35:11.0859 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok
13:35:11.0859 3584 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
13:35:11.0859 3584 C:\WINDOWS\system32\rasdlg.dll - ok
13:35:11.0859 3584 [ EFAD1FE6E6BC3F65D6C453E70BB061C2 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
13:35:11.0859 3584 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok
13:35:11.0875 3584 [ 487AEE3F8BB4207838CA9FAB8DF90A33 ] C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe
13:35:11.0875 3584 C:\Program Files\IOGEAR\Bluetooth Software\BTStackServer.exe - ok
13:35:11.0875 3584 [ D48FDD9A1A20801024DBEFD215DE3B22 ] C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
13:35:11.0875 3584 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok
13:35:11.0875 3584 [ 02538A2706193BAA6B2E1D321EF87663 ] C:\WINDOWS\system32\btins.dll
13:35:11.0875 3584 C:\WINDOWS\system32\btins.dll - ok
13:35:11.0890 3584 [ 7054F6ADC9B670887659F1561603B0D0 ] C:\WINDOWS\system32\mshtml.dll
13:35:11.0890 3584 C:\WINDOWS\system32\mshtml.dll - ok
13:35:11.0890 3584 [ 0879FAF4FEB57E8C968F21164907190E ] C:\WINDOWS\system32\BtAudioHelper.dll
13:35:11.0890 3584 C:\WINDOWS\system32\BtAudioHelper.dll - ok
13:35:11.0890 3584 [ A7F268ABC5798998F03624799DEB94F4 ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_661d9f85\System.dll
13:35:11.0890 3584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_661d9f85\System.dll - ok
13:35:11.0906 3584 [ B3AD6BFBED3D971074E9237E4788E2D1 ] C:\WINDOWS\system32\btdev.dll
13:35:11.0906 3584 C:\WINDOWS\system32\btdev.dll - ok
13:35:11.0906 3584 [ D383CCB0B271264775DC61AC3D97D872 ] C:\Program Files\IOGEAR\Bluetooth Software\BTKeyInd.dll
13:35:11.0906 3584 C:\Program Files\IOGEAR\Bluetooth Software\BTKeyInd.dll - ok
13:35:11.0906 3584 [ 2814E9BDB75088C0B4CF6C1123F6EC8E ] C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
13:35:11.0921 3584 C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok
13:35:11.0921 3584 [ 76F670D40F856B5E51CEF10D439FD114 ] C:\WINDOWS\system32\btosif_ol.dll
13:35:11.0921 3584 C:\WINDOWS\system32\btosif_ol.dll - ok
13:35:11.0921 3584 [ F63DB5BFE2FC815D016C4C74AB78B9B9 ] C:\WINDOWS\system32\btosif_olx.dll
13:35:11.0921 3584 C:\WINDOWS\system32\btosif_olx.dll - ok
13:35:11.0937 3584 [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
13:35:11.0937 3584 C:\WINDOWS\system32\mapi32.dll - ok
13:35:11.0937 3584 [ 4323F6327D6886B8EAB22157D9FC7387 ] C:\WINDOWS\system32\btosif_notes.dll
13:35:11.0937 3584 C:\WINDOWS\system32\btosif_notes.dll - ok
13:35:11.0937 3584 [ 28766B0B79493832741CADB3717EEC0C ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
13:35:11.0937 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll - ok
13:35:11.0953 3584 [ 4D782BC529B0F75439876622C2730AEF ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_1ffc886f\System.Windows.Forms.dll
13:35:11.0953 3584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_1ffc886f\System.Windows.Forms.dll - ok
13:35:11.0953 3584 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
13:35:11.0953 3584 C:\WINDOWS\system32\msls31.dll - ok
13:35:11.0953 3584 [ 7F463ED611A7D56B114072C8F3CC7747 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
13:35:11.0953 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll - ok
13:35:11.0968 3584 [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll
13:35:11.0968 3584 C:\WINDOWS\system32\msimtf.dll - ok
13:35:11.0968 3584 [ 1499435CDBDF07ACC38BDB49470BCA88 ] C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
13:35:11.0968 3584 C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe - ok
13:35:11.0968 3584 [ A0DCB32156BDF2EB4AF72EE38141E7B7 ] C:\WINDOWS\assembly\GAC\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
13:35:11.0968 3584 C:\WINDOWS\assembly\GAC\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll - ok
13:35:11.0984 3584 [ BCF15390DE7368639C593735BF938D7A ] C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
13:35:11.0984 3584 C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
13:35:11.0984 3584 [ 907BDEEC3DED9D58D0DCAC4D2CBD8D5B ] C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3302.38954__90ba9c70f846762e\MOM.Implementation.DLL
13:35:11.0984 3584 C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3302.38954__90ba9c70f846762e\MOM.Implementation.DLL - ok
13:35:11.0984 3584 [ 1929F1702A56DAE92C29BA97102CD4CD ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_923ce362\System.Drawing.dll
13:35:11.0984 3584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_923ce362\System.Drawing.dll - ok
13:35:12.0000 3584 [ 7BEC181A21753498B6BD001C42A42722 ] C:\WINDOWS\system32\MSINET.OCX
13:35:12.0000 3584 C:\WINDOWS\system32\MSINET.OCX - ok
13:35:12.0000 3584 [ AD1EA59C74D873AC22FB839B8E3E97F7 ] C:\Program Files\Spybot - Search & Destroy\advcheck.dll
13:35:12.0000 3584 C:\Program Files\Spybot - Search & Destroy\advcheck.dll - ok
13:35:12.0015 3584 [ 0C5653E4F6055FA4E324EFE5519A761C ] C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.DLL
13:35:12.0015 3584 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.DLL - ok
13:35:12.0015 3584 [ 858508B12A0C26C78E7CA73C97241583 ] C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.DLL
13:35:12.0015 3584 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.DLL - ok
13:35:12.0015 3584 [ 17E6C2907CA1E6B67174C9188C7ABFEC ] C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3302.38952__90ba9c70f846762e\LOG.Foundation.Implementation.DLL
13:35:12.0015 3584 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3302.38952__90ba9c70f846762e\LOG.Foundation.Implementation.DLL - ok
13:35:12.0031 3584 [ 94FF8E07B25B858708368DCB79118D1C ] C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.DLL
13:35:12.0031 3584 C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.DLL - ok
13:35:12.0031 3584 [ BB2BE4BA77C0C84D1A3F135D418B4659 ] C:\WINDOWS\assembly\GAC\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
13:35:12.0031 3584 C:\WINDOWS\assembly\GAC\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll - ok
13:35:12.0031 3584 [ 28CE014B578E177074DFF0F5379744C4 ] C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL
13:35:12.0031 3584 C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.DLL - ok
13:35:12.0046 3584 [ 2849F13593D2712CCB97FFBDD3C1232E ] C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
13:35:12.0046 3584 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
13:35:12.0046 3584 [ 17DA38CB41189C545E84C4682F25A0F3 ] C:\WINDOWS\assembly\GAC\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
13:35:12.0046 3584 C:\WINDOWS\assembly\GAC\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll - ok
13:35:12.0078 3584 [ B22BA6939F9230CDD87EAD85F3ECD1D9 ] C:\WINDOWS\assembly\GAC\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
13:35:12.0078 3584 C:\WINDOWS\assembly\GAC\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll - ok
13:35:12.0078 3584 [ 80A137E5FB9E9CC95C1DCC9300905343 ] C:\WINDOWS\assembly\GAC\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
13:35:12.0078 3584 C:\WINDOWS\assembly\GAC\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll - ok
13:35:12.0078 3584 [ 33DFCA90B4BE8C62B20CE0BEEE4CAC1D ] C:\WINDOWS\assembly\GAC\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
13:35:12.0078 3584 C:\WINDOWS\assembly\GAC\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll - ok
13:35:12.0078 3584 [ BC33C1A2E9107E290A4B4F12894E25BD ] C:\WINDOWS\assembly\GAC\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
13:35:12.0078 3584 C:\WINDOWS\assembly\GAC\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll - ok
13:35:12.0093 3584 [ 350750024696FD6496DDA08EBE5A1EA4 ] C:\WINDOWS\assembly\GAC\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
13:35:12.0093 3584 C:\WINDOWS\assembly\GAC\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll - ok
13:35:12.0093 3584 [ 5BDB40C486291CA8AF13A08232BAA177 ] C:\WINDOWS\assembly\GAC\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
13:35:12.0093 3584 C:\WINDOWS\assembly\GAC\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll - ok
13:35:12.0093 3584 [ 659272675EABDCCFDA85CF5892ED244B ] C:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll
13:35:12.0093 3584 C:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\Interop.hpqcxm08.dll - ok
13:35:12.0109 3584 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll
13:35:12.0109 3584 C:\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok
13:35:12.0109 3584 [ 627BFC4C262188E4AAA961514F42AB1A ] C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_72a13dfe\System.Xml.dll
13:35:12.0109 3584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_72a13dfe\System.Xml.dll - ok
13:35:12.0109 3584 [ 648FE0D27734BB73EF04BC6789B20935 ] C:\WINDOWS\assembly\GAC\LEAD\13.0.0.113__9cf889f53ea9b907\LEAD.dll
13:35:12.0109 3584 C:\WINDOWS\assembly\GAC\LEAD\13.0.0.113__9cf889f53ea9b907\LEAD.dll - ok
13:35:12.0125 3584 [ 4C7CE6459461B61EAD294EAF50AF3160 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
13:35:12.0125 3584 C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
13:35:12.0125 3584 [ 1F7B23305F0D7CA120A3E65DEC21671F ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
13:35:12.0125 3584 C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
13:35:12.0125 3584 [ 335270904FED5F3629FE0D2FCAB7BD4F ] C:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\LEAD.Wrapper.dll
13:35:12.0125 3584 C:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\LEAD.Wrapper.dll - ok
13:35:12.0140 3584 [ E2CD12A09AAB75B19123E4AB807B2D25 ] C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll
13:35:12.0140 3584 C:\Program Files\HP\Digital Imaging\bin\ltkrn13n.dll - ok
13:35:12.0140 3584 [ FC99DC360CFA2E32276151EB7B1D899D ] C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll
13:35:12.0140 3584 C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll - ok
13:35:12.0156 3584 [ 4BBF2F7E4F0F21FDCF30F540E7331BD7 ] C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.dll
13:35:12.0156 3584 C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.dll - ok
13:35:12.0156 3584 [ 4C08FB7ACB28689B586D986D3F5826CF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
13:35:12.0156 3584 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
13:35:12.0156 3584 [ B8549829AABD31329CB20367F05630EA ] C:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.dll
13:35:12.0156 3584 C:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.dll - ok
13:35:12.0171 3584 [ 5D9E5C12AFA844EFCC6763A29BA8A76C ] C:\WINDOWS\assembly\GAC\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
13:35:12.0171 3584 C:\WINDOWS\assembly\GAC\interop.hpqimgr\3.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll - ok
13:35:12.0171 3584 [ F33C17F6CC0720387500E189701D2959 ] C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3302.38953__90ba9c70f846762e\CCC.Implementation.DLL
13:35:12.0171 3584 C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3302.38953__90ba9c70f846762e\CCC.Implementation.DLL - ok
13:35:12.0171 3584 [ 28C130F51B8F04E91D1E41B2A5744A44 ] C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.DLL
13:35:12.0171 3584 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.DLL - ok
13:35:12.0187 3584 [ B245E6716CF85BDC55D17030CA609A73 ] C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll
13:35:12.0187 3584 C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll - ok
13:35:12.0187 3584 [ AEA0B0AA26E4EA377D6A12B3B5D6F90F ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
13:35:12.0187 3584 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
13:35:12.0187 3584 [ F11CEBCEE8EBD44650500E790F5BEDE9 ] C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll
13:35:12.0187 3584 C:\Program Files\HP\Digital Imaging\bin\hpqimgr.dll - ok
13:35:12.0203 3584 [ CA27FAAA54B1F007E81D5B9499DB341B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
13:35:12.0203 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll - ok
13:35:12.0203 3584 [ EA8D2C36A274E4244CFC4EBDFE497F99 ] C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll
13:35:12.0203 3584 C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll - ok
13:35:12.0203 3584 [ F435FA32C12F6213B7F92C6F902BAD70 ] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
13:35:12.0203 3584 C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll - ok
13:35:12.0218 3584 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\WINDOWS\system32\mfc71.dll
13:35:12.0218 3584 C:\WINDOWS\system32\mfc71.dll - ok
13:35:12.0218 3584 [ A490EDE46A746E14AE6876021B6D4269 ] C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll
13:35:12.0218 3584 C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll - ok
13:35:12.0234 3584 [ 2DB4D4386AC0F8CC367E1AA8AB1004EF ] C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
13:35:12.0234 3584 C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe - ok
13:35:12.0234 3584 [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\atl71.dll
13:35:12.0234 3584 C:\WINDOWS\system32\atl71.dll - ok
13:35:12.0234 3584 [ 6BDA568A2AED0F84C717B5649F70C91C ] C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll
13:35:12.0234 3584 C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll - ok
13:35:12.0250 3584 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\HP\Digital Imaging\bin\msvcp71.dll
13:35:12.0250 3584 C:\Program Files\HP\Digital Imaging\bin\msvcp71.dll - ok
13:35:12.0250 3584 [ 3A2030BBD08924970DCDB7ABBA4C4D92 ] C:\WINDOWS\system32\HPZidr12.dll
13:35:12.0250 3584 C:\WINDOWS\system32\HPZidr12.dll - ok
13:35:12.0250 3584 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\WINDOWS\system32\MFC71ENU.DLL
13:35:12.0250 3584 C:\WINDOWS\system32\MFC71ENU.DLL - ok
13:35:12.0265 3584 [ 7BC9BBC3C0C756B69E3F152ABAD0B44F ] C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll
13:35:12.0265 3584 C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll - ok
13:35:12.0265 3584 [ 6348FE0BB6230406E4401E94C3A660D8 ] C:\WINDOWS\assembly\GAC\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
13:35:12.0265 3584 C:\WINDOWS\assembly\GAC\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll - ok
13:35:12.0265 3584 [ 11DDA07E408DCDE39D4BE4FD5FFEF6D0 ] C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll
13:35:12.0265 3584 C:\Program Files\HP\Digital Imaging\bin\hpqmirsc.dll - ok
13:35:12.0281 3584 [ 32DDD519C87B37C8520D3B48C1A13F96 ] C:\WINDOWS\assembly\GAC\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
13:35:12.0281 3584 C:\WINDOWS\assembly\GAC\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll - ok
13:35:12.0281 3584 [ D6D559B94671573A026ED47C5E75964B ] C:\WINDOWS\system32\HPZipr12.dll
13:35:12.0281 3584 C:\WINDOWS\system32\HPZipr12.dll - ok
13:35:12.0281 3584 [ 235B2311786AC007AD644B12A2DA8AC7 ] C:\WINDOWS\system32\msvfw32.dll
13:35:12.0281 3584 C:\WINDOWS\system32\msvfw32.dll - ok
13:35:12.0296 3584 [ 1BF96F094044E1A6DEBEFC6FC7E1025F ] C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll
13:35:12.0296 3584 C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll - ok
13:35:12.0296 3584 [ C29027A7D34814A633F1893EEE00A8FC ] C:\Program Files\HP\Digital Imaging\bin\hpqste08.rsc
13:35:12.0296 3584 C:\Program Files\HP\Digital Imaging\bin\hpqste08.rsc - ok
13:35:12.0312 3584 [ AA50961D0889B2085C3A54B0A024643B ] C:\WINDOWS\assembly\GAC\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
13:35:12.0312 3584 C:\WINDOWS\assembly\GAC\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll - ok
13:35:12.0312 3584 [ F40EBCC0CF2DABEB2F4B0600AB15E09F ] C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3302.38852__90ba9c70f846762e\CLI.Component.SkinFactory.DLL
13:35:12.0312 3584 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3302.38852__90ba9c70f846762e\CLI.Component.SkinFactory.DLL - ok
13:35:12.0312 3584 [ D086D14AE3E163DD38230CBC804C6747 ] C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.DrawingContainer.dll
13:35:12.0312 3584 C:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\LEAD.Windows.Forms.DrawingContainer.dll - ok
13:35:12.0328 3584 [ 8F8A3958A3AD696172C8D19827319E7D ] C:\WINDOWS\assembly\GAC\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
13:35:12.0328 3584 C:\WINDOWS\assembly\GAC\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll - ok
13:35:12.0328 3584 [ FBB8BB8651D8074886568066E677DE0A ] C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.DLL
13:35:12.0328 3584 C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.DLL - ok
13:35:12.0328 3584 [ 77DDF48FC522950C4438CDAFBA856705 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
13:35:12.0328 3584 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll - ok
13:35:12.0343 3584 [ F5A621C69B659258E5164306A15C9CAA ] C:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.Imaging.ImageProcessing.dll
13:35:12.0343 3584 C:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\LEAD.Drawing.Imaging.ImageProcessing.dll - ok
13:35:12.0343 3584 [ 268D22AD922CF3DC49962CD977B73A45 ] C:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
13:35:12.0343 3584 C:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll - ok
13:35:12.0343 3584 [ 603B55EA0E2A583D42133615C451BC5B ] C:\WINDOWS\assembly\GAC\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
13:35:12.0343 3584 C:\WINDOWS\assembly\GAC\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll - ok
13:35:12.0359 3584 [ 67588302DFD1C8519311501DB3582623 ] C:\WINDOWS\assembly\GAC\Interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\Interop.hpqvideo.dll
13:35:12.0359 3584 C:\WINDOWS\assembly\GAC\Interop.hpqvideo\3.0.0.0__a53cf5803f4c3827\Interop.hpqvideo.dll - ok
13:35:12.0359 3584 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
13:35:12.0359 3584 C:\WINDOWS\system32\drprov.dll - ok
13:35:12.0359 3584 [ 15A9F98A75ECFB988E4AEF24AB6A915B ] C:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
13:35:12.0359 3584 C:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll - ok
13:35:12.0375 3584 [ 166046DF7175BEE492BE75B33F9A9B91 ] C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL
13:35:12.0375 3584 C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.DLL - ok
13:35:12.0375 3584 [ 9EE09FD74D7D844F10A8450F0849B455 ] C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll
13:35:12.0375 3584 C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll - ok
13:35:12.0375 3584 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
13:35:12.0375 3584 C:\WINDOWS\system32\ntlanman.dll - ok
13:35:12.0390 3584 [ CD632A9274E7E85B9F37F84C91595C27 ] C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL
13:35:12.0390 3584 C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.DLL - ok
13:35:12.0390 3584 [ E952204978D5807A650019A5C0D4AA85 ] C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3302.38850__90ba9c70f846762e\CLI.Component.Runtime.DLL
13:35:12.0390 3584 C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3302.38850__90ba9c70f846762e\CLI.Component.Runtime.DLL - ok
13:35:12.0390 3584 [ 175E8A8B8705FD9D8EC3F582930B07A9 ] C:\Program Files\HP\Digital Imaging\bin\hpqvdcom.dll
13:35:12.0390 3584 C:\Program Files\HP\Digital Imaging\bin\hpqvdcom.dll - ok
13:35:12.0406 3584 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
13:35:12.0406 3584 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
13:35:12.0406 3584 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
13:35:12.0406 3584 C:\WINDOWS\system32\netui0.dll - ok
13:35:12.0421 3584 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
13:35:12.0421 3584 C:\WINDOWS\system32\netui1.dll - ok
13:35:12.0421 3584 ============================================================
13:35:12.0421 3584 Scan finished
13:35:12.0421 3584 ============================================================
13:35:12.0421 3576 Detected object count: 1
13:35:12.0421 3576 Actual detected object count: 1
13:35:33.0718 3576 \Device\Harddisk1\DR1\# - copied to quarantine
13:35:33.0718 3576 \Device\Harddisk1\DR1 - copied to quarantine
13:35:33.0796 3576 \Device\Harddisk1\DR1 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
13:35:33.0796 3576 \Device\Harddisk1\DR1 - ok
13:35:34.0156 3576 \Device\Harddisk1\DR1 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
13:35:41.0656 3464 Deinitialize success
  • 0

#18
Jasmyne
Posted 14 July 2013 - 01:10 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Which partition would you like to get up and running first, XP Pro or Windows 7? We will devise a new game plan from there. :)
  • 0

#19
jr chambers
Posted 14 July 2013 - 01:28 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
LoL,
well after using the Kaspersky TDSSKiller i am able to use both win7 and xp pro64, so i guess we should be looking at where my problem had started which is on win7, as of now i do not have the music/ads or whatever it was/is playing in the back ground,but, i do get additional web pages pop up when i go to a web page, such as when i came here i got a wizard 101 page loaded, don't have a clue what it is just closed it, also i had notice that the mouse would take 2 clicks(left) sometimes when on a web page-this makes me think i have a data logger too since I'm having issues- your the pc doctor so you lead me where i need to go.
Thank You for your patience and I'm glad your not dropping me with "woah dude, you got to much going on, get someone else"
  • 0

#20
Jasmyne
Posted 14 July 2013 - 01:39 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

LoL,
well after using the Kaspersky TDSSKiller i am able to use both win7 and xp pro64, so i guess we should be looking at where my problem had started which is on win7, as of now i do not have the music/ads or whatever it was/is playing in the back ground,but, i do get additional web pages pop up when i go to a web page, such as when i came here i got a wizard 101 page loaded, don't have a clue what it is just closed it, also i had notice that the mouse would take 2 clicks(left) sometimes when on a web page-this makes me think i have a data logger too since I'm having issues- your the pc doctor so you lead me where i need to go.

Are you able to boot in just safe mode or are you able to boot in normal mode with Windows 7? I'll consult with my instructor before I post which scan to run next so we can get rid of everything else that's going on.


Thank You for your patience and I'm glad your not dropping me with "woah dude, you got to much going on, get someone else"


You're welcome. :) I'm still learning so this makes for a great learning experience for me! Thanks for sticking with me, some people get frustrated when we have trouble getting scans and disappear.
  • 0

#21
jr chambers
Posted 14 July 2013 - 01:53 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
i am using it as normal, made sure that any programs that were loaded close to last month are removed and now, like i stated before it's alittle slow and the webpage pop-up, but it is useable.
Joel
  • 0

#22
Jasmyne
Posted 14 July 2013 - 01:54 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Now that we're booting we'll start from the beginning and see what is still on the machine. :)

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Make sure Use SafeList is selected under Extra Registry.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#23
jr chambers
Posted 14 July 2013 - 02:48 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
here are the logs....
OTL logfile created on: 7/14/2013 4:28:47 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joel c\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 66.19% Memory free
6.50 Gb Paging File | 5.22 Gb Available in Paging File | 80.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 755.73 Gb Total Space | 414.15 Gb Free Space | 54.80% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 298.51 Gb Free Space | 64.09% Space Free | Partition Type: NTFS
Drive E: | 175.78 Gb Total Space | 159.76 Gb Free Space | 90.89% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 4.29 Gb Free Space | 57.48% Space Free | Partition Type: FAT32

Computer Name: ASUS32BITMAINPC | User Name: joel c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/14 16:10:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
PRC - [2013/06/06 23:57:24 | 019,676,256 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/10 15:00:00 | 000,539,744 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
PRC - [2012/02/29 17:47:32 | 000,863,360 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
PRC - [2012/02/29 17:47:30 | 000,502,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
PRC - [2012/02/27 07:02:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIUE.EXE
PRC - [2012/01/26 18:07:52 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/12/22 08:31:08 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/12/06 17:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/11/11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/08/12 09:31:58 | 000,018,432 | ---- | M] (Snap-on Incorporated) -- C:\Program Files\Snap-on Incorporated\ShopStream Connect\ShopStreamConnectAutoStart.exe
PRC - [2011/07/04 18:42:28 | 000,323,304 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe
PRC - [2011/06/22 15:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\joel c\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 15:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\joel c\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/08/06 14:13:12 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\NServiceEntry.exe
PRC - [2010/04/12 13:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
PRC - [2010/04/07 17:57:14 | 000,190,976 | ---- | M] (AVerMedia Technologies, Inc. ) -- C:\Program Files\SnugTV\SnugTV Station\QuickStart.exe
PRC - [2010/03/09 18:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
PRC - [2010/03/03 09:11:15 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2010/02/03 00:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/02/03 00:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/01/05 15:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009/12/06 19:13:14 | 000,397,312 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009/10/30 12:48:42 | 000,348,160 | R--- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009/06/14 21:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe
PRC - [2009/06/14 21:23:22 | 000,380,928 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2005/01/14 10:58:04 | 000,339,968 | ---- | M] (Sonix) -- C:\Windows\vsnppro.exe
PRC - [2002/02/26 18:22:52 | 000,233,472 | R--- | M] (MySoftware, Inc.) -- C:\Program Files\Common Files\MySoftware\Newsflsh.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/14 15:46:53 | 000,805,888 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._gdi_.pyd
MOD - [2013/07/14 15:46:53 | 000,557,056 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\pysqlite2._sqlite.pyd
MOD - [2013/07/14 15:46:53 | 000,320,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32com.shell.shell.pyd
MOD - [2013/07/14 15:46:53 | 000,128,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_elementtree.pyd
MOD - [2013/07/14 15:46:53 | 000,098,816 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32api.pyd
MOD - [2013/07/14 15:46:53 | 000,070,656 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._html2.pyd
MOD - [2013/07/14 15:46:53 | 000,044,032 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_socket.pyd
MOD - [2013/07/14 15:46:53 | 000,026,624 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_multiprocessing.pyd
MOD - [2013/07/14 15:46:53 | 000,022,528 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32ts.pyd
MOD - [2013/07/14 15:46:53 | 000,011,264 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32crypt.pyd
MOD - [2013/07/14 15:46:52 | 001,022,416 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\windows._cacheinvalidation.pyd
MOD - [2013/07/14 15:46:52 | 000,735,232 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._misc_.pyd
MOD - [2013/07/14 15:46:52 | 000,364,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\pythoncom27.dll
MOD - [2013/07/14 15:46:52 | 000,110,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\PyWinTypes27.dll
MOD - [2013/07/14 15:46:52 | 000,087,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_ctypes.pyd
MOD - [2013/07/14 15:46:52 | 000,017,408 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32profile.pyd
MOD - [2013/07/14 15:46:51 | 001,175,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._core_.pyd
MOD - [2013/07/14 15:46:51 | 001,153,024 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_ssl.pyd
MOD - [2013/07/14 15:46:51 | 000,108,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32security.pyd
MOD - [2013/07/14 15:46:51 | 000,035,840 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32process.pyd
MOD - [2013/07/14 15:46:51 | 000,025,600 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32pdh.pyd
MOD - [2013/07/14 15:46:50 | 000,811,008 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._windows_.pyd
MOD - [2013/07/14 15:46:50 | 000,711,680 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\_hashlib.pyd
MOD - [2013/07/14 15:46:50 | 000,122,368 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._wizard.pyd
MOD - [2013/07/14 15:46:50 | 000,119,808 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32file.pyd
MOD - [2013/07/14 15:46:50 | 000,038,912 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32inet.pyd
MOD - [2013/07/14 15:46:49 | 001,062,400 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\wx._controls_.pyd
MOD - [2013/07/14 15:46:49 | 000,686,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\unicodedata.pyd
MOD - [2013/07/14 15:46:49 | 000,127,488 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\pyexpat.pyd
MOD - [2013/07/14 15:46:49 | 000,018,432 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\win32event.pyd
MOD - [2013/07/14 15:46:49 | 000,010,240 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI18562\select.pyd
MOD - [2012/09/02 23:22:11 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/09/02 22:37:19 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/09/02 22:37:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/09/02 22:36:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/09/02 22:36:33 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/09/02 22:36:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/09/02 22:36:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/09/02 22:36:02 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/09/02 22:35:43 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/12/06 17:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/11/11 15:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/03/22 21:04:04 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3685.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3685.42407__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3685.42406__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3685.42271__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3685.42263__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3685.42402__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3685.42396__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3685.42395__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3685.42400__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3685.42344__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3685.42331__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3685.42332__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3685.42353__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3685.42380__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3685.42324__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3685.42418__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3685.42313__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3685.42280__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3685.42311__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3685.42305__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3685.42320__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3685.42284__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3685.42321__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3685.42241__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/03/22 21:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3685.42236__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3685.42377__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3685.42248__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3685.42239__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3685.42237__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/03/22 21:04:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3685.42378__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3685.42235__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3685.42371__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/03/22 21:04:01 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3685.42270__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3685.42236__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3685.42247__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/03/22 21:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3685.42240__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3685.42243__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3685.42415__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010/03/22 21:04:00 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3685.42352__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3685.42300__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3685.42276__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/03/22 21:04:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3685.42323__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3685.42275__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3685.42248__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3685.42237__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/03/22 21:04:00 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3685.42243__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/03/22 21:03:59 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3685.42256__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/03/22 21:03:59 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3685.42364__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/03/22 21:03:59 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3685.42270__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/03/22 21:03:59 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3685.42372__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3685.42369__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3685.42246__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/03/22 21:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3685.42242__90ba9c70f846762e\APM.Server.dll
MOD - [2010/03/22 21:03:59 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3685.42247__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/03/22 21:03:59 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3685.42244__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/03/22 21:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3685.42241__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3685.42254__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3685.42239__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/03/22 21:03:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3685.42240__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3685.42371__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3685.42269__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3685.42255__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3685.42277__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3685.42246__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/01/28 18:36:50 | 000,091,136 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libXmppClient.dll
MOD - [2010/01/28 18:34:50 | 000,151,552 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libexpat.dll
MOD - [2010/01/28 18:34:50 | 000,090,624 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libgsasl.dll
MOD - [2010/01/19 14:44:14 | 000,027,136 | ---- | M] () -- C:\Program Files\SnugTV\SnugTV Station\AmaError.dll
MOD - [2010/01/05 15:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2009/11/24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/06/14 21:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/07/03 20:25:16 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 06:44:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/05/10 15:00:00 | 000,539,744 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/12/22 08:31:08 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/06 14:13:12 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/04/12 13:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2010/03/23 22:11:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/09 18:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2010/02/03 00:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/12/06 19:13:14 | 000,397,312 | R--- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/30 12:48:42 | 000,348,160 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/01/27 14:26:42 | 000,398,336 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motport.sys -- (motport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (androidusb)
DRV - [2012/01/18 02:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 02:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/11/08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/07/28 14:25:58 | 000,088,240 | ---- | M] (Pico Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\picopp.sys -- (PICOPP)
DRV - [2011/04/04 15:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 15:53:24 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/18 07:22:52 | 000,015,360 | ---- | M] (Pico Technology) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adc200.sys -- (adc200)
DRV - [2010/04/01 15:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/03/21 15:39:57 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/03/21 15:39:56 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010/02/03 00:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/02/03 00:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010/02/02 23:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/12/08 09:37:02 | 000,437,888 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
DRV - [2009/01/29 18:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2007/11/02 16:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2005/06/10 14:48:00 | 008,664,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snppro.sys -- (SNPPRO)
DRV - [2004/10/01 02:22:42 | 000,024,704 | ---- | M] (AIM Applicazioni Industriali Microprocessori s.r.l.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AIM_USBdrv10_01.sys -- (AIM_USBdriver)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.in.honda....asp/rraalog.asp
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.verizon.n...ewsroom.portal"
FF - prefs.js..extensions.enabledAddons: %7B9EB34849-81D3-4841-939D-666D522B889A%7D:1.4.0.111
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: extension%40FastFreeConverter.com:4.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {9EB34849-81D3-4841-939D-666D522B889A}:1.4.0.111
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/...?FORM=IEFM1&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\joel c\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\joel c\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/07/06 20:56:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/03 20:25:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/03 20:25:13 | 000,000,000 | ---D | M]

[2010/03/21 10:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Extensions
[2013/07/05 15:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions
[2010/04/27 07:17:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/08 15:25:24 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2013/05/16 07:39:06 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/07/05 15:11:28 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2010/03/22 20:37:18 | 000,001,819 | ---- | M] () -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\searchplugins\bing.xml
[2013/07/03 20:25:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/03 20:25:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES\FAST FREE CONVERTER\FASTFREECONVERTER\[email protected]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/07/11 18:32:46 | 000,450,068 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15450 more lines...
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MOTOPRINTUPnPPrintService] C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe shell.icon File not found
O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKLM..\Run: [snppro] C:\Windows\vsnppro.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [Grid] C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe ()
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized File not found
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [P2kAutostart] File not found
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: 164.109.25.72 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: 207.130.86.35 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acura.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acuraclientpurchaseexperience.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acurainfo.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acuraspinplay.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: ahmdealer.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: ahm-ownerlink.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: edcor.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: honda.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: honda.vo.llnwd.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaadcmd.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondacars.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondainfo.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondamap.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondapqr.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaprofessional.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaspinplay.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondasso.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: jdpa.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: jdpower.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: pcsc.acurasrs.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: prospectingacurasrs.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: travelhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: xmradio.com ([]* in Trusted sites)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.in.honda....tingActiveX.cab (MeadCo ScriptX)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} http://www.in.honda....AX/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://tstseminars....ng/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7B2A33D-DEDD-4148-BA5E-D98CA8E9A5AC}: NameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/06 09:42:00 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/16 23:31:56 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/20 09:55:04 | 000,000,706 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell\AutoRun\command - "" = G:\KODAK_Software_Downloader.exe
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009/12/30 21:56:26 | 002,538,056 | ---- | M] (Hewlett-Packard )
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009/12/30 21:56:26 | 002,538,056 | ---- | M] (Hewlett-Packard )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/14 16:10:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
[2013/07/14 15:15:48 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{A31458A3-8A14-4398-8E0B-D52A28E0AC3A}
[2013/07/14 12:32:28 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\PeaZip
[2013/07/13 16:55:08 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\joel c\Desktop\tdsskiller.exe
[2013/07/11 23:36:07 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/07/11 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4E68293B-8BC2-4CD4-8659-7C02606CEEB7}
[2013/07/10 07:34:29 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{87193DB9-A0F2-466F-A0A9-8F6651B20907}
[2013/07/09 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{2C7A1074-4DBC-4818-9A54-3C4542F15FAE}
[2013/07/08 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{8B222F98-0104-4D8D-9898-F901DA3CE3AC}
[2013/07/07 23:37:00 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{0F33085F-BFC3-4BC7-A479-5D1261C9E30E}
[2013/07/07 11:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Support for BasicServe
[2013/07/07 11:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013/07/07 11:37:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\DownloadTerms
[2013/07/07 11:37:21 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\SwvUpdater
[2013/07/07 09:23:02 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\vlc
[2013/07/07 09:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/07/07 09:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/07/07 08:51:45 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{9C17BC06-868C-45AE-B79C-DD9CC2D5A3BF}
[2013/07/05 23:07:24 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{545C2ADD-C106-4687-8BEE-71A3AD881AEB}
[2013/07/05 07:40:13 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{BF523AEF-9042-4150-94B8-CA9C4D810E5E}
[2013/07/04 11:20:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{ABF42E52-7234-4C2F-8FAF-A9018AA1EB2B}
[2013/07/03 22:27:32 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4FC587C3-BC98-4362-AC3B-5207FE2316AD}
[2013/07/03 20:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/03 07:28:59 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4FB30E89-17D2-4069-B06D-4CD94FB9E66A}
[2013/07/01 22:09:01 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{B32F4443-AD3E-4517-991D-A4D1D202D6FC}
[2013/07/01 07:27:02 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{790A747C-3CF4-48D1-8265-76996078916E}
[2013/06/30 10:02:38 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{DE05D14F-0084-4ED4-8BCA-9BE29B5A8884}
[2013/06/29 09:32:34 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{0E873F02-53EE-4097-9689-4008C0DB6A29}
[2013/06/28 07:21:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{3064E944-614C-462F-A1BF-DDC4D82C63F0}
[2013/06/27 07:07:55 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{7F11E3DE-CC4B-47C3-88D8-728C9E0A6B59}
[2013/06/26 18:22:35 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{5D24B308-E962-44D4-80BE-4E3A777E64D6}
[2013/06/25 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{C552CF2A-655D-4314-84DC-4671C5D9AF8E}
[2013/06/24 20:04:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{37C90FEB-28C0-4F91-9134-2D82D6C28F4B}
[2013/06/24 07:27:59 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{62020327-0A9F-4F4B-91C9-04590BA0703E}
[2013/06/23 12:42:08 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{14CA5D7A-2144-4B14-A87B-B8EFC0E3799A}
[2013/06/22 09:48:03 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4CF9BFE6-40DC-40B5-8946-F7A65EBE2B2A}
[2013/06/21 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{85C12DAA-3E40-4FFC-9929-DE416619BA5D}
[2013/06/21 07:32:14 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{8DF9B272-56CA-4A27-97B0-6F10AB74BA6E}
[2013/06/20 19:31:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{C878594F-1566-461A-BC84-1DE815699CA8}
[2013/06/20 07:16:30 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{71C4C177-3D06-4E92-A0C9-B2E7A894750D}
[2013/06/19 07:24:34 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{40937C3F-68BF-48A0-A296-6CED412DC070}
[2013/06/18 07:31:49 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{969C6BF1-606E-4FDC-9475-FA42D107BF92}
[2013/06/17 07:26:15 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{FCF88FF1-907B-4D5D-84D6-48130C6A3A85}
[2013/06/16 17:57:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{EE62EAB9-9FE0-4289-9CA7-99EE5699D913}
[2013/06/14 18:48:23 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{DDFB4A44-FD87-41E4-B365-FCD3B1CCF28A}

========== Files - Modified Within 30 Days ==========

[2013/07/14 16:26:39 | 000,000,342 | -H-- | M] () -- C:\dvmexp.idx
[2013/07/14 16:14:26 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001UA.job
[2013/07/14 16:14:25 | 000,002,376 | ---- | M] () -- C:\Users\joel c\Desktop\Google Chrome.lnk
[2013/07/14 16:14:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/14 16:14:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/14 16:10:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
[2013/07/14 15:53:55 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/14 15:53:55 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/14 15:51:14 | 000,632,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/14 15:51:14 | 000,110,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/14 15:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/14 15:46:01 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/14 15:44:17 | 000,000,002 | ---- | M] () -- C:\END
[2013/07/14 15:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/13 17:14:23 | 296,862,089 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/13 16:29:41 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\joel c\Desktop\tdsskiller.exe
[2013/07/11 23:43:55 | 000,003,232 | ---- | M] () -- C:\bootsqm.dat
[2013/07/11 20:12:27 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001Core.job
[2013/07/11 20:06:41 | 000,001,078 | ---- | M] () -- C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/07/11 18:32:46 | 000,450,068 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/07/07 09:22:50 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/07/06 20:54:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2013/07/05 14:25:07 | 000,010,240 | ---- | M] () -- C:\Users\joel c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/04 11:27:02 | 000,001,990 | ---- | M] () -- C:\Users\joel c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/06/21 18:31:48 | 000,083,726 | ---- | M] () -- C:\Users\joel c\Desktop\car bill of sale form.pdf

========== Files Created - No Company Name ==========

[2013/07/14 15:44:17 | 000,000,002 | ---- | C] () -- C:\END
[2013/07/11 23:43:55 | 000,003,232 | ---- | C] () -- C:\bootsqm.dat
[2013/07/07 09:22:50 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/21 18:31:47 | 000,083,726 | ---- | C] () -- C:\Users\joel c\Desktop\car bill of sale form.pdf
[2013/06/19 17:44:54 | 000,001,078 | ---- | C] () -- C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/05/18 10:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/05/09 19:14:14 | 000,000,388 | ---- | C] () -- C:\Windows\AIM_RACE_STUDIO.INI
[2013/04/18 18:32:16 | 000,000,296 | ---- | C] () -- C:\Users\joel c\.JavaPowUpload.properties
[2013/03/08 22:03:17 | 000,003,120 | ---- | C] () -- C:\Windows\winy2.ini
[2013/03/08 22:02:41 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2013/03/08 22:02:41 | 000,010,496 | ---- | C] () -- C:\Windows\System32\Machnm64.sys
[2013/03/08 22:02:41 | 000,007,168 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/11/18 18:10:02 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2540.ini
[2012/08/24 13:40:05 | 000,001,479 | ---- | C] () -- C:\Windows\station.ini
[2012/08/24 13:39:28 | 000,001,356 | ---- | C] () -- C:\Windows\resumes.ini
[2012/08/24 13:38:42 | 000,000,034 | ---- | C] () -- C:\Windows\brochure.ini
[2012/08/24 13:37:58 | 000,001,458 | ---- | C] () -- C:\Windows\newslet.ini
[2012/08/24 13:36:02 | 000,001,510 | ---- | C] () -- C:\Windows\greeting.ini
[2012/06/03 19:06:03 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/06/03 19:06:03 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012/04/05 20:36:05 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/03/28 21:07:10 | 000,015,872 | ---- | C] () -- C:\Users\joel c\mortagage envelope.wps
[2012/03/21 21:46:41 | 000,003,850 | ---- | C] () -- C:\Windows\scad3.INI
[2012/02/02 14:55:02 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/18 02:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 02:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 02:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/17 20:04:48 | 000,010,240 | ---- | C] () -- C:\Users\joel c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/20 22:19:01 | 000,000,662 | ---- | C] () -- C:\Users\joel c\AppData\Local\MOTOPRINTUPnPService
[2011/09/05 16:33:54 | 000,103,720 | ---- | C] () -- C:\Users\joel c\GoToAssistDownloadHelper.exe
[2011/08/12 13:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 07:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/13 21:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2010/11/20 08:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/13 21:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 08:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 17:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/04/24 00:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 08:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/13 21:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 08:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2010/11/20 08:20:30 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/13 21:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 06:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 01:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/13 21:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 08:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 08:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 08:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 08:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 08:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/05/01 00:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 08:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 08:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 08:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 08:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 08:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 08:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 08:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/13 21:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 08:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES._ >
[2002/08/29 08:00:00 | 000,001,989 | ---- | M] () MD5=29BB3BBBE3D49156A42BFB3DD000F554 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpprosurce\I386\SERVICES._
[2006/03/29 08:00:00 | 000,003,341 | ---- | M] () MD5=EC2E6BC3AAC81579D1E95DD132E97672 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpsource 64bit\AMD64\SERVICES._

< MD5 for: SERVICES.CFG >
[2012/07/27 16:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.CSS >
[2005/06/29 14:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files\Intuit\QuickBooks 2009\Components\Services\services.css

< MD5 for: SERVICES.EX_ >
[2009/02/06 07:06:24 | 000,049,921 | ---- | M] () MD5=0FD040A160F1065590DA5BBB50AEB870 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpprosurce\I386\SERVICES.EX_
[2007/02/17 01:54:26 | 000,088,769 | ---- | M] () MD5=61CC48CB962FB967578ADE3417F0C81C -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\Plugins\64_64_SP2.EXE\amd64\services.ex_
[2009/07/14 11:57:06 | 000,090,161 | ---- | M] () MD5=DE6915C3876407776EC113DC4BE7CAD8 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpsource 64bit\AMD64\SERVICES.EX_

< MD5 for: SERVICES.EXE >
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Users\joel c\AppData\Local\Temp\services.exe.mui
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.HEARSTMAGS[1].XML >
[2012/10/14 14:58:49 | 000,000,213 | ---- | M] () MD5=0A5E7BC82C5D665484A4595446060807 -- C:\Users\Becky\AppData\Local\Microsoft\Internet Explorer\DOMStore\HRSMERWI\services.hearstmags[1].xml

< MD5 for: SERVICES.LNK >
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MS_ >
[2006/03/29 08:00:00 | 000,003,649 | ---- | M] () MD5=4E458D3CBCE7C17B339B5DCA4C63EA67 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpsource 64bit\AMD64\SERVICES.MS_
[2002/08/29 08:00:00 | 000,003,649 | ---- | M] () MD5=64E9F61D2ED093C361862DE36433B5E1 -- C:\Users\joel c\Documents\FireFox downloads\unattended build software\build disc iso\xpprosurce\I386\SERVICES.MS_

< MD5 for: SERVICES.MSC >
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:44 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 52D0-0376
Directory of C:\
07/14/2009 12:53 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:53 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Becky
03/20/2010 01:50 PM <JUNCTION> Application Data [C:\Users\Becky\AppData\Roaming]
03/20/2010 01:50 PM <JUNCTION> Cookies [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Cookies]
03/20/2010 01:50 PM <JUNCTION> Local Settings [C:\Users\Becky\AppData\Local]
03/20/2010 01:50 PM <JUNCTION> My Documents [C:\Users\Becky\Documents]
03/20/2010 01:50 PM <JUNCTION> NetHood [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/20/2010 01:50 PM <JUNCTION> PrintHood [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/20/2010 01:50 PM <JUNCTION> Recent [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Recent]
03/20/2010 01:50 PM <JUNCTION> SendTo [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\SendTo]
03/20/2010 01:50 PM <JUNCTION> Start Menu [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Start Menu]
03/20/2010 01:50 PM <JUNCTION> Templates [C:\Users\Becky\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Becky\AppData\Local
03/20/2010 01:50 PM <JUNCTION> Application Data [C:\Users\Becky\AppData\Local]
03/20/2010 01:50 PM <JUNCTION> History [C:\Users\Becky\AppData\Local\Microsoft\Windows\History]
03/20/2010 01:50 PM <JUNCTION> Temporary Internet Files [C:\Users\Becky\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Becky\Documents
03/20/2010 01:50 PM <JUNCTION> My Music [C:\Users\Becky\Music]
03/20/2010 01:50 PM <JUNCTION> My Pictures [C:\Users\Becky\Pictures]
03/20/2010 01:50 PM <JUNCTION> My Videos [C:\Users\Becky\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:53 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 12:53 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:53 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:53 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:53 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:53 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:53 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\joel c
03/20/2010 09:48 AM <JUNCTION> Application Data [C:\Users\joel c\AppData\Roaming]
03/20/2010 09:48 AM <JUNCTION> Cookies [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Cookies]
03/20/2010 09:48 AM <JUNCTION> Local Settings [C:\Users\joel c\AppData\Local]
03/20/2010 09:48 AM <JUNCTION> My Documents [C:\Users\joel c\Documents]
03/20/2010 09:48 AM <JUNCTION> NetHood [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/20/2010 09:48 AM <JUNCTION> PrintHood [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/20/2010 09:48 AM <JUNCTION> Recent [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Recent]
03/20/2010 09:48 AM <JUNCTION> SendTo [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\SendTo]
03/20/2010 09:48 AM <JUNCTION> Start Menu [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu]
03/20/2010 09:48 AM <JUNCTION> Templates [C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\joel c\AppData\Local
03/20/2010 09:48 AM <JUNCTION> Application Data [C:\Users\joel c\AppData\Local]
03/20/2010 09:48 AM <JUNCTION> History [C:\Users\joel c\AppData\Local\Microsoft\Windows\History]
03/20/2010 09:48 AM <JUNCTION> Temporary Internet Files [C:\Users\joel c\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\joel c\Documents
03/20/2010 09:48 AM <JUNCTION> My Music [C:\Users\joel c\Music]
03/20/2010 09:48 AM <JUNCTION> My Pictures [C:\Users\joel c\Pictures]
03/20/2010 09:48 AM <JUNCTION> My Videos [C:\Users\joel c\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
66 Dir(s) 444,151,767,040 bytes free

< End of report >
OTL Extras logfile created on: 7/14/2013 4:28:47 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joel c\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 66.19% Memory free
6.50 Gb Paging File | 5.22 Gb Available in Paging File | 80.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 755.73 Gb Total Space | 414.15 Gb Free Space | 54.80% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 298.51 Gb Free Space | 64.09% Space Free | Partition Type: NTFS
Drive E: | 175.78 Gb Total Space | 159.76 Gb Free Space | 90.89% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 4.29 Gb Free Space | 57.48% Space Free | Partition Type: FAT32

Computer Name: ASUS32BITMAINPC | User Name: joel c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01166018-3A00-4EB6-A40C-3C3745514447}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0597401E-A95E-4CFD-9768-FA362094AFAE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{070E6757-A469-444D-BB58-A3C6B410F703}" = rport=445 | protocol=6 | dir=out | app=system |
"{0E1FA0A2-4E7C-4C53-9FC3-B3CE755712E3}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{1E5F7DAB-EBD2-4414-9436-BF819AE4179A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{23B6D44E-A25E-45D3-BC6C-D98B845B41EB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{31DEA481-EC38-40F3-9A30-711370940336}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{373B11CD-91F4-4FCF-9947-FEFD3CC740FD}" = lport=58081 | protocol=6 | dir=in | svc=* | name=motoprint host_58081 |
"{37D41800-74D7-478C-8429-C570E132D03B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{39CCF1D3-4B5A-48A1-97AA-866EDC9BDAAF}" = rport=138 | protocol=17 | dir=out | app=system |
"{3E235696-2F07-4630-A29E-6033C36841D6}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{43A7C17E-FAC7-423D-978E-B42F37508D92}" = rport=139 | protocol=6 | dir=out | app=system |
"{497CB89D-F5AA-4941-9716-C5E75056E8DC}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdater.exe |
"{49BEE1D4-495B-4D30-902E-06A288E196A8}" = rport=137 | protocol=17 | dir=out | app=system |
"{5325CE92-A642-4320-9DCD-4A5DA63EB522}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{5B3C0492-09AD-4952-B928-C98F4F2F7197}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{5EA4FBC2-DA7D-4E37-AE7A-F60122C5E245}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{60CBB68B-A112-4ACE-9285-76FE35F80C4E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{66A94D78-D22A-4B39-B40B-0E028D5C464A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{718AF91C-37CD-4CFB-87F3-67EF91F2A65A}" = lport=137 | protocol=17 | dir=in | app=system |
"{72A3B4CE-C08C-4FA0-B09A-F654FFBE82DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7832797A-4768-44B1-93FA-B607E120869B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{80268598-B41A-4D56-9AA7-2B50E1DB3501}" = lport=139 | protocol=6 | dir=in | app=system |
"{8778A274-8DBD-4E2A-A503-E4184027D1E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8947AEEF-BDB1-4D9F-A08C-501D5C904CBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8AA7E633-F6AB-4407-824C-265E2C449023}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9575C4FF-740E-4EB8-8DCF-318D06598FAD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9CBACC29-1946-4A02-8181-DB22A689B321}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{A1C0A30D-8B81-4042-81AF-7F5BA06A4327}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ACA5A330-FA93-4A15-B060-F1CF22597C6A}" = lport=445 | protocol=6 | dir=in | app=system |
"{C1B1EECC-12D7-4BDC-9921-4E5A1ABF87C9}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service v4\intuitupdateservice.exe |
"{E2488125-32DE-4F25-96AB-4DA7AF111A47}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F5CFB02A-6D39-49E5-A67F-101B901067BA}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB419D80-BE03-4BD9-A5BF-7B11CBC33B43}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF0F3F18-FCBB-4F16-98C1-AD655FCF6577}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E4CAD64-9E14-42FC-90C9-BDC230EEEC67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F3F8B21-938D-4A5B-AB88-3C3BA0667BF3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{111BF545-7E40-43FF-B4C0-74C93A9324AC}" = protocol=17 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{348721FB-818E-4C98-94DC-BD64D962C67E}" = dir=in | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{3557A5CD-52AD-497B-9579-B9CFEC4ABE37}" = protocol=6 | dir=out | app=system |
"{35640DA5-CD6D-4FE9-B101-501777D18376}" = protocol=6 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{37BCF1B2-0073-4B47-84BE-6BFE503333CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4BD9FDD6-50DE-4FA7-BFC6-65735D2901C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4CE76F57-0BD6-4103-981A-88D7916A2E49}" = protocol=1 | dir=out | [email protected],-28544 |
"{548BD919-C7CF-48A1-86B7-6D836FFEBA71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56D7C72D-7931-47C4-AE2B-C56D198A12BF}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{5C63C21A-12D9-49C6-B81A-B8F3C223E2D0}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{624847B6-4C63-42A4-AA64-290048798F46}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |
"{6B0F0EC5-400A-4171-B084-6C798F438970}" = protocol=58 | dir=in | [email protected],-28545 |
"{78A73CAB-8409-4DE7-B31E-B54036CC40EA}" = protocol=6 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe |
"{78BA0E0C-AB38-42A6-B217-F842D7450C0A}" = protocol=6 | dir=in | app=c:\program files\tango\tango.exe |
"{7BC86439-C316-4D36-975B-12ED78D7A598}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{825B5AAF-7D11-434B-9853-1395733FB1EE}" = dir=in | app=c:\program files\zecter\zumocast\zumocast.exe |
"{8D891710-7A01-4C4E-9962-B95D9F15AC0E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{9D7B8B88-0BD1-4918-98F1-7297B5111D23}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A39473A0-5893-4B8B-B35A-A2A9241F9FAB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A53064B5-F207-47D7-A7AE-18403116E26E}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |
"{A53E1E0E-1EF7-4CF3-8EB4-69FA6F676529}" = dir=out | app=c:\program files\zecter\zumocast\bin\gst-thumbnailer.exe |
"{AFA029FE-E003-4AB7-A868-0FA88BA8F434}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe |
"{B63569AB-4DA0-4DDE-80B1-4BADFA4D92E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B7C063A0-2217-4C69-8B26-1F1A93EDA901}" = dir=out | app=c:\program files\zecter\zumocast\zumocast.exe |
"{B82A5A3C-E0EF-41A7-BBBC-6D3D1699CA43}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe |
"{B8F917B3-76B8-4558-865C-02F9F480D3A3}" = protocol=1 | dir=in | [email protected],-28543 |
"{C3A55379-01E6-43CC-96E7-A857E46FFB8B}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe |
"{C826324C-17C5-49B7-9EAC-6EB8A57B7D17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C902C132-C1BF-4B35-A6C6-054AB385659F}" = protocol=17 | dir=in | app=c:\program files\tango\tango.exe |
"{D9E2BC4B-FF3F-4DDB-A72D-B1D6F83BC67B}" = protocol=17 | dir=in | app=c:\program files\epson software\ecprintersetup\enpapp.exe |
"{E7058B3F-D704-48F6-9858-EDC1E1750E68}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7C9A48E-778A-4448-99BB-8D87A3ABA016}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E9854992-F21B-4257-83C8-1049B0C69EB0}" = protocol=58 | dir=out | [email protected],-28546 |
"{F9833F1F-0723-437B-BE2E-3A028CB59042}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF1D49B0-0FE5-4E5E-9989-2432BDCF34F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{01B37567-3EBD-4091-A58F-6D6ACA4978E6}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{05AD9EB6-08E7-4A2E-8ECA-466F37D86DE4}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{0A674E78-61E7-469B-B448-CF70C6AFA81F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{2D6F52A6-D68B-43A7-A5E2-03924ACD0A59}F:\setup.exe" = protocol=6 | dir=in | app=f:\setup.exe |
"TCP Query User{5C812C53-2E5D-460C-BB00-16D471ED551C}C:\diagnostic manuals\manual_viewer.exe" = protocol=6 | dir=in | app=c:\diagnostic manuals\manual_viewer.exe |
"TCP Query User{5FC26F14-47A6-4516-8416-059CD14F32E5}C:\aim_sport\racestudio2\rs2analysis.exe" = protocol=6 | dir=in | app=c:\aim_sport\racestudio2\rs2analysis.exe |
"TCP Query User{658D80CB-B841-4C4C-A21C-1EB12C302AD4}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{66CBE4D4-B62D-4585-9460-53DC488F1EDD}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{682BEC9F-51B8-41E0-BF2D-F3F0B6ECFC5F}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{73CBA66F-92A7-4332-B30F-D2B95C5F1CCE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{76F7E274-CA27-463A-A0E2-94FF1A6B5CFF}C:\program files\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"TCP Query User{852F84D0-E5FE-4DCF-ABD5-7AC69123CA9E}F:\manual_viewer.exe" = protocol=6 | dir=in | app=f:\manual_viewer.exe |
"TCP Query User{8BA19C77-AF24-4892-B521-FCD7EA20EC00}C:\program files\motorola media link\mml.exe" = protocol=6 | dir=in | app=c:\program files\motorola media link\mml.exe |
"TCP Query User{8DFC9A68-5DA8-4D6B-9360-F1D2410EA566}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{AECCC818-7A7F-4496-AA9C-58527FBEDC80}C:\program files\tango\tango.exe" = protocol=6 | dir=in | app=c:\program files\tango\tango.exe |
"UDP Query User{022D122C-819E-4EC4-B23C-88FAA4A88FB7}C:\diagnostic manuals\manual_viewer.exe" = protocol=17 | dir=in | app=c:\diagnostic manuals\manual_viewer.exe |
"UDP Query User{17634841-C6D6-4D5D-807C-FBA72F44818A}F:\manual_viewer.exe" = protocol=17 | dir=in | app=f:\manual_viewer.exe |
"UDP Query User{2CD69420-B910-4240-8D57-3ACB263F2F09}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{2E13E0DE-BA3B-4C3D-A46F-64D154C1F3FD}C:\program files\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files\motorola\software update\msu.exe |
"UDP Query User{5840B4D5-EE3B-458C-95CE-43C65CB36B7D}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{5BAFDDEB-7BAD-42D6-A834-AED5B90392F4}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{6BEF296E-AED7-433D-ACD6-A47BC9ED304E}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{74E0217B-EB3C-426E-A3BD-CFF960DF9D45}F:\setup.exe" = protocol=17 | dir=in | app=f:\setup.exe |
"UDP Query User{8C106A8E-93DA-4008-9C11-CD675A78D765}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{987D8C20-F5D4-4110-B3C0-DEA1839913F5}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{9CA3826A-F6BF-4B39-B47C-188D97DB8FF8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{ACBF5E5B-9424-4A2F-8306-A1BC4B159BE9}C:\program files\motorola media link\mml.exe" = protocol=17 | dir=in | app=c:\program files\motorola media link\mml.exe |
"UDP Query User{B7701ECC-88DD-47EB-BBE1-DA976AE2F613}C:\program files\tango\tango.exe" = protocol=17 | dir=in | app=c:\program files\tango\tango.exe |
"UDP Query User{DD7CE2E9-13FA-41C8-83F9-D4DD31EFB782}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EEEF40B5-D3DF-44D7-ACA9-1A67DC2FCE08}C:\aim_sport\racestudio2\rs2analysis.exe" = protocol=17 | dir=in | app=c:\aim_sport\racestudio2\rs2analysis.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00110409-78E1-11D2-B60F-006097C998E7}" = Microsoft Excel 2000
"{00CC55E1-EA68-22D4-92DF-B94F287DCE40}" = ccc-core-static
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E76D6D4-5EFD-0714-1E65-E5B0ED1C9731}" = Catalyst Control Center Core Implementation
"{12349026-2776-495C-BCD8-3A22170AB66F}" = Label Maker
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FE80E58-0774-4EC3-B6BA-68876B88D4B9}" = TurboTax 2011 wvaiper
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D206DBD-6491-26BD-0DFA-165AA8A0CFFD}" = Catalyst Control Center Graphics Light
"{2D3B4614-7291-583D-A925-476924FF5A5F}" = Catalyst Control Center Graphics Previews Common
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3D29DFC0-EAA2-012B-AED3-000000000000}" = TurboTax 2009 wvaiper
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{44180AF6-7A2A-B2C6-CBC9-AF2547AFD8E6}" = ATI Catalyst Install Manager
"{44F72193-F59C-4303-BAE8-E3E4BC1C122C}" = Epson Event Manager
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A0D29E3-8B40-4659-9197-6F28D401E549}" = Greeting Cards
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53C66B81-12A4-42BF-A78B-FE9E4DC986A8}" = Diagnostic Manuals
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5B479C22-7B50-5D31-7BD9-02D1260254D3}" = Catalyst Control Center HydraVision Full
"{5C08784B-D955-4BB4-8C70-43C89A738F58}" = Motorola Phone Tools
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{695C8469-7822-4B31-A673-5ED84815B649}" = Epson E-Web Print
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C12B6BF-3891-497B-B5CA-3D64DA093947}" = Motorola Mobile Drivers Installation 5.4.0
"{6D372DFB-666E-FD3D-8B23-C116A8F5A643}" = Catalyst Control Center Graphics Full Existing
"{6E994B82-FE8B-2777-295A-4D6F4314E8DD}" = ccc-utility
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BAF38F0-915F-484F-8801-40328051E6E3}" = ShopStream Connect
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FBAE9CB-00F7-4893-A6E0-760AEC273897}" = Bookkeeper
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{87C36F73-C64E-48A1-B3B7-6FA74A3A24DE}" = Resumes
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A42AEAD-D4E6-42A8-9815-8AB9FFBC96B0}" = Mail List
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9de4f158-c34e-48f3-bc01-0d635a7c46c7}" = PicoScope 6 Automotive
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = iSEEK AnswerWorks English Runtime
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A737E18A-5171-40D0-8034-7DD243420081}" = Software Updater
"{A75BC59B-10BF-6B87-DCC7-3501F158ACC6}" = Times Reader
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC1BB147-162B-4885-BC66-E068C95F5E86}" = MOTOPRINT Host
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B19B0578-ACFC-4471-BB32-A7E63F4882C2}" = A.C.E. Misfire Detective
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3491D28-DCF7-0D3E-1B3F-28E6FCDE659F}" = HydraVision
"{B3D726D7-12FC-B85D-E6C9-54536827A01A}" = Catalyst Control Center Graphics Previews Vista
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B861130B-9833-11D3-96D0-00A0CC3F8931}" = Personal Legal Forms
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BB830F9E-53B3-492F-B39C-2DF615D1C9E1}" = TurboTax 2010 wvaiper
"{C09EDA0B-0F8A-4F02-8922-43247E695F0F}" = RACE STUDIO 2
"{C176CB21-4E7D-D56D-905B-F4A4CB1301AD}" = Catalyst Control Center Graphics Full New
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA532E73-1BB7-11D8-9D6A-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_07
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD507F08-BCE6-4EF0-BDBB-3E160CA35D0D}" = Type Stylist
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D08227C9-78C3-48E0-B460-63A7C1DFCBF0}" = Motorola Software Update
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"{D362B928-6741-48AD-B028-E08E71A95283}" = Newsletters
"{D3BD4C42-B54D-DD47-68EC-5DD1D6097E6F}" = CCC Help English
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D647F06F-2908-487E-9CDA-DE52148CBF49}" = OverDrive Media Console
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DBA9484F-B5D5-4EE8-9BBA-8C66C89969B5}" = Web Page Designer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7B75778-78A1-4CBB-AABB-062A15BF3813}" = Stationery
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20F8E93-3471-1808-AC39-7CE622FCBB4B}" = Catalyst Control Center InstallProxy
"{F49FEF83-45CA-4CE8-8304-A7372BA07AA9}" = Motorola Phone Tools
"{F6C368A7-0DD5-4DA1-BDE1-4369AFA45B4E}" = SnugTV Station
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{F9744A36-165D-40D0-964F-94A018C603C0}_is1" = Automotive Fix Database version 1.0.0.5
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Ares" = Ares 2.1.5
"AVerMedia H826 series driver" = AVerMedia H826 series driver 2.0.0.126
"AVerMedia Media Center Plug-ins" = AVerMedia Media Center Plug-ins 2.0.8.0
"Battle.net" = Battle.net
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Diablo" = Diablo
"EPSON Connect_is1" = EPSON Connect version 1.0
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Remote Print" = EPSON Remote Print Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON WF-2540 Series" = EPSON WF-2540 Series Printer Uninstall
"FastTrack_2_0_0_is1" = Fast-Track® Reference Viewer 2.1.0.0
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}" = AVerMedia Applications
"InstallShield_{AC1BB147-162B-4885-BC66-E068C95F5E86}" = MOTOPRINT Host
"InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}" = AVer Media Center
"IrfanView" = IrfanView (remove only)
"Java Web Start" = Java Web Start
"Logitech Vid" = Logitech Vid HD
"LTCM Client" = LTCM Client
"LTspice IV" = LTspice IV
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MotoHelper" = MotoHelper 2.1.32 Driver 5.4.0
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SuccessScreensaver" = SuccessScreensaver
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"VLC media player" = VLC media player 2.0.7
"WinLiveSuite" = Windows Live Essentials
"ZumoCast" = ZumoCast

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"JoinMe" = join.me

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/12/2013 7:11:50 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:12:50 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:13:50 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:14:50 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:15:50 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:16:51 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:17:51 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/12/2013 7:18:51 AM | Computer Name = asus32bitmainpc | Source = SDWinSec.exe | ID = 0
Description =

Error - 7/13/2013 5:07:15 PM | Computer Name = asus32bitmainpc | Source = MsiInstaller | ID = 11706
Description =

Error - 7/13/2013 5:26:11 PM | Computer Name = asus32bitmainpc | Source = MsiInstaller | ID = 11706
Description =

[ AVer AutoUpdate Events ]
Error - 7/14/2013 3:14:01 PM | Computer Name = asus32bitmainpc | Source = AVerUpdate Server | ID = 0
Description =

Error - 7/14/2013 3:58:21 PM | Computer Name = asus32bitmainpc | Source = AVerUpdate Server | ID = 0
Description =

[ Media Center Events ]
Error - 11/3/2011 5:53:43 PM | Computer Name = asus32bitmainpc | Source = MCUpdate | ID = 0
Description = 5:53:38 PM - Error connecting to the internet. 5:53:38 PM - Unable
to contact server..

[ System Events ]
Error - 7/14/2013 1:00:05 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:00:05 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:00:12 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:00:23 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:00:53 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:01:23 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:01:54 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:02:24 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 1:02:54 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 7/14/2013 3:44:11 PM | Computer Name = asus32bitmainpc | Source = Service Control Manager | ID = 7034
Description = The FastFreeConverterUpdt service terminated unexpectedly. It has
done this 1 time(s).


< End of report >
  • 0

#24
Jasmyne
Posted 15 July 2013 - 10:51 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Let's get rid of what's there and see if there's anything left. Let me know how things are running after this.

Step 1 - OTL Fix
Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint]

:OTL
[2013/07/07 11:37:21 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\SwvUpdater

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.

Step 2 - Malwarebytes Scan

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3 - ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan

Step 4 - Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix Log
2. New OTL Log
3. MalwareBytes Log
4. ESET Online Scan Log
6. Security Check Log (checkup.txt)
7. How is your computer running?
  • 0

#25
jr chambers
Posted 16 July 2013 - 05:31 AM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
here are the logs you asked for, the ESET scan showed to have 9 threats, i did not remove them as i was not instructed to do so.
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
C:\Users\joel c\AppData\Local\SwvUpdater folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Becky
->Temp folder emptied: 745237513 bytes
->Temporary Internet Files folder emptied: 382256785 bytes
->Java cache emptied: 160739 bytes
->FireFox cache emptied: 255218388 bytes
->Flash cache emptied: 181932 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: joel c
->Temp folder emptied: 1227769758 bytes
->Temporary Internet Files folder emptied: 494134360 bytes
->Java cache emptied: 6088491 bytes
->FireFox cache emptied: 435963046 bytes
->Google Chrome cache emptied: 12811238 bytes
->Flash cache emptied: 123081 bytes

User: Public

User: user

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 256710963 bytes
RecycleBin emptied: 28747209156 bytes

Total Files Cleaned = 31,055.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07152013_175602

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
OTL logfile created on: 7/15/2013 8:02:51 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joel c\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.14 Gb Available Physical Memory | 65.72% Memory free
6.50 Gb Paging File | 5.22 Gb Available in Paging File | 80.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 755.73 Gb Total Space | 442.98 Gb Free Space | 58.62% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 298.51 Gb Free Space | 64.09% Space Free | Partition Type: NTFS
Drive E: | 175.78 Gb Total Space | 159.76 Gb Free Space | 90.89% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 4.29 Gb Free Space | 57.48% Space Free | Partition Type: FAT32

Computer Name: ASUS32BITMAINPC | User Name: joel c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/14 16:10:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
PRC - [2013/06/06 23:57:24 | 019,676,256 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/10 15:00:00 | 000,539,744 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
PRC - [2012/02/29 17:47:32 | 000,863,360 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
PRC - [2012/02/29 17:47:30 | 000,502,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
PRC - [2012/02/27 07:02:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIUE.EXE
PRC - [2012/01/26 18:07:52 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/12/22 08:31:08 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/12/06 17:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/11/11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/08/12 09:31:58 | 000,018,432 | ---- | M] (Snap-on Incorporated) -- C:\Program Files\Snap-on Incorporated\ShopStream Connect\ShopStreamConnectAutoStart.exe
PRC - [2011/07/04 18:42:28 | 000,323,304 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe
PRC - [2011/06/22 15:31:34 | 001,353,232 | ---- | M] (Logitech, Inc.) -- C:\Users\joel c\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
PRC - [2011/06/22 15:31:30 | 000,351,248 | ---- | M] (Logitech, Inc.) -- C:\Users\joel c\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/08/06 14:13:12 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\NServiceEntry.exe
PRC - [2010/04/12 13:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
PRC - [2010/04/07 17:57:14 | 000,190,976 | ---- | M] (AVerMedia Technologies, Inc. ) -- C:\Program Files\SnugTV\SnugTV Station\QuickStart.exe
PRC - [2010/03/09 18:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
PRC - [2010/03/03 09:11:15 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2010/02/03 00:17:28 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/02/03 00:16:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/01/05 15:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009/12/06 19:13:14 | 000,397,312 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009/10/30 12:48:42 | 000,348,160 | R--- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009/06/14 21:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe
PRC - [2009/06/14 21:23:22 | 000,380,928 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2005/01/14 10:58:04 | 000,339,968 | ---- | M] (Sonix) -- C:\Windows\vsnppro.exe
PRC - [2002/02/26 18:22:52 | 000,233,472 | R--- | M] (MySoftware, Inc.) -- C:\Program Files\Common Files\MySoftware\Newsflsh.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/15 18:06:50 | 000,557,056 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\pysqlite2._sqlite.pyd
MOD - [2013/07/15 18:06:50 | 000,320,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32com.shell.shell.pyd
MOD - [2013/07/15 18:06:50 | 000,128,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_elementtree.pyd
MOD - [2013/07/15 18:06:50 | 000,098,816 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32api.pyd
MOD - [2013/07/15 18:06:50 | 000,070,656 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._html2.pyd
MOD - [2013/07/15 18:06:50 | 000,044,032 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_socket.pyd
MOD - [2013/07/15 18:06:50 | 000,026,624 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_multiprocessing.pyd
MOD - [2013/07/15 18:06:50 | 000,022,528 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32ts.pyd
MOD - [2013/07/15 18:06:50 | 000,011,264 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32crypt.pyd
MOD - [2013/07/15 18:06:49 | 001,022,416 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\windows._cacheinvalidation.pyd
MOD - [2013/07/15 18:06:49 | 000,805,888 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._gdi_.pyd
MOD - [2013/07/15 18:06:49 | 000,735,232 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._misc_.pyd
MOD - [2013/07/15 18:06:49 | 000,364,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\pythoncom27.dll
MOD - [2013/07/15 18:06:49 | 000,087,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_ctypes.pyd
MOD - [2013/07/15 18:06:49 | 000,017,408 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32profile.pyd
MOD - [2013/07/15 18:06:48 | 001,175,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._core_.pyd
MOD - [2013/07/15 18:06:48 | 000,110,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\PyWinTypes27.dll
MOD - [2013/07/15 18:06:48 | 000,108,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32security.pyd
MOD - [2013/07/15 18:06:47 | 001,153,024 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_ssl.pyd
MOD - [2013/07/15 18:06:47 | 000,811,008 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._windows_.pyd
MOD - [2013/07/15 18:06:47 | 000,711,680 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\_hashlib.pyd
MOD - [2013/07/15 18:06:47 | 000,122,368 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._wizard.pyd
MOD - [2013/07/15 18:06:47 | 000,119,808 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32file.pyd
MOD - [2013/07/15 18:06:47 | 000,035,840 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32process.pyd
MOD - [2013/07/15 18:06:47 | 000,025,600 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32pdh.pyd
MOD - [2013/07/15 18:06:46 | 001,062,400 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\wx._controls_.pyd
MOD - [2013/07/15 18:06:46 | 000,686,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\unicodedata.pyd
MOD - [2013/07/15 18:06:46 | 000,127,488 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\pyexpat.pyd
MOD - [2013/07/15 18:06:46 | 000,038,912 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32inet.pyd
MOD - [2013/07/15 18:06:46 | 000,018,432 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\win32event.pyd
MOD - [2013/07/15 18:06:46 | 000,010,240 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI38042\select.pyd
MOD - [2012/09/02 23:22:11 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/09/02 22:37:19 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/09/02 22:37:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/09/02 22:36:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/09/02 22:36:33 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/09/02 22:36:11 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/09/02 22:36:05 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/09/02 22:36:02 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/09/02 22:35:43 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/12/06 17:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/11/11 15:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 15:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 13:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/03/22 21:04:04 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3685.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3685.42407__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3685.42406__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:04 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3685.42271__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3685.42263__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3685.42402__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010/03/22 21:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3685.42396__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3685.42395__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010/03/22 21:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3685.42400__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010/03/22 21:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3685.42344__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3685.42331__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3685.42332__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/03/22 21:04:03 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3685.42353__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3685.42380__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3685.42324__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3685.42418__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,827,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3685.42313__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3685.42280__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3685.42311__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3685.42305__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3685.42320__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/03/22 21:04:02 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3685.42312__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3685.42284__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3685.42321__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/03/22 21:04:02 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3685.42241__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/03/22 21:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3685.42236__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3685.42377__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3685.42248__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/03/22 21:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3685.42239__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3685.42237__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/03/22 21:04:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3685.42378__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3685.42235__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3685.42371__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/03/22 21:04:01 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3685.42270__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3685.42236__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/03/22 21:04:01 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3685.42247__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/03/22 21:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3685.42240__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/03/22 21:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3685.42243__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3685.42415__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010/03/22 21:04:00 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3685.42352__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3685.42300__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3685.42276__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3685.42310__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/03/22 21:04:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3685.42323__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3685.42262__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3685.42275__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3685.42319__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3685.42248__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/03/22 21:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3685.42237__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/03/22 21:04:00 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3685.42243__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/03/22 21:03:59 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3685.42256__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/03/22 21:03:59 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3685.42364__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/03/22 21:03:59 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3685.42270__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/03/22 21:03:59 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3685.42372__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3685.42369__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3685.42246__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/03/22 21:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3685.42242__90ba9c70f846762e\APM.Server.dll
MOD - [2010/03/22 21:03:59 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3685.42247__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/03/22 21:03:59 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3685.42244__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/03/22 21:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3685.42241__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3685.42254__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3685.42239__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/03/22 21:03:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3685.42240__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3685.42371__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/03/22 21:03:59 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3685.42269__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3685.42255__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3685.42277__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/03/22 21:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3685.42246__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/03/22 21:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/01/28 18:36:50 | 000,091,136 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libXmppClient.dll
MOD - [2010/01/28 18:34:50 | 000,151,552 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libexpat.dll
MOD - [2010/01/28 18:34:50 | 000,090,624 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libgsasl.dll
MOD - [2010/01/19 14:44:14 | 000,027,136 | ---- | M] () -- C:\Program Files\SnugTV\SnugTV Station\AmaError.dll
MOD - [2010/01/05 15:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2009/11/24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/07/13 21:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/06/14 21:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2013/07/03 20:25:16 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/12 06:44:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/05/10 15:00:00 | 000,539,744 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2012/01/18 02:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/12/22 08:31:08 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/12/12 01:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/06 14:13:12 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/04/12 13:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2010/03/23 22:11:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/09 18:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2010/02/03 00:16:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/12/06 19:13:14 | 000,397,312 | R--- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/30 12:48:42 | 000,348,160 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/04/10 18:29:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/01/27 14:26:42 | 000,398,336 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motport.sys -- (motport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (androidusb)
DRV - [2012/01/18 02:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 02:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/11/08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/07/28 14:25:58 | 000,088,240 | ---- | M] (Pico Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\picopp.sys -- (PICOPP)
DRV - [2011/04/04 15:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 15:53:24 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/18 07:22:52 | 000,015,360 | ---- | M] (Pico Technology) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adc200.sys -- (adc200)
DRV - [2010/04/01 15:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/03/21 15:39:57 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/03/21 15:39:56 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2010/02/03 00:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010/02/03 00:54:34 | 005,313,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010/02/02 23:23:42 | 000,150,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009/12/08 09:37:02 | 000,437,888 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
DRV - [2009/01/29 18:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2007/11/02 16:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2005/06/10 14:48:00 | 008,664,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snppro.sys -- (SNPPRO)
DRV - [2004/10/01 02:22:42 | 000,024,704 | ---- | M] (AIM Applicazioni Industriali Microprocessori s.r.l.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AIM_USBdrv10_01.sys -- (AIM_USBdriver)
DRV - [2004/08/13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.in.honda....asp/rraalog.asp
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserv...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.verizon.n...ewsroom.portal"
FF - prefs.js..extensions.enabledAddons: %7B9EB34849-81D3-4841-939D-666D522B889A%7D:1.4.0.111
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: extension%40FastFreeConverter.com:4.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {9EB34849-81D3-4841-939D-666D522B889A}:1.4.0.111
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://www.bing.com/...?FORM=IEFM1&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\joel c\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\joel c\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/07/06 20:56:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/03 20:25:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/03 20:25:13 | 000,000,000 | ---D | M]

[2010/03/21 10:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Extensions
[2013/07/05 15:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions
[2010/04/27 07:17:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/08 15:25:24 | 000,000,000 | ---D | M] (WebSlingPlayer) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{9EB34849-81D3-4841-939D-666D522B889A}
[2013/05/16 07:39:06 | 000,117,280 | ---- | M] () (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/07/05 15:11:28 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2010/03/22 20:37:18 | 000,001,819 | ---- | M] () -- C:\Users\joel c\AppData\Roaming\Mozilla\Firefox\Profiles\j1wo7ccj.default\searchplugins\bing.xml
[2013/07/03 20:25:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/03 20:25:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES\FAST FREE CONVERTER\FASTFREECONVERTER\[email protected]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/07/11 18:32:46 | 000,450,068 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15450 more lines...
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MOTOPRINTUPnPPrintService] C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe shell.icon File not found
O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKLM..\Run: [snppro] C:\Windows\vsnppro.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIIUE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Grid] C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe ()
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe /minimized File not found
O4 - HKCU..\Run: [P2kAutostart] File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 164.109.25.72 ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: 207.130.86.35 ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: acura.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: acuraclientpurchaseexperience.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: acurainfo.programhq.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: acuraspinplay.programhq.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: ahmdealer.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: ahm-ownerlink.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: edcor.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: honda.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: honda.vo.llnwd.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondaadcmd.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondacars.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondainfo.programhq.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondamap.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondapqr.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondaprofessional.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondaspinplay.programhq.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: hondasso.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: jdpa.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: jdpower.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: pcsc.acurasrs.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: prospectingacurasrs.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: travelhq.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: xmradio.com ([]* in Trusted sites)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.in.honda....tingActiveX.cab (MeadCo ScriptX)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} http://www.in.honda....AX/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.1_07)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://tstseminars....ng/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7B2A33D-DEDD-4148-BA5E-D98CA8E9A5AC}: NameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/06 09:42:00 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/16 23:31:56 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/20 09:55:04 | 000,000,706 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell\AutoRun\command - "" = G:\KODAK_Software_Downloader.exe
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009/12/30 21:56:26 | 002,538,056 | ---- | M] (Hewlett-Packard )
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -- [2009/12/30 21:56:26 | 002,538,056 | ---- | M] (Hewlett-Packard )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/15 17:56:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/15 17:41:58 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{B7C637B9-00AF-4D37-B513-AC1C338F1332}
[2013/07/14 16:10:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
[2013/07/14 15:15:48 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{A31458A3-8A14-4398-8E0B-D52A28E0AC3A}
[2013/07/14 12:32:28 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\PeaZip
[2013/07/11 23:36:07 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/07/11 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4E68293B-8BC2-4CD4-8659-7C02606CEEB7}
[2013/07/10 07:34:29 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{87193DB9-A0F2-466F-A0A9-8F6651B20907}
[2013/07/09 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{2C7A1074-4DBC-4818-9A54-3C4542F15FAE}
[2013/07/08 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{8B222F98-0104-4D8D-9898-F901DA3CE3AC}
[2013/07/07 23:37:00 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{0F33085F-BFC3-4BC7-A479-5D1261C9E30E}
[2013/07/07 11:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Support for BasicServe
[2013/07/07 11:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013/07/07 11:37:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\DownloadTerms
[2013/07/07 09:23:02 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\vlc
[2013/07/07 09:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/07/07 09:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/07/07 08:51:45 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{9C17BC06-868C-45AE-B79C-DD9CC2D5A3BF}
[2013/07/05 23:07:24 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{545C2ADD-C106-4687-8BEE-71A3AD881AEB}
[2013/07/05 07:40:13 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{BF523AEF-9042-4150-94B8-CA9C4D810E5E}
[2013/07/04 11:20:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{ABF42E52-7234-4C2F-8FAF-A9018AA1EB2B}
[2013/07/03 22:27:32 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4FC587C3-BC98-4362-AC3B-5207FE2316AD}
[2013/07/03 20:25:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/03 07:28:59 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4FB30E89-17D2-4069-B06D-4CD94FB9E66A}
[2013/07/01 22:09:01 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{B32F4443-AD3E-4517-991D-A4D1D202D6FC}
[2013/07/01 07:27:02 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{790A747C-3CF4-48D1-8265-76996078916E}
[2013/06/30 10:02:38 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{DE05D14F-0084-4ED4-8BCA-9BE29B5A8884}
[2013/06/29 09:32:34 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{0E873F02-53EE-4097-9689-4008C0DB6A29}
[2013/06/28 07:21:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{3064E944-614C-462F-A1BF-DDC4D82C63F0}
[2013/06/27 07:07:55 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{7F11E3DE-CC4B-47C3-88D8-728C9E0A6B59}
[2013/06/26 18:22:35 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{5D24B308-E962-44D4-80BE-4E3A777E64D6}
[2013/06/25 20:51:42 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{C552CF2A-655D-4314-84DC-4671C5D9AF8E}
[2013/06/24 20:04:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{37C90FEB-28C0-4F91-9134-2D82D6C28F4B}
[2013/06/24 07:27:59 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{62020327-0A9F-4F4B-91C9-04590BA0703E}
[2013/06/23 12:42:08 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{14CA5D7A-2144-4B14-A87B-B8EFC0E3799A}
[2013/06/22 09:48:03 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{4CF9BFE6-40DC-40B5-8946-F7A65EBE2B2A}
[2013/06/21 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{85C12DAA-3E40-4FFC-9929-DE416619BA5D}
[2013/06/21 07:32:14 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{8DF9B272-56CA-4A27-97B0-6F10AB74BA6E}
[2013/06/20 19:31:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{C878594F-1566-461A-BC84-1DE815699CA8}
[2013/06/20 07:16:30 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{71C4C177-3D06-4E92-A0C9-B2E7A894750D}
[2013/06/19 07:24:34 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{40937C3F-68BF-48A0-A296-6CED412DC070}
[2013/06/18 07:31:49 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{969C6BF1-606E-4FDC-9475-FA42D107BF92}
[2013/06/17 07:26:15 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{FCF88FF1-907B-4D5D-84D6-48130C6A3A85}
[2013/06/16 17:57:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{EE62EAB9-9FE0-4289-9CA7-99EE5699D913}

========== Files - Modified Within 30 Days ==========

[2013/07/15 19:45:22 | 000,000,342 | -H-- | M] () -- C:\dvmexp.idx
[2013/07/15 19:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 19:14:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 19:12:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001UA.job
[2013/07/15 18:12:37 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 18:12:37 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 18:09:33 | 000,632,708 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/15 18:09:33 | 000,110,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/15 18:04:20 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 18:03:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/15 18:03:45 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/14 20:12:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001Core.job
[2013/07/14 16:14:25 | 000,002,376 | ---- | M] () -- C:\Users\joel c\Desktop\Google Chrome.lnk
[2013/07/14 16:10:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joel c\Desktop\OTL.exe
[2013/07/14 15:44:17 | 000,000,002 | ---- | M] () -- C:\END
[2013/07/13 17:14:23 | 296,862,089 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/11 20:06:41 | 000,001,078 | ---- | M] () -- C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/07/11 18:32:46 | 000,450,068 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/07/07 09:22:50 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/07/06 20:54:19 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2013/07/05 14:25:07 | 000,010,240 | ---- | M] () -- C:\Users\joel c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/04 11:27:02 | 000,001,990 | ---- | M] () -- C:\Users\joel c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/06/21 18:31:48 | 000,083,726 | ---- | M] () -- C:\Users\joel c\Desktop\car bill of sale form.pdf

========== Files Created - No Company Name ==========

[2013/07/14 15:44:17 | 000,000,002 | ---- | C] () -- C:\END
[2013/07/07 09:22:50 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/06/21 18:31:47 | 000,083,726 | ---- | C] () -- C:\Users\joel c\Desktop\car bill of sale form.pdf
[2013/06/19 17:44:54 | 000,001,078 | ---- | C] () -- C:\Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2013/05/18 10:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/05/09 19:14:14 | 000,000,388 | ---- | C] () -- C:\Windows\AIM_RACE_STUDIO.INI
[2013/04/18 18:32:16 | 000,000,296 | ---- | C] () -- C:\Users\joel c\.JavaPowUpload.properties
[2013/03/08 22:03:17 | 000,003,120 | ---- | C] () -- C:\Windows\winy2.ini
[2013/03/08 22:02:41 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2013/03/08 22:02:41 | 000,010,496 | ---- | C] () -- C:\Windows\System32\Machnm64.sys
[2013/03/08 22:02:41 | 000,007,168 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/11/18 18:10:02 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2540.ini
[2012/08/24 13:40:05 | 000,001,479 | ---- | C] () -- C:\Windows\station.ini
[2012/08/24 13:39:28 | 000,001,356 | ---- | C] () -- C:\Windows\resumes.ini
[2012/08/24 13:38:42 | 000,000,034 | ---- | C] () -- C:\Windows\brochure.ini
[2012/08/24 13:37:58 | 000,001,458 | ---- | C] () -- C:\Windows\newslet.ini
[2012/08/24 13:36:02 | 000,001,510 | ---- | C] () -- C:\Windows\greeting.ini
[2012/06/03 19:06:03 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/06/03 19:06:03 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012/04/05 20:36:05 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/03/28 21:07:10 | 000,015,872 | ---- | C] () -- C:\Users\joel c\mortagage envelope.wps
[2012/03/21 21:46:41 | 000,003,850 | ---- | C] () -- C:\Windows\scad3.INI
[2012/02/02 14:55:02 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/18 02:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 02:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 02:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/17 20:04:48 | 000,010,240 | ---- | C] () -- C:\Users\joel c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/20 22:19:01 | 000,000,662 | ---- | C] () -- C:\Users\joel c\AppData\Local\MOTOPRINTUPnPService
[2011/09/05 16:33:54 | 000,103,720 | ---- | C] () -- C:\Users\joel c\GoToAssistDownloadHelper.exe
[2011/08/12 13:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2011/07/26 07:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/05/12 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\A.C.E. Misfire Detective
[2013/02/17 22:01:38 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Canneverbe Limited
[2010/09/20 17:40:49 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
[2013/07/06 21:00:03 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Epson
[2012/04/02 21:17:06 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\IrfanView
[2012/11/18 18:15:04 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Leader Technologies
[2012/01/21 08:48:18 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Leadertech
[2012/01/09 22:26:36 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\motorola
[2011/10/26 21:32:12 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\ooVoo Details
[2012/02/03 23:31:23 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\OverDrive
[2013/07/14 12:32:29 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\PeaZip
[2011/01/08 15:25:35 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Sling Media
[2010/03/24 19:40:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Template
[2012/05/31 20:03:10 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\webex
[2010/11/03 22:23:40 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Windows Live Writer
[2012/01/14 11:07:31 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\ZumoCast

========== Purity Check ==========



< End of report >
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.15.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
joel c :: ASUS32BITMAINPC [administrator]

7/15/2013 8:15:44 PM
mbam-log-2013-07-15 (20-15-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 249102
Time elapsed: 7 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} (PUP.Zwangi) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\BasicServe\basicserve.exe (PUP.Zwangi) -> Quarantined and deleted successfully.

(end)
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c9b77b9a2add2948b4dca333b5ece0ee
# engine=14409
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-07-16 06:28:20
# local_time=2013-07-16 02:28:20 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 125500891 0 0
# scanned=368281
# found=9
# cleaned=9
# scan_time=16520
sh=4ACF539D2F7A256C65C228E2FE42D556AEE997EE ft=1 fh=dac4c276279a887e vn="a variant of Win32/InstallCore.AG application (cleaned by deleting - quarantined)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1722759672-3242739790-961427303-1003\$R1L7VWR.exe"
sh=37EC8C39F0A632C6AC4B9089A75EA627B81B3414 ft=1 fh=61a8b5efed071c2b vn="a variant of Win32/Bundled.Toolbar.Ask.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\joel c\Documents\downloaded programs & files\pcw2009_v190.exe"
sh=C36E6B3F760A233B1968C51F241A6E72C680A2AB ft=0 fh=0000000000000000 vn="Win32/Tool.EvID4226 application (deleted - quarantined)" ac=C fn="C:\Users\joel c\Documents\downloaded programs & files\ares downloads\EvID4226Patch212-en.zip"
sh=A00ADEF66F2F8B1F107B8F8F8F13EA31B3570D2C ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\joel c\Documents\downloaded programs & files\spywarerepairsoftware\SmitfraudFix.zip"
sh=C16776FA60D85CFB36127E1E8D15C02237DD5EE1 ft=1 fh=9f9dd17bc1f105b0 vn="Win32/OpenCandy application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\joel c\Downloads\cdbxp_setup_4.5.0.3717.exe"
sh=0081AB24E58FF62554172DE363EFB1683319EEBA ft=1 fh=43b6ad742e17c7fd vn="a variant of Win32/InstallIQ.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\joel c\Downloads\freeopener_715.exe"
sh=37EC8C39F0A632C6AC4B9089A75EA627B81B3414 ft=1 fh=61a8b5efed071c2b vn="a variant of Win32/Bundled.Toolbar.Ask.A application (cleaned by deleting - quarantined)" ac=C fn="D:\Documents and Settings\Joel\My Documents\downloaded programs & files\pcw2009_v190.exe"
sh=C36E6B3F760A233B1968C51F241A6E72C680A2AB ft=0 fh=0000000000000000 vn="Win32/Tool.EvID4226 application (deleted - quarantined)" ac=C fn="D:\Documents and Settings\Joel\My Documents\downloaded programs & files\ares downloads\EvID4226Patch212-en.zip"
sh=A00ADEF66F2F8B1F107B8F8F8F13EA31B3570D2C ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="D:\Documents and Settings\Joel\My Documents\downloaded programs & files\spywarerepairsoftware\SmitfraudFix.zip"
Results of screen317's Security Check version 0.99.69
Windows 7 Service Pack 1 x86 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Java Web Start
Java™ 6 Update 31
Java 7 Update 17
Java 2 Runtime Environment, SE v1.4.1_07
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (22.0)
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
Google Chrome Extensions...
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

Advertisements

#26
Jasmyne
Posted 16 July 2013 - 05:50 AM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
How are things running while in Windows 7 now?
  • 0

#27
Jasmyne
Posted 16 July 2013 - 12:40 PM

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
A few things to help prevent further infection on this partition before we move on to the next.

Step 1 - Install an Antivirus

Always make sure you have an antivirus program! Here are two that I recommend: Microsoft Security Essentials or Avast! Antivirus both are FREE to use. Please remember that you can only have one Antivirus installed at a time.

Step 2 - Enable UAC

Open User Account Control Settings by clicking the Start button, and then clicking Control Panel. In the search box, type uac, and then click Change User Account Control settings.

To turn on UAC, move the slider to choose when you want to be notified, and then click OK. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Step 3 - Update Programs

Malware writers love to exploit security issues in outdated software so is very important to make sure your software is up to date.

-Update Java-
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

-Update Adobe Reader-

Go here to download the latest version of Adobe Reader. Be sure to uncheck the box next to "Yes, install McAfee Secuity Scan Plus - optional"

Step 4 - Final Housekeeping for the Windows 7 Partition

Clear Old Restore Points

Create a new, clean System Restore point:
  • Right click on Computer and select Properties >> System protection >> Create.
  • Give this restore point a descriptive name and click Create.
  • When the new restore point is created click on OK >> close the System Properties window.
Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush Old System Restore points

  • Next click Start (Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
    cleanmgr
  • in the box and press OK.
  • Select the system drive, C >> OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Click on Clean up system files >> Select the system drive, C >> OK.
  • Now click on the More Options tab.
  • Under:
System Restore and Shadow Copies
  • Click on Clean up... >> Delete >> OK >> Delete Files.

OTL Cleanup
  • Open OTL
  • Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so



Step 5 - On to the XP Pro Partition!

Log in to the XP Pro Partition and we will start from the beginning to make sure everything is gone.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Make sure Use SafeList is selected under Extra Registry.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#28
jr chambers
Posted 16 July 2013 - 07:23 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
seem to be running as good as before. I'll move on to your next post(instruction) and work on the xp partition :thumbsup:
  • 0

#29
jr chambers
Posted 16 July 2013 - 08:29 PM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
here are the files on the xp 64 partition....
OTL logfile created on: 7/16/2013 10:24:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 6.88 Gb Available Physical Memory | 88.75% Memory free
9.32 Gb Paging File | 8.82 Gb Available in Paging File | 94.60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 175.78 Gb Total Space | 159.78 Gb Free Space | 90.89% Space Free | Partition Type: NTFS
Drive E: | 465.75 Gb Total Space | 298.52 Gb Free Space | 64.10% Space Free | Partition Type: NTFS
Drive F: | 755.73 Gb Total Space | 443.86 Gb Free Space | 58.73% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 4.29 Gb Free Space | 57.48% Space Free | Partition Type: FAT32

Computer Name: ASUSXP64EDITION | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/16 22:22:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/03/05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/13 20:17:54 | 005,634,560 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2006/11/29 12:58:14 | 000,090,112 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe


========== Modules (No Company Name) ==========

MOD - [2009/02/13 20:17:54 | 005,634,560 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2009/01/15 15:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2006/01/10 04:50:20 | 000,024,576 | R--- | M] () -- C:\WINDOWS\SysWOW64\AsIO.dll
MOD - [2004/07/26 18:11:50 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll


========== Services (SafeList) ==========

SRV - [2010/08/18 01:31:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/07/25 12:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/02/17 01:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2006/10/18 21:05:24 | 000,913,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006/03/29 08:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wdfmgr.exe -- (UMWdf)


========== Driver Services (SafeList) ==========

DRV - [2006/03/29 08:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2006/03/29 08:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}






IE - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.verizon.n...ewsroom.portal"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files (x86)\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/03/18 18:06:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/14 15:08:51 | 000,000,000 | ---D | M]

[2010/03/18 18:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/01/14 10:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v9x0fhlq.default\extensions
[2012/01/14 10:48:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v9x0fhlq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/18 18:06:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4:64bit: - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ASUS Update Checker] C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe ()
O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HPZRCV01.LNK = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8:64bit: - Extra context menu item: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8:64bit: - Extra context menu item: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM ()
O8:64bit: - Extra context menu item: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM ()
O8 - Extra context menu item: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM ()
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: 164.109.25.72 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: 207.130.86.35 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: acura.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: ahmdealer.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: ahm-ownerlink.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: edcor.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: honda.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: hondacars.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: hondapqr.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: jdpower.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1015757064-4063587740-3590384847-500\..Trusted Domains: xmradio.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} http://www.in.honda....AX/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1268878761046 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1288832517549 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAE347BD-7353-4287-92C2-BB331D346FBF}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Windows XP.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/16 23:31:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/06 09:42:00 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/20 09:55:04 | 000,000,706 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/16 22:22:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/07/16 22:20:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2013/07/14 15:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

========== Files - Modified Within 30 Days ==========

[2013/07/16 22:22:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2013/07/16 22:20:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/14 15:08:23 | 000,001,764 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk

========== Files Created - No Company Name ==========

[2013/07/14 15:08:23 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/07/14 15:08:23 | 000,001,764 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2012/04/04 20:40:26 | 000,006,656 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/03/16 23:49:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = %SystemRoot%\system32\shdocvw.dll
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\SysWOW64\shdocvw.dll -- [2009/12/18 18:57:16 | 001,519,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\fastprox.dll
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\SysWOW64\wbem\fastprox.dll -- [2009/03/19 20:51:22 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\system32\wbem\wbemess.dll
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/03/29 08:00:00 | 000,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\alg.exe -- (ALG)
No service found with a name of wuauserv
No service found with a name of BITS
SRV - [2007/02/18 12:05:20 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\browser.dll -- (Browser)
SRV - [2007/02/18 12:05:24 | 000,056,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2007/02/18 12:05:24 | 000,117,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/03 13:50:58 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\dnsrslvr.dll -- (Dnscache)
No service found with a name of Eventlog
No service found with a name of EapHost
No service found with a name of FastUserSwitchingCompatibility
SRV - [2006/03/29 08:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\w3ssl.dll -- (HTTPFilter)
No service found with a name of HidServ
No service found with a name of ImapiService
No service found with a name of PolicyAgent
No service found with a name of dmserver
No service found with a name of dmadmin
No service found with a name of SwPrv
No service found with a name of NetLogon
SRV - [2007/02/18 12:05:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\netman.dll -- (Netman)
SRV - [2011/03/03 13:50:58 | 000,233,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\mswsock.dll -- (Nla)
No service found with a name of PlugPlay
SRV - [2010/08/18 01:31:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
No service found with a name of ProtectedStorage
SRV - [2007/02/18 12:05:46 | 000,091,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\rasauto.dll -- (RasAuto)
SRV - [2007/02/18 12:05:46 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\rasmans.dll -- (RasMan)
No service found with a name of RpcSs
No service found with a name of NtmsSvc
SRV - [2007/02/18 12:05:48 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\seclogon.dll -- (seclogon)
No service found with a name of SamSs
No service found with a name of wscsvc
No service found with a name of lanmanserver
SRV - [2009/07/29 10:36:12 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of srservice
SRV - [2007/02/18 12:05:48 | 000,202,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\schedsvc.dll -- (Schedule)
SRV - [2007/02/18 12:05:34 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\lmhsvc.dll -- (LmHosts)
SRV - [2007/02/18 12:05:54 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\tapisrv.dll -- (TapiSrv)
No service found with a name of TermService
SRV - [2009/07/29 10:36:12 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\shsvcs.dll -- (Themes)
No service found with a name of VSS
SRV - [2006/03/29 08:00:00 | 000,041,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\audiosrv.dll -- (AudioSrv)
SRV - [2007/02/18 12:05:32 | 000,343,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\ipnathlp.dll -- (SharedAccess)
SRV - [2007/02/18 12:05:58 | 000,348,160 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\wiaservc.dll -- (stisvc)
SRV - [2007/02/18 12:05:38 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWow64\msiexec.exe -- (MSIServer)
No service found with a name of winmgmt
SRV - [2009/03/19 20:51:22 | 000,619,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\advapi32.dll -- (Wmi)
No service found with a name of Dot3Svc
SRV - [2007/02/18 12:06:04 | 000,489,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\wzcsvc.dll -- (WZCSVC)
No service found with a name of lanmanworkstation

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2006/03/29 08:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) MD5=4B93BB34AF478A0FD9765D9B73356DC9 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007/02/18 12:05:28 | 001,053,184 | ---- | M] (Microsoft Corporation) MD5=A26C39540F8BE3729846E360E2C57344 -- C:\WINDOWS\SysWOW64\explorer.exe
[2007/02/17 01:20:36 | 001,364,480 | ---- | M] (Microsoft Corporation) MD5=AE7A08C05F72A9242734C03230A5CD7F -- C:\WINDOWS\explorer.exe
[2007/02/17 01:20:36 | 001,364,480 | ---- | M] (Microsoft Corporation) MD5=AE7A08C05F72A9242734C03230A5CD7F -- C:\WINDOWS\ServicePackFiles\amd64\explorer.exe

< MD5 for: SERVICES.CFG >
[2013/05/11 06:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2006/03/29 08:00:00 | 000,221,696 | ---- | M] (Microsoft Corporation) MD5=250C256374AB397492ED71AEFCF17436 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/03/19 20:42:16 | 000,227,840 | ---- | M] (Microsoft Corporation) MD5=5BC6B0FFA0EB95A02F63D5BCAD39127B -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2007/02/17 01:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) MD5=D255E0DDB63A6223BFD8057266380017 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2007/02/17 01:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) MD5=D255E0DDB63A6223BFD8057266380017 -- C:\WINDOWS\ServicePackFiles\amd64\services.exe

< MD5 for: SERVICES.LNK >
[2010/03/16 23:32:00 | 000,001,602 | ---- | M] () MD5=357D723BA4D176FE922BF9EEF4B7B279 -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:44 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2007/02/17 01:59:04 | 000,025,600 | ---- | M] (Microsoft Corporation) MD5=46300880A5062A41C16DF5E3E836A6C9 -- C:\WINDOWS\ServicePackFiles\amd64\svchost.exe
[2006/03/29 08:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=BDDFEB952617080316692951215793E9 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2007/02/18 12:05:52 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=C09CCFE81DEC9B162533D7184D705682 -- C:\WINDOWS\SysWOW64\svchost.exe

< MD5 for: USERINIT.EXE >
[2007/02/17 02:00:56 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=438393CC0B5122B5D988BD7BA05FE3C9 -- C:\WINDOWS\ServicePackFiles\amd64\userinit.exe
[2006/03/29 08:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=5EF907A339CAF229F3CE38909C93F53B -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2007/02/18 12:05:56 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=B5FEB3B971A8B8C81CE9DE65031A87E5 -- C:\WINDOWS\SysWOW64\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006/03/29 08:00:00 | 000,922,624 | ---- | M] (Microsoft Corporation) MD5=2412D710F07F527E99D5FCBD8D6E5B89 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2007/02/17 02:02:56 | 000,944,128 | ---- | M] (Microsoft Corporation) MD5=901C7E44D11C00CA9D48BA1A866FDC4B -- C:\WINDOWS\ServicePackFiles\amd64\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is A82F-F425
Directory of C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices
01/14/2012 10:00 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\CCC
03/16/2010 11:54 PM <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\CLI
03/16/2010 11:54 PM <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote
01/14/2012 10:00 AM <JUNCTION> 2.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\LOG
03/16/2010 11:54 PM <JUNCTION> 2.0.3302.38952__90ba9c70f846762e
0 File(s) 0 bytes
Directory of C:\WINDOWS\assembly\GAC_MSIL\MOM
03/16/2010 11:54 PM <JUNCTION> 2.0.0.0__90ba9c70f846762e
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
6 Dir(s) 171,526,754,304 bytes free

< End of report >
OTL Extras logfile created on: 7/16/2013 10:24:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 6.88 Gb Available Physical Memory | 88.75% Memory free
9.32 Gb Paging File | 8.82 Gb Available in Paging File | 94.60% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 175.78 Gb Total Space | 159.78 Gb Free Space | 90.89% Space Free | Partition Type: NTFS
Drive E: | 465.75 Gb Total Space | 298.52 Gb Free Space | 64.10% Space Free | Partition Type: NTFS
Drive F: | 755.73 Gb Total Space | 443.86 Gb Free Space | 58.73% Space Free | Partition Type: NTFS
Drive G: | 7.47 Gb Total Space | 4.29 Gb Free Space | 57.48% Space Free | Partition Type: FAT32

Computer Name: ASUSXP64EDITION | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.inf [@ = inffile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.ini [@ = inifile] -- %SystemRoot%\System32\NOTEPAD.EXE %1
.url [@ = InternetShortcut] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
.js [@ = JSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.jse [@ = JSEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.txt [@ = txtfile] -- %SystemRoot%\system32\NOTEPAD.EXE %1
.vbe [@ = VBEFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.vbs [@ = VBSFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsf [@ = WSFFile] -- %SystemRoot%\System32\WScript.exe "%1" %*
.wsh [@ = WSHFile] -- %SystemRoot%\System32\WScript.exe "%1" %*

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1"
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4"
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %*
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\Ares\Ares.exe" = C:\Program Files (x86)\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files (x86)\Ares\Ares.exe" = C:\Program Files (x86)\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{25E0F2BA-399C-4cf8-A654-53797016CB77}" = HP Beta Printer Drivers for Windows XP x64 (5.64.0.17)
"{59370519-8E71-6103-96A0-AE00A3F22CF9}" = ccc-utility64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"ATI Display Driver" = ATI Display Driver
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows x64
"Tweak UI 2.10" = Tweak UI
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows x64 Service Pack" = Windows XP Service Pack 2
"WMFDist11-64" = Windows Media Format 11 runtime
"wmp11-64" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00110409-78E1-11D2-B60F-006097C998E7}" = Microsoft Excel 2000
"{00E10F93-500A-D5F9-D785-F6EA2DE1263A}" = CCC Help Danish
"{01C44D76-09B5-4CA1-0922-533F987643F1}" = CCC Help Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0A8C45BB-5AB8-CF5B-9E9F-FD7F13235CAB}" = CCC Help Czech
"{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{164B63A3-2639-1556-A6A8-49D5058EBFA4}" = CCC Help Korean
"{2379D3D4-2BE3-A0C5-F32C-5C3DDB2532DE}" = CCC Help Chinese Standard
"{3360F95B-C10A-B4DE-1334-FE8209A4C0F6}" = CCC Help Finnish
"{3436FD5A-3154-A950-8660-FFBC9664FD70}" = CCC Help Dutch
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{43475674-3C02-6476-770D-71D4F23837D8}" = CCC Help Italian
"{4B78B2D5-E455-AD54-9B11-716F02732F95}" = CCC Help Russian
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{59304B51-ED05-EDE5-3CA9-59898BC47694}" = Catalyst Control Center Graphics Full Existing
"{60B8DE54-593B-A699-9850-B0D5ADD309DB}" = CCC Help Polish
"{63C760E0-5867-CB5C-564C-19F6F568ECAA}" = CCC Help French
"{64240CEB-91D8-4497-A18F-476E70C69D3E}" = CCC Help Hungarian
"{65EE5324-78AF-B66C-42C3-D86603BD38A1}" = CCC Help Norwegian
"{6BF488AF-6726-4DD5-FA0D-3F7A05B3C5BD}" = CCC Help Thai
"{76183AE4-F30E-1AFB-B3CB-23E47F14C48F}" = CCC Help Chinese Traditional
"{761CB6D1-F804-3162-ABAF-CC1D09B41D29}" = CCC Help Greek
"{79EA8EB9-45A8-6FAF-7C8B-6FB79E05CE85}" = Catalyst Control Center Graphics Light
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{854F1DBC-F3A6-0902-0788-5BB628FE5EF5}" = CCC Help Turkish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9551DD73-10A7-828B-8E76-C6A17693FEB6}" = CCC Help English
"{9FA1CBC5-E656-879C-158E-4DC9C7BE7B15}" = ccc-core-static
"{A3C12ED1-665D-3840-68BA-8CCE3CFB089F}" = CCC Help Portuguese
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AFE829B5-2701-FD39-E15C-0576184BD3E3}" = Skins
"{B3E8CDD5-E044-139C-FA49-147B5E3A43F4}" = CCC Help German
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09EDA0B-0F8A-4F02-8922-43247E695F0F}" = RACE STUDIO 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C1B51FA5-5470-D3B5-B58D-DCCB08EF38E8}" = Catalyst Control Center Core Implementation
"{C6812939-B117-48E6-A3BA-1709C14A3C8C}" = Scan
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E1D4F62A-837D-9488-63E6-07444A4945FF}" = Catalyst Control Center Graphics Full New
"{E49913D6-A707-CC24-D453-E5D07F88D492}" = CCC Help Swedish
"{E51CFC4F-9DCC-9BA2-B601-06F848DD077F}" = Catalyst Control Center Localization All
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2F6D931-062C-6383-F3D0-5A8BEA32DAEC}" = CCC Help Spanish
"{F6F4DFCB-7DAF-E07F-3673-4B97201452B2}" = ccc-core-preinstall
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"All ATI Software" = ATI - Software Uninstall Utility
"Ares" = Ares 2.1.5
"ieSpell" = ieSpell
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MpcStar" = MpcStar 4.1
"nLite_is1" = nLite 1.4.9.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/17/2010 1:59:31 PM | Computer Name = ASUSXP64EDITION | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: The server name or address could not be resolved

Error - 3/17/2010 1:59:31 PM | Computer Name = ASUSXP64EDITION | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download....uthrootseq.txt>
with error: This network connection does not exist.

Error - 3/17/2010 8:08:30 PM | Computer Name = ASUSXP64EDITION | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: Microsoft.PowerShell.GraphicalHost,Version=1.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35,ProcessorArchitecture=msil
. Error code = 0x80070002

Error - 3/17/2010 8:09:20 PM | Computer Name = ASUSXP64EDITION | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64)
- Failed to compile: Microsoft.PowerShell.GraphicalHost,Version=1.0.0.0,Culture=neutral,PublicKeyToken=31bf3856ad364e35,ProcessorArchitecture=msil
. Error code = 0x80070002

Error - 3/18/2010 6:27:24 PM | Computer Name = ASUSXP64EDITION | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Excel 2000 -- Error 1706. No valid source could
be found for product Microsoft Excel 2000. The Windows installer cannot continue.

Error - 3/18/2010 6:27:34 PM | Computer Name = ASUSXP64EDITION | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft Excel 2000 -- Error 1706. No valid source could
be found for product Microsoft Excel 2000. The Windows installer cannot continue.

Error - 10/7/2010 10:24:58 PM | Computer Name = ASUSXP64EDITION | Source = Application Error | ID = 1000
Description = Faulting application adobearm.exe, version 1.1.5.0, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.

Error - 11/3/2010 9:00:24 PM | Computer Name = ASUSXP64EDITION | Source = Application Error | ID = 1000
Description = Faulting application adobearm.exe, version 1.1.5.0, faulting module
ntdll.dll, version 5.2.3790.4455, fault address 0x0004f053.

Error - 12/19/2010 2:39:11 PM | Computer Name = ASUSXP64EDITION | Source = Application Error | ID = 1000
Description = Faulting application hpwucli.exe, version 5.0.8.1, faulting module
hpwucli.exe, version 5.0.8.1, fault address 0x000099b1.

[ System Events ]
Error - 7/11/2013 10:36:22 PM | Computer Name = ASUSXP64EDITION | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume \Device\HarddiskVolume3.

Error - 7/11/2013 11:25:20 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10010
Description = The server {9B1F122C-2982-4E91-AA8B-E071D54F2A4D} did not register
with DCOM within the required timeout.

Error - 7/14/2013 3:04:31 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/14/2013 3:04:31 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/16/2013 10:18:08 PM | Computer Name = ASUSXP64EDITION | Source = VolSnap | ID = 393245
Description =

Error - 7/16/2013 10:18:32 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/16/2013 10:18:32 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/16/2013 10:20:51 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/16/2013 10:20:51 PM | Computer Name = ASUSXP64EDITION | Source = DCOM | ID = 10016
Description = The machine-default permission settings do not grant Local Activation
permission for the COM Server application with CLSID {555F3418-D99E-4E51-800A-6E89CFD8B1D7}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19). This security permission
can be modified using the Component Services administrative tool.

Error - 7/16/2013 10:21:02 PM | Computer Name = ASUSXP64EDITION | Source = System Error | ID = 1003
Description = Error code 0000000000000050, parameter1 fffffadf51a757f1, parameter2
0000000000000000, parameter3 fffffadf2f857290, parameter4 0000000000000000.


< End of report >
  • 0

#30
jr chambers
Posted 17 July 2013 - 05:42 AM

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 126 posts
I'd told my wife the pc is fixed and then this morning asked her if it worked OK, she told me her yahoo page was slow to load, she uses IE, I've tried to get her off that kick. she uses it at work and so wants to use it at home. not able to get her on firefox. what can i do to speed up IE for her???
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP