Jump to content

[Solved] My PC is slowing down

mij
 Share

Recommended Posts

mij Newbie

mij

Posted
Posted

I sort-of put the blame on my ISP last week for this but it looks as if it may be my PC. I have downloaded and run speccy and got this analysis:-

 

Operating System

MS Windows Vista Home Premium 32-bit SP2

CPU

Intel Core 2 Duo E6600 @ 2.40GHz 51 °C

Conroe 65nm Technology

RAM

2.00 GB Dual-Channel DDR2 @ 333MHz (5-5-5-15)

Motherboard

ASUSTek Computer INC. Basswood (Socket 775)

Graphics

The specified service has been marked for deletion.

Hard Drives

488GB Seagate ST3500418AS (SATA) 38 °C

Optical Drives

TSSTcorp CD/DVDW TS-H653L

Audio

Realtek High Definition Audio

 

Why has the graphics service been marked for deletion? Is that a reason for the go-slow? Is there anything wrong with this set up looking at this analysis?

jim

  • Replies 34
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hi, Jim, open Speccy again, and on the left hand list, select the graphics section, see what it says in there, and just in case, look at hard drives underneath in case it meant that. Just might give us a clue then as at the moment I don't have any.

Neither can I see why that should affect your connection speeds.

However the network, if in the left hand list, might show something too.

 

Nev.

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

mij Newbie

mij

Posted
  • Author
Posted

Thanks for the reply Nev. Here is what it said this time, and nothing about it being selected for deletion.

 

Operating System

MS Windows Vista Home Premium 32-bit SP2

CPU

Intel Core 2 Duo E6600 @ 2.40GHz 46 °C

Conroe 65nm Technology

RAM

2.00 GB Dual-Channel DDR2 @ 333MHz (5-5-5-15)

Motherboard

ASUSTek Computer INC. Basswood (Socket 775)

Graphics

F22 (1920x1080@60Hz)

512MB Radeon X1650 SE (MSI)

Radeon X1650 SE Secondary (MSI)

CrossFire Disabled

Hard Drives

488GB Seagate ST3500418AS (SATA) 37 °C

Optical Drives

TSSTcorp CD/DVDW TS-H653L

Audio

Realtek High Definition Audio

 

 

Then I selected the graphics and clicked on that, here is what it said about that.

 

Graphics

Monitor

Name F22 on Radeon X1650 SE

Current Resolution 1920x1080 pixels

Work Resolution 1920x1042 pixels

State enabled, primary, output devices support

Monitor Width 1920

Monitor Height 1080

Monitor BPP 32 bits per pixel

Monitor Frequency 60 Hz

Device \\.\DISPLAY1\Monitor0

Radeon X1650 SE

GPU RV516

Device ID 1002-7181

Subvendor MSI (1462)

Current Performance Level Level 1

Technology 91 nm

Transistors 105 M

Release Date 2007

DirectX Support 9.0c

DirectX Shader Model 3.0

OpenGL Support 2.0

Bios Core Clock 635.00

Bios Mem Clock 400.00

Driver atiumdag.dll

Driver version 7.14.10.0590

Crossfire Enabled

BIOS Version 113-AA99000-101-MI

ROPs 4

Shaders Vertex 4/Pixel 4

Memory Type DDR2

Memory 512 MB

Bus Width 128 Bit

Count of performance levels : 1

Level 1

Radeon X1650 SE Secondary

GPU RV516

Device ID 1002-71A1

Subvendor MSI (1462)

Current Performance Level Level 1

Transistors 105 M

Release Date 2007

DirectX Support 9.0c

DirectX Shader Model 3.0

OpenGL Support 2.0

Bios Core Clock 635.00

Bios Mem Clock 400.00

Driver atiumdag.dll

Driver version 7.14.10.0590

Crossfire Enabled

 

I don't know what all this is about. Next I clicked on the network and here is what it said about that....

 

Network

You are connected to the internet

Connected through HP 802.11b/g Wireless Network Adapter

IP Address 192.168.1.2

Subnet mask 255.255.255.0

Gateway server 192.168.1.254

Preferred DNS server 87.194.255.154

Alternate DNS server 87.194.255.155

DHCP Disabled

External IP Address 188.222.196.26

Adapter Type IEEE 802.11 wireless

NetBIOS over TCP/IP Enabled via DHCP

NETBIOS Node Type Hybrid node

Link Speed 0 kbps

Computer Name

NetBIOS Name JIMS-PC

DNS Name jims-pc

Domain Name JIMS-PC

Remote Desktop

Console

State Active

Domain JIMS-PC

WinInet Info

LAN Connection

Local system uses a local area network to connect to the Internet

Local system has RAS to connect to the Internet

Wi-Fi Info

Using native Wi-Fi API version 2

Available access points count 1

Wi-Fi (BeBox)

SSID BeBox

Frequency 2437000 kHz

Channel Number 6

Name No name

Signal Strength/Quality 100

Security Enabled

State The interface is connected to a network

Dot11 Type Infrastructure BSS network

Network Connectible

Network Flags Currently Connected to this network

Cipher Algorithm to be used when joining this network AES-CCMP algorithm

Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK

WinHTTPInfo

WinHTTPSessionProxyType No proxy

Session Proxy

Session Proxy Bypass

Connect Retries 5

Connect Timeout 60000

HTTP Version HTTP 1.1

Max Connects Per 1.0 Servers INFINITE

Max Connects Per Servers INFINITE

Max HTTP automatic redirects 10

Max HTTP status continue 10

Send Timeout 30000

IEProxy Auto Detect No

IEProxy Auto Config

IEProxy

IEProxy Bypass

Default Proxy Config Access Type No proxy

Default Config Proxy

Default Config Proxy Bypass

Sharing and Discovery

Network Discovery Enabled

File and Printer Sharing Enabled

Simple File Sharing Enabled

Administrative Shares Enabled

Adapters List

HP 802.11b/g Wireless Network Adapter

IP Address 192.168.1.2

Subnet mask 255.255.255.0

Gateway server 192.168.1.254

Intel® 82562V 10/100 Network Connection

IP Address 0.0.0.0

Subnet mask 0.0.0.0

Gateway server 0.0.0.0

Network Shares

Epson Stylus C66 Series (M) Epson Stylus C66 Series (M),LocalsplOnly

Epson Stylus C65 Series (M) Epson Stylus C65 Series (M),LocalsplOnly

WCProInbox C:\ProgramData\Xerox\WCProWIA

EPSON29C7FF (Epson Stylus SX235) EPSON29C7FF (Epson Stylus SX235),LocalsplOnly

Current TCP Connections

AppleMobileDeviceService.exe (2252)

C:\Program Files\Epson Software\Event Manager\EEventManager.exe (3292)

C:\Program Files\iTunes\iTunesHelper.exe (3220)

C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe (3736)

System Process

System Process

lsass.exe (700)

mDNSResponder.exe (2336)

services.exe (688)

spoolsv.exe (1788)

svchost.exe (1612)

svchost.exe (1668)

svchost.exe (2616)

svchost.exe (360)

svchost.exe (972)

wininit.exe (644)

wmpnetwk.exe (4892)

 

Hmmm curious-er and curious-er.

jim

mij Newbie

mij

Posted
  • Author
Posted

I omitted the hdd so here it is:-

 

Hard Drives ST3500418AS

Manufacturer Seagate

Form Factor 3.5"

Interface SATA

Heads 16

Cylinders 16383

SATA type SATA-II 3.0Gb/s

Device type Fixed

ATA Standard ATA8-ACS

LBA Size 48-bit LBA

Power On Count 1133 times

Power On Time 619.5 days

Speed, Expressed in Revolutions Per Minute (rpm) 7200

Features S.M.A.R.T., AAM, NCQ

Transfer Mode SATA II

Interface SATA

Capacity 488GB

Real size 500,107,862,016 bytes

RAID Type None

S.M.A.R.T

01 Read Error Rate 118 (099 worst) Data 000ACFEE7F

03 Spin-Up Time 097 (097) Data 0000000000

04 Start/Stop Count 099 (099) Data 000000046D

05 Reallocated Sectors Count 100 (100) Data 0000000001

07 Seek Error Rate 073 (060) Data 001139B004

09 Power-On Hours (POH) 084 (084) Data 0000003A14

0A Spin Retry Count 100 (100) Data 0000000000

0C Device Power Cycle Count 099 (099) Data 000000046D

B7 SATA Downshift Error Count 100 (100) Data 0000000000

B8 End-to-End error / IOEDC 100 (100) Data 0000000000

BB Reported Uncorrectable Errors 100 (100) Data 0000000000

BC Command Timeout 100 (099) Data 0000530055

BD High Fly Writes (WDC) 100 (100) Data 0000000000

BE Temperature Difference from 100 063 (057) Data 0026220025

C2 Temperature 037 (043) Data 0000000025

C3 Hardware ECC Recovered 037 (021) Data 000ACFEE7F

C5 Current Pending Sector Count 100 (100) Data 0000000000

C6 Uncorrectable Sector Count 100 (100) Data 0000000000

C7 UltraDMA CRC Error Count 200 (200) Data 0000000000

F0 Head Flying Hours 100 (253) Data 000000465A

F1 Total LBAs Written 100 (253) Data 00457F26D4

F2 Total LBAs Read 100 (253) Data 00DE87C150

Temperature 36 °C

Temperature Range ok (less than 50 °C)

Status Good

Partition 0

Partition ID Disk #0, Partition #0

Disk Letter C:

File System NTFS

Volume Serial Number 14C9C13E

Size 466GB

Used Space 231GB (50%)

Free Space 235GB (50%)

 

I thought I would update this to Windows7 and have ordered it from Amazon today. Might it be better to sort this problem first do you think?

jim

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hi again Jim, I see no reasons in any of that for slowness, though I am no expert on network connections, KenB is the man for that.

Is this general or just internet connection speeds as in time taken to open browser pages, download and streaming video etc. If download speeds only, have you checked your speeds try a test from here=

 

http://www.speedtest.net/

 

Or another from here=

 

http://www.broadbandspeedchecker.co.uk/

 

Do not bother with any checks of windows for errors that may be offered, they are only adverts trying to get you to buy some sort of registry cleaner. Don't go in that direction.

 

Nev.

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

mij Newbie

mij

Posted
  • Author
Posted

Thanks Nev for that info. I am fast coming to the conclusion that this is a fault on my computer. It still happens when I try to run something that is on my computer. It just takes ages to open and run a program. A f'rinstance would be speccy. It takes about a minute or just over to analyze this system when it's all unky-dory but for ever when it's slow.

 

The speeds I get are nowhere near the claimed 'up-to 20Mbs' of the adverts.

6.90Mbs download and 0.97Mbs up-load.

Does it record these happenings anywhere in the system, I've had a look in task manager but there is nothing obvious.

jim

Plastic Nev Newbie

Plastic Nev

Posted
Posted

OK, if it is general slowness, we are going to have to go the long rout, first is the check for malware, what security are you running Jim, I think from previous threads you may have some reasonably good stuff, run scans with them all if you haven't yet done so.

If you have Malwarebytes post the log if it finds anything please.

 

Nev.

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

mij Newbie

mij

Posted
  • Author
Posted
OK, if it is general slowness, we are going to have to go the long rout, first is the check for malware, what security are you running Jim, I think from previous threads you may have some reasonably good stuff, run scans with them all if you haven't yet done so.

If you have Malwarebytes post the log if it finds anything please.

 

Nev.

Thanks for that Nev . I have just completed a scan with mbam, here is the log.

I'll continue with sas etc...

jim

 

 

Malwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.org

 

 

Database version: v2012.04.28.09

 

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

crispin :: JIMS-PC [administrator]

 

 

29/04/2012 07:13:44

mbam-log-2012-04-29 (07-13-44).txt

 

 

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 389828

Time elapsed: 1 hour(s), 31 minute(s), 45 second(s)

 

 

Memory Processes Detected: 0

(No malicious items detected)

 

 

Memory Modules Detected: 0

(No malicious items detected)

 

 

Registry Keys Detected: 6

HKCR\CLSID\{6ff9ca42-31db-4369-87e7-32ea366bca58} (PUP.FunWebProducts) -> No action taken.

HKCR\TypeLib\{887c1600-0825-4354-8f7c-a7f7a12a0daf} (PUP.FunWebProducts) -> No action taken.

HKCR\Interface\{434FFB7E-D31A-4604-9B78-01066B87F755} (PUP.FunWebProducts) -> No action taken.

HKCR\RadioPI_4eInstaller.Start.1 (PUP.FunWebProducts) -> No action taken.

HKCR\RadioPI_4eInstaller.Start (PUP.FunWebProducts) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6FF9CA42-31DB-4369-87E7-32EA366BCA58} (PUP.FunWebProducts) -> No action taken.

 

 

Registry Values Detected: 0

(No malicious items detected)

 

 

Registry Data Items Detected: 0

(No malicious items detected)

 

 

Folders Detected: 0

(No malicious items detected)

 

 

Files Detected: 2

C:\Program Files\RadioPI_4eEI\Installr\1.bin\4eEZSETP.dll (PUP.FunWebProducts) -> No action taken.

C:\Users\crispin\AppData\Local\Temp\nsvC7B1.tmp\downloadmr.exe (Trojan.Repacked) -> Quarantined and deleted successfully.

 

 

(end)

mij Newbie

mij

Posted
  • Author
Posted

Hopefully I have copied the log from super-anti-spyware.

Jim

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

 

Generated 04/29/2012 at 09:08 AM

 

 

Application Version : 5.0.1148

 

 

Core Rules Database Version : 8528

Trace Rules Database Version: 6340

 

 

Scan type : Quick Scan

Total Scan Time : 00:13:13

 

 

Operating System Information

Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)

UAC Off - Administrator

 

 

Memory items scanned : 832

Memory threats detected : 0

Registry items scanned : 37093

Registry threats detected : 0

File items scanned : 12555

File threats detected : 11

 

 

Adware.Tracking Cookie

ox-d.sublimemedia.net [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.amazon-adsystem.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.amazon-adsystem.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.yahoogroups.112.2o7.net [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.gostats.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.e-2dj6wjny-1icpck.stats.esomniture.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

wstat.wibiya.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

.estat.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

accounts.google.com [ C:\USERS\CRISPIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

mij Newbie

mij

Posted
  • Author
Posted

I have run spybot search and destroy and saved the log but I don't know where LOL.... anyway all it found was tracking cookies.

I'm not sure what else I have here apart from micro-soft essentials. I believe that is running all the time. I did switch off defender to install the printers. I got the Stylus XC235 after deciding it wasn't worth diverting from the 'home' goals this month. I did have my wife's Dell V505 wireless on this one but removed it earlier yesterday.

jim

Plastic Nev Newbie

Plastic Nev

Posted
Posted

Hi Jim, there is one line a little worrying which is this=

 

"C:\Users\crispin\AppData\Local\Temp\nsvC7B1.tmp\do wnloadmr.exe (Trojan.Repacked) -> Quarantined and deleted successfully."

 

I never like seeing that "Trojan downloader" phrase, though MBAM may have killed the process, it may have downloaded other nasties such as rootkits that MBAM can't get.

 

I suggest going to our malware section and let Starbuck or etavares have a look.

 

Follow all on this page, then post the results, even if nothing wrong, it will put your mind to rest on it.

 

http://extremetechsupport.com/threads/10689-Before-posting-for-Malware-Removal-help.

 

Nev.

Need help with your computer problems? Then why not join Free PC Help. Register here.

If Free PC Help has helped you then please consider a donation. Click here

 We are all members helping other members. Please return here where you may be able to help someone else.  

After all, no one knows everything and you may have the answer that someone needs.

--------------------------------------------------------------------

I have installed Windows, now how do I install the curtains? 😄

image.png

mij Newbie

mij

Posted
  • Author
Posted

Ok I'll repeat the Mbam check as well. There is no knowing what nasties this machine has picked up.

Thanks Nev.

jim

mij Newbie

mij

Posted
  • Author
Posted (edited)

my computer is getting slower

 

Thanks etavares.

Mbam will not save this second log for some reason. On this second run through it found 7 PVP_FunwebProducts that are categorized as Registry keys. I assume these are harmless tracking cookies.

I will continue with the instructions and do the next check.

jim

 

PS Being bolder and thinking that all is lost anway I get rid of the .txt at the end of the file and it saved it. Here it is:-

 

Malwarebytes Anti-Malware 1.61.0.1400

http://www.malwarebytes.org

 

 

Database version: v2012.04.29.01

 

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

crispin :: JIMS-PC [administrator]

 

 

29/04/2012 13:20:35

mbam-log-2012-04-29 (15-16-26)

 

 

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 356673

Time elapsed: 1 hour(s), 28 minute(s), 27 second(s)

 

 

Memory Processes Detected: 0

(No malicious items detected)

 

 

Memory Modules Detected: 0

(No malicious items detected)

 

 

Registry Keys Detected: 6

HKCR\CLSID\{6ff9ca42-31db-4369-87e7-32ea366bca58} (PUP.FunWebProducts) -> No action taken.

HKCR\TypeLib\{887c1600-0825-4354-8f7c-a7f7a12a0daf} (PUP.FunWebProducts) -> No action taken.

HKCR\Interface\{434FFB7E-D31A-4604-9B78-01066B87F755} (PUP.FunWebProducts) -> No action taken.

HKCR\RadioPI_4eInstaller.Start.1 (PUP.FunWebProducts) -> No action taken.

HKCR\RadioPI_4eInstaller.Start (PUP.FunWebProducts) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6FF9CA42-31DB-4369-87E7-32EA366BCA58} (PUP.FunWebProducts) -> No action taken.

 

 

Registry Values Detected: 0

(No malicious items detected)

 

 

Registry Data Items Detected: 0

(No malicious items detected)

 

 

Folders Detected: 0

(No malicious items detected)

 

 

Files Detected: 1

C:\Program Files\RadioPI_4eEI\Installr\1.bin\4eEZSETP.dll (PUP.FunWebProducts) -> No action taken.

 

 

(end)

Edited by mij
mij Newbie

mij

Posted
  • Author
Posted

Part one of the first log in OTL (yes it was too big to do in one go)

 

OTL logfile created on: 29/04/2012 15:32:15 - Run 1

OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\crispin\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

2.00 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.57% Memory free

4.46 Gb Paging File | 0.85 Gb Available in Paging File | 19.13% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465.76 Gb Total Space | 237.80 Gb Free Space | 51.06% Space Free | Partition Type: NTFS

 

Computer Name: JIMS-PC | User Name: crispin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\crispin\Desktop\OTL (1).exe (OldTimer Tools)

PRC - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\Webroot\WRSA.exe (Webroot)

PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Users\crispin\AppData\Local\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)

PRC - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)

PRC - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

PRC - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)

PRC - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)

PRC - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

PRC - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe (IObit)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)

PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)

PRC - C:\Program Files\Dell V505\dldwmsdmon.exe ()

PRC - C:\Program Files\Dell V505\dldwmon.exe ()

PRC - C:\Windows\System32\dldwcoms.exe ( )

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\IE New Window Maximizer\iemaximizer.exe (jiiSoft)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()

MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll ()

MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()

MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()

MOD - C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll ()

MOD - C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll ()

MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()

MOD - C:\Program Files\OpenOffice.org 3\program\libxslt.dll ()

MOD - C:\Program Files\IObit\Smart Defrag 2\madbasic_.bpl ()

MOD - C:\Program Files\IObit\Smart Defrag 2\maddisAsm_.bpl ()

MOD - C:\Program Files\IObit\Smart Defrag 2\madexcept_.bpl ()

MOD - C:\Program Files\Dell V505\dldwmsdmon.exe ()

MOD - C:\Program Files\Dell V505\dldwmon.exe ()

MOD - C:\Program Files\Dell V505\dldwdrs.dll ()

MOD - C:\Program Files\Dell V505\dldwscw.dll ()

MOD - C:\Program Files\Dell V505\app4r.monitor.core.dll ()

MOD - C:\Program Files\Dell V505\app4r.monitor.common.dll ()

MOD - C:\Program Files\Dell V505\app4r.devmons.mcmdevmon.dll ()

MOD - C:\Windows\System32\atitmmxx.dll ()

MOD - C:\Program Files\Dell V505\DLDWcfg.dll ()

MOD - C:\Program Files\Dell V505\dldwcaps.dll ()

MOD - C:\Program Files\Dell V505\dldwmonr.dll ()

MOD - C:\Program Files\Dell V505\app4r.devmons.mcmdevmon.autoplayutil.dll ()

MOD - C:\Windows\System32\spool\drivers\w32x86\3\dldwdatr.dll ()

MOD - C:\Program Files\Dell V505\dldwcnv4.dll ()

MOD - C:\Program Files\Common Files\Xerox Shared\VGFILE.DLL ()

MOD - C:\Program Files\Common Files\Xerox Shared\EASYTB32.DLL ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (SDWSCService) -- C:\Program Files\Spybot File not found

SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found

SRV - (SDScannerService) -- C:\Program Files\Spybot File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (EPSON_EB_RPCV4_04) EPSON V5 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)

SRV - (EPSON_PM_RPCV4_04) EPSON V3 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)

SRV - (WRSVC) -- C:\Program Files\Webroot\WRSA.exe (Webroot)

SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SRV - (RapportMgmtService) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (Trusteer Ltd.)

SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)

SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)

SRV - (SwOffWeb) -- C:\Program Files\Airytec\Switch Off\swoff.exe (Airytec)

SRV - (SwOffScheduler) -- C:\Program Files\Airytec\Switch Off\swoff.exe (Airytec)

SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)

SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)

SRV - (dldwCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldwserv.exe ()

SRV - (dldw_device) -- C:\Windows\System32\dldwcoms.exe ( )

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (TfSysMon) -- system32\drivers\TfSysMon.sys File not found

DRV - (TfNetMon) -- C:\Windows\system32\drivers\TfNetMon.sys File not found

DRV - (TfFsMon) -- system32\drivers\TfFsMon.sys File not found

DRV - (Point32) -- system32\DRIVERS\point32k.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (MBAMSwissArmy) -- C:\Windows\system32\drivers\mbamswissarmy.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (MpKsl270a3e3a) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{021AD0A1-11CB-4D95-A191-70AAF0CC406F}\MpKsl270a3e3a.sys (Microsoft Corporation)

DRV - (WRkrn) -- C:\Windows\System32\drivers\WRkrn.sys (Webroot)

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (RapportEI) -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys (Trusteer Ltd.)

DRV - (RapportPG) -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (Trusteer Ltd.)

DRV - (RapportKELL) -- C:\Windows\System32\drivers\RapportKELL.sys (Trusteer Ltd.)

DRV - (RapportCerberus_34302) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ()

DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SmartDefragDriver) -- C:\Windows\System32\drivers\SmartDefragDriver.sys ()

DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)

DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)

DRV - (NAL) -- C:\Windows\System32\drivers\iqvw32.sys (Intel Corporation )

DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)

DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (BANTExt) -- C:\Windows\System32\drivers\BANTExt.sys ()

DRV - (LMouKE) -- C:\Windows\System32\drivers\LMouKE.Sys (Logitech, Inc.)

DRV - (L8042mou) -- C:\Windows\System32\drivers\L8042mou.Sys (Logitech, Inc.)

DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.)

DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)

DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

DRV - (ASTRA32) -- C:\Program Files\ASTRA32\astra32.sys (Licensed for Sysinfo Lab)

DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)

DRV - (WacomVKHid) -- C:\Windows\System32\drivers\WacomVKHid.sys (Wacom Technology)

DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (ASUSTeK Computer Inc.)

DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=grupo&s={searchTerms}&f=4

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678

IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\crispin\Desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 13 42 D8 20 66 CB 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=GB&install_date=20111011&user_guid=38364539440942149575D0FDAFDA5960&machine_id=3e0bb42f8eceaa5373cfbf14c7ae4b59&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=grupo&s={searchTerms}&f=4

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109794&babsrc=SP_ss&mntrId=14c9c13e00000000000000c0a8c3bbf7

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BLT&o=15554&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=HH&apn_dtid=YYYYYYYYGB&apn_uid=95782B35-9D0A-4BCF-9038-34D29F1BA4E7&apn_sauid=D3494CD7-2EB5-4CD4-A2F6-40426EBF60E0

IE - HKCU\..\SearchScopes\{538C4605-3F03-41DF-BA24-0477A6A2AA35}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en

IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/burn4free/{45E368B2-EE5C-489A-8E46-BC29B29E60EA}?q={searchTerms}

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678

IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://inboxtoolbar.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80150&lng=en

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.google.co.uk"

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_231.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin: C:\Program Files\RadioPI_4eEI\Installr\1.bin\NP4eEISB.dll (RadioPI)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\crispin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\crispin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2012/04/28 07:52:14 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2012/04/29 11:20:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/28 17:13:44 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/28 17:42:03 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1266764D-FC4F-4FA7-B63B-884D53B1680F}: C:\Users\crispin\AppData\Roaming\NetAssistant\ [2011/03/11 16:17:04 | 000,000,000 | ---D | M]

 

[2012/04/29 09:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Extensions

[2010/01/30 23:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2012/01/04 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions

[2010/09/17 11:05:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/17 11:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/01/04 16:45:59 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\plugin@yontoo.com

[2012/01/04 16:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{cb84136f-9c44-433a-9048-c5cd9df1dc16}

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2012/01/04 16:45:59 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\plugin@yontoo.com

[2012/01/04 16:46:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions

[2010/07/30 00:58:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/08/19 00:42:59 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\en-GB@dictionaries.addons.mozilla.org

[2012/01/04 16:46:00 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\plugin@yontoo.com

[2012/01/04 16:46:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions

[2011/01/23 12:32:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/01/22 09:03:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011/01/23 12:30:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2012/01/04 16:46:00 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\plugin@yontoo.com

[2012/04/28 17:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\xoz8dqmb.default\extensions

[2012/04/29 09:55:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\xoz8dqmb.default\extensions\ffxtlbr@Facemoods.com

[2012/01/04 16:46:00 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\xoz8dqmb.default\extensions\plugin@yontoo.com

[2010/05/26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Users\crispin\AppData\Roaming\Mozilla\Firefox\Profiles\2h87q0wd.Default User\searchplugins\askcom.xml

[2012/04/29 09:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011/01/10 19:30:20 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com

[2012/04/28 17:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

[2012/04/25 23:59:55 | 000,085,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2009/08/09 02:11:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll

[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll

[2012/03/04 09:37:21 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2012/04/25 23:58:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/11/26 14:27:08 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

[2012/04/25 23:58:48 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.162\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_231.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll

CHR - plugin: RadioPI Installer Plugin Stub (Enabled) = C:\Program Files\RadioPI_4eEI\Installr\1.bin\NP4eEISB.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Spybot - Search & Destroy = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmcccagmbagkpbdgpammblejlmiempb\2.0.7.20106_0\

CHR - Extension: YouTube = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2011/09/08 08:58:15 | 000,504,831 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost #[iPv6]

O1 - Hosts: 127.0.0.1 fr.a2dfp.net

O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net

O1 - Hosts: 127.0.0.1 ad.a8.net

O1 - Hosts: 127.0.0.1 asy.a8ww.net

O1 - Hosts: 127.0.0.1 abcstats.com

O1 - Hosts: 127.0.0.1 a.abv.bg

O1 - Hosts: 127.0.0.1 adserver.abv.bg

O1 - Hosts: 127.0.0.1 adv.abv.bg

O1 - Hosts: 127.0.0.1 bimg.abv.bg

O1 - Hosts: 127.0.0.1 ca.abv.bg

O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua

O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com

O1 - Hosts: 127.0.0.1 accuserveadsystem.com

O1 - Hosts: 127.0.0.1 http://www.accuserveadsystem.com

O1 - Hosts: 127.0.0.1 achmedia.com

O1 - Hosts: 127.0.0.1 aconti.net

O1 - Hosts: 127.0.0.1 secure.aconti.net

O1 - Hosts: 127.0.0.1 http://www.aconti.net #[Dialer.Aconti]

O1 - Hosts: 127.0.0.1 am1.activemeter.com

O1 - Hosts: 127.0.0.1 http://www.activemeter.com #[Tracking.Cookie]

O1 - Hosts: 127.0.0.1 ads.activepower.net

O1 - Hosts: 14644 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll File not found

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (&Quero) - {A411D7F4-8D11-43EF-BDE4-AA921666388A} - C:\Program Files\Quero Toolbar\Quero.dll (Viktor Krammer)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

O4 - HKLM..\Run: [dldwamon] C:\Program Files\Dell V505\dldwamon.exe ()

O4 - HKLM..\Run: [dldwmon.exe] C:\Program Files\Dell V505\dldwmon.exe ()

O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [sDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)

O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)

O4 - HKCU..\Run: [EPSON29C7FF (Epson Stylus SX235)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION)

O4 - HKCU..\Run: [iE New Window Maximizer] C:\Program Files\IE New Window Maximizer\iemaximizer.exe (jiiSoft)

O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Program Files\TextBridge Classic 2.0\Bin\RegisterDropHandler.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.0)

O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E48B3B5-6445-4A56-A4B3-609D77EBBE29}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AEBD7FC-5B3C-466F-89C2-7E3CA8ACD89F}: NameServer = 87.194.255.154,87.194.255.155

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpFolder: C:^Users^crispin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^reminder-ScanSoft Product Registration.lnk - C:\Program Files\TextBridge Classic 2.0\Ereg\REMIND32.EXE - ()

MsConfig - StartUpReg: IntelliPoint - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: RemoteControl - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - Reg Error: Value error. File not found

MsConfig - State: "startup" - 2

MsConfig - State: "services" - 0

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/04/29 15:21:45 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\crispin\Desktop\OTL (1).exe

[2012/04/28 18:25:52 | 000,000,000 | ---D | C] -- C:\Windows\en

[2012/04/28 18:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

[2012/04/28 18:14:20 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe

[2012/04/28 18:14:09 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2

[2012/04/28 18:03:17 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Logitech

[2012/04/28 18:03:16 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Logishrd

[2012/04/28 17:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/04/28 17:42:03 | 000,772,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/04/28 17:42:03 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/04/28 17:41:43 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/04/28 17:41:43 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/04/28 17:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse

[2012/04/28 17:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2012/04/28 17:16:54 | 000,426,144 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012/04/28 17:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012/04/28 17:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/04/28 17:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs

[2012/04/28 17:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite

[2012/04/28 14:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com

[2012/04/28 07:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar

[2012/04/28 07:51:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer

[2012/04/28 07:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs

[2012/04/28 07:51:08 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\VistaCodecs

[2012/04/28 07:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\VistaCodecPack

[2012/04/28 07:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs

[2012/04/20 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Dell Imaging Toolbox

[2012/04/20 17:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Dl_cats

[2012/04/20 16:58:41 | 000,000,000 | ---D | C] -- C:\logs

[2012/04/20 16:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint

[2012/04/20 16:52:52 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint

[2012/04/20 16:52:41 | 000,000,000 | ---D | C] -- C:\Program Files\Dell

[2012/04/20 16:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers

[2012/04/20 16:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Dell V505

[2012/04/20 16:50:51 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dldwgf.dll

[2012/04/20 14:10:03 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Local\ABBYY

[2012/04/20 14:09:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint

[2012/04/20 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint

[2012/04/20 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY

[2012/04/20 14:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY

[2012/04/20 14:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software

[2012/04/20 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software

[2012/04/20 14:02:35 | 000,458,129 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll

[2012/04/20 14:02:35 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll

[2012/04/20 14:02:34 | 000,475,410 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll

[2012/04/20 14:02:34 | 000,475,410 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll

[2012/04/20 14:02:34 | 000,458,129 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll

[2012/04/20 14:02:34 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll

[2012/04/20 14:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet

[2012/04/20 14:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON

[2012/04/20 13:56:47 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL

[2012/04/20 13:56:38 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBHLE.DLL

[2012/04/20 13:56:27 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BHLE.DLL

[2012/04/20 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON

[2012/04/20 13:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

[2012/04/20 13:55:21 | 000,341,504 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll

[2012/04/20 13:55:21 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe

[2012/04/20 13:55:21 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\escdev.dll

[2012/04/12 05:03:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012/04/12 05:03:45 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012/04/12 05:03:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012/04/12 05:03:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012/04/12 05:03:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012/04/12 05:03:43 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012/04/11 17:23:36 | 000,000,000 | ---D | C] -- C:\Windows\tessdata

[2012/04/11 17:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere

[2012/04/11 17:20:04 | 000,145,592 | ---- | C] (Webroot) -- C:\Windows\System32\WRusr.dll

[2012/04/11 17:20:04 | 000,109,584 | ---- | C] (Webroot) -- C:\Windows\System32\drivers\WRkrn.sys

[2012/04/11 17:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData

[2012/04/11 17:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot

[2012/04/11 14:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/04/11 14:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012/04/11 14:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/03/30 11:40:34 | 000,517,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

[2011/03/30 11:40:32 | 001,566,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll

[2011/03/30 11:40:32 | 000,095,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[1 C:\Users\crispin\Desktop\Jim\Documents\*.tmp files -> C:\Users\crispin\Desktop\Jim\Documents\*.tmp -> ]

[1 C:\Users\crispin\AppData\Local\*.tmp files -> C:\Users\crispin\AppData\Local\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/04/29 15:34:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178092456-3463494078-4020983743-1000UA.job

[2012/04/29 15:28:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/04/29 15:22:34 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012/04/29 15:22:34 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012/04/29 15:21:48 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\crispin\Desktop\OTL (1).exe

[2012/04/29 15:07:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/04/29 13:19:42 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/04/29 12:28:00 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job

[2012/04/29 11:29:01 | 000,610,860 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/04/29 11:29:01 | 000,109,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/04/29 11:23:09 | 000,000,598 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job

[2012/04/29 11:23:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/04/29 11:22:45 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job

[2012/04/29 11:22:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/04/29 10:51:59 | 000,002,052 | ---- | M] () -- C:\Users\crispin\Desktop\Google Chrome.lnk

[2012/04/29 09:55:15 | 000,000,115 | ---- | M] () -- C:\Windows\wininit.ini

[2012/04/28 20:34:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178092456-3463494078-4020983743-1000Core.job

[2012/04/28 19:15:42 | 000,000,225 | ---- | M] () -- C:\Users\crispin\Desktop\freepchelp.url

[2012/04/28 19:01:21 | 000,000,594 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2012/04/28 19:01:21 | 000,000,462 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job

[2012/04/28 18:00:02 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job

[2012/04/28 17:48:02 | 000,294,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012/04/28 17:41:23 | 000,772,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/04/28 17:41:23 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/04/28 17:41:23 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/04/28 17:41:23 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/04/28 17:41:22 | 000,687,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2012/04/28 17:18:12 | 000,426,144 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2012/04/28 17:18:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2012/04/28 17:13:50 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/04/28 14:28:29 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012/04/28 14:16:19 | 000,001,754 | ---- | M] () -- C:\Users\crispin\Desktop\Update Checker.lnk

[2012/04/26 00:37:40 | 000,001,479 | ---- | M] () -- C:\Users\crispin\Desktop\mspaint.exe.lnk

[2012/04/25 05:00:23 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2012/04/23 17:57:50 | 000,000,173 | ---- | M] () -- C:\Users\crispin\Desktop\Freegle.url

[2012/04/22 00:31:58 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI

[2012/04/20 16:58:59 | 000,144,839 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf

[2012/04/20 14:07:03 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss

[2012/04/20 13:55:22 | 000,000,765 | ---- | M] () -- C:\Users\crispin\Desktop\EPSON Scan.lnk

[2012/04/20 13:53:38 | 000,008,192 | ---- | M] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL

[2012/04/20 13:53:37 | 000,093,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBHLE.DLL

[2012/04/20 13:53:37 | 000,063,488 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BHLE.DLL

[2012/04/14 15:13:45 | 000,085,263 | ---- | M] () -- C:\Users\crispin\Desktop\IMG.jpg

[2012/04/12 19:40:37 | 000,013,369 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\madras curry meal.odt

[2012/04/12 14:52:52 | 000,555,384 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\A9R2E2F.pdf

[2012/04/11 20:48:37 | 000,017,546 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\sweet and sour chicken breasts.odt

[2012/04/11 17:20:04 | 000,145,592 | ---- | M] (Webroot) -- C:\Windows\System32\WRusr.dll

[2012/04/11 17:20:04 | 000,109,584 | ---- | M] (Webroot) -- C:\Windows\System32\drivers\WRkrn.sys

[2012/04/11 16:39:28 | 000,169,084 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\reipe for sweet and sour meal kit.odt

[2012/04/05 19:18:13 | 000,015,733 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\Aprils goals.odt

[2012/04/04 18:14:15 | 000,302,651 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\comparison of photo and grid drawing.odt

[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[1 C:\Users\crispin\Desktop\Jim\Documents\*.tmp files -> C:\Users\crispin\Desktop\Jim\Documents\*.tmp -> ]

[1 C:\Users\crispin\AppData\Local\*.tmp files -> C:\Users\crispin\AppData\Local\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/04/29 13:19:42 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/04/29 10:51:59 | 000,002,052 | ---- | C] () -- C:\Users\crispin\Desktop\Google Chrome.lnk

[2012/04/29 09:55:15 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini

[2012/04/28 18:14:36 | 000,000,594 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job

[2012/04/28 18:14:36 | 000,000,462 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job

[2012/04/28 18:14:34 | 000,000,598 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job

[2012/04/28 18:14:29 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

[2012/04/28 17:16:55 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/04/28 14:28:29 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012/04/28 14:16:19 | 000,001,754 | ---- | C] () -- C:\Users\crispin\Desktop\Update Checker.lnk

[2012/04/28 07:52:24 | 000,001,241 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk

[2012/04/26 00:36:58 | 000,001,479 | ---- | C] () -- C:\Users\crispin\Desktop\mspaint.exe.lnk

[2012/04/25 05:00:16 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2012/04/23 17:57:38 | 000,000,173 | ---- | C] () -- C:\Users\crispin\Desktop\Freegle.url

[2012/04/22 00:31:58 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI

[2012/04/20 16:56:52 | 000,072,625 | ---- | C] () -- C:\Windows\System32\dldwprpr.chm

[2012/04/20 16:56:45 | 000,360,448 | ---- | C] () -- C:\Windows\System32\dldwcoin.dll

[2012/04/20 16:51:29 | 000,352,256 | ---- | C] () -- C:\Windows\System32\DLDWwupd.dll

[2012/04/20 16:51:29 | 000,017,648 | ---- | C] () -- C:\Windows\System32\DLDWwupd.exe

[2012/04/20 16:50:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\DLDWinst.dll

[2012/04/20 16:50:55 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\DLDWhcp.dll

[2012/04/20 16:50:55 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dldwinpa.dll

[2012/04/20 16:50:54 | 001,069,056 | ---- | C] ( ) -- C:\Windows\System32\dldwserv.dll

[2012/04/20 16:50:54 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\dldwusb1.dll

[2012/04/20 16:50:54 | 000,520,192 | ---- | C] () -- C:\Windows\System32\dldwutil.dll

[2012/04/20 16:50:54 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\dldwiesc.dll

[2012/04/20 16:50:53 | 000,651,264 | ---- | C] ( ) -- C:\Windows\System32\dldwpmui.dll

[2012/04/20 16:50:53 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\dldwlmpm.dll

[2012/04/20 16:50:53 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dldwinsb.dll

[2012/04/20 16:50:53 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dldwins.dll

[2012/04/20 16:50:53 | 000,147,456 | ---- | C] () -- C:\Windows\System32\dldwjswr.dll

[2012/04/20 16:50:53 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dldwinsr.dll

[2012/04/20 16:50:52 | 000,679,936 | ---- | C] ( ) -- C:\Windows\System32\dldwhbn3.dll

[2012/04/20 16:50:52 | 000,328,944 | ---- | C] ( ) -- C:\Windows\System32\dldwih.exe

[2012/04/20 16:50:52 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dldwgrd.dll

[2012/04/20 16:50:51 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dldwcub.dll

[2012/04/20 16:50:51 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dldwcur.dll

[2012/04/20 16:50:50 | 000,595,184 | ---- | C] ( ) -- C:\Windows\System32\dldwcoms.exe

[2012/04/20 16:50:50 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dldwcu.dll

[2012/04/20 16:50:48 | 000,765,952 | ---- | C] ( ) -- C:\Windows\System32\dldwcomc.dll

[2012/04/20 16:50:48 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\dldwcomm.dll

[2012/04/20 16:50:47 | 000,369,904 | ---- | C] ( ) -- C:\Windows\System32\dldwcfg.exe

[2012/04/20 16:50:47 | 000,001,957 | ---- | C] () -- C:\Windows\System32\dldw.loc

[2012/04/20 16:50:46 | 000,144,839 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf

[2012/04/20 14:06:45 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss

[2012/04/20 13:55:22 | 000,000,765 | ---- | C] () -- C:\Users\crispin\Desktop\EPSON Scan.lnk

[2012/04/14 15:13:44 | 000,085,263 | ---- | C] () -- C:\Users\crispin\Desktop\IMG.jpg

[2012/04/12 19:37:15 | 000,013,369 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\madras curry meal.odt

[2012/04/12 14:53:23 | 000,555,384 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\A9R2E2F.pdf

[2012/04/11 20:43:04 | 000,017,546 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\sweet and sour chicken breasts.odt

[2012/04/11 16:39:26 | 000,169,084 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\reipe for sweet and sour meal kit.odt

[2012/04/04 18:14:13 | 000,302,651 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\comparison of photo and grid drawing.odt

[2012/04/01 18:47:20 | 000,015,733 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\Aprils goals.odt

[2012/02/09 14:20:38 | 004,794,880 | ---- | C] () -- C:\Windows\System32\x264vfw.dll

[2012/01/09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2011/12/29 09:10:25 | 000,125,308 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/03/31 14:30:53 | 000,000,547 | ---- | C] () -- C:\Users\crispin\AppData\Roaming\FreeDesktopClock.ini

[2011/03/31 01:22:41 | 000,000,680 | ---- | C] () -- C:\Users\crispin\AppData\Local\d3d9caps.dat

[2011/03/30 11:40:32 | 000,097,152 | ---- | C] () -- C:\Program Files\dxupdate.cab

[2011/03/30 11:40:32 | 000,044,624 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab

[2011/03/25 16:50:40 | 000,029,520 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe

[2011/03/25 16:50:40 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys

[2010/12/06 23:24:59 | 000,000,511 | ---- | C] () -- C:\Windows\Snowflake Screen Saver Audio Files.dat

[2010/12/06 23:24:59 | 000,000,376 | ---- | C] () -- C:\Windows\Snowflake Screen Saver Captions.dat

[2010/10/03 12:59:21 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX6600E.ini

[2010/09/30 21:53:53 | 000,000,120 | ---- | C] () -- C:\Users\crispin\AppData\Local\Ovihomigobabamis.dat

[2010/09/07 23:08:34 | 000,099,965 | ---- | C] () -- C:\Windows\UninstallFirefox.exe

[2010/09/07 23:08:25 | 000,003,137 | ---- | C] () -- C:\Windows\mozver.dat

[2010/06/27 23:06:51 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll

[2010/06/02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab

[2010/06/02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2010/06/02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

mij Newbie

mij

Posted
  • Author
Posted

second part of the first OTL log:-

 

 

 

[2011/04/17 00:40:18 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Airytec

[2010/01/19 20:15:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Autodesk

[2010/01/19 22:01:21 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\DriverCure

[2012/04/21 08:43:14 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\EPSON

[2011/11/28 08:26:44 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\FreeFileViewer

[2012/03/20 10:27:42 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\gtk-2.0

[2010/11/15 02:55:36 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\ID Vault

[2010/05/04 17:39:33 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\InterVideo

[2011/03/25 16:50:47 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\IObit

[2011/01/24 17:27:21 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\IrfanView

[2011/03/11 16:17:04 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\NetAssistant

[2010/01/19 14:31:39 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\OpenOffice.org

[2012/04/21 00:33:40 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Opera

[2010/10/25 12:59:47 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\PCToolsFirewallPlus

[2010/06/27 23:07:42 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\PrimoPDF

[2012/01/03 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\QuickScan

[2010/10/25 12:59:20 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Spam Monitor

[2010/08/11 09:07:20 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\TeamViewer

[2010/01/19 19:16:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\TomTom

[2010/02/15 12:42:09 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Trusteer

[2010/09/30 22:07:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Unyp

[2012/04/28 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\VistaCodecs

[2011/11/09 12:03:49 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Weather Clock

[2011/04/09 11:25:01 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Windows Live Writer

[2011/10/18 01:44:17 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\XnView

[2012/04/29 11:22:45 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\AutoSmartDefrag.job

[2012/04/29 11:23:09 | 000,000,598 | ---- | M] () -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

[2012/03/25 04:55:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

[2012/04/29 12:28:00 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\FreeFileViewerUpdateChecker.job

[2012/04/28 18:00:02 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job

[2012/03/13 04:45:01 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job

[2012/04/28 19:01:21 | 000,000,594 | ---- | M] () -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

[2012/04/28 19:01:21 | 000,000,462 | ---- | M] () -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

[2012/04/29 11:21:11 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

< %SYSTEMDRIVE%\*.* >

[2010/06/02 06:21:16 | 001,347,354 | ---- | M] () -- C:\Apr2005_d3dx9_25_x64.cab

[2010/06/02 06:21:16 | 001,078,962 | ---- | M] () -- C:\Apr2005_d3dx9_25_x86.cab

[2010/06/02 06:21:16 | 001,397,830 | ---- | M] () -- C:\Apr2006_d3dx9_30_x64.cab

[2010/06/02 06:21:16 | 001,115,221 | ---- | M] () -- C:\Apr2006_d3dx9_30_x86.cab

[2010/06/02 06:21:18 | 000,916,430 | ---- | M] () -- C:\Apr2006_MDX1_x86.cab

[2010/06/02 06:21:18 | 004,162,630 | ---- | M] () -- C:\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 06:21:18 | 000,179,133 | ---- | M] () -- C:\Apr2006_XACT_x64.cab

[2010/06/02 06:21:18 | 000,133,103 | ---- | M] () -- C:\Apr2006_XACT_x86.cab

[2010/06/02 06:21:20 | 000,087,101 | ---- | M] () -- C:\Apr2006_xinput_x64.cab

[2010/06/02 06:21:34 | 000,046,010 | ---- | M] () -- C:\Apr2006_xinput_x86.cab

[2010/06/02 06:21:36 | 000,698,612 | ---- | M] () -- C:\APR2007_d3dx10_33_x64.cab

[2010/06/02 06:21:36 | 000,695,865 | ---- | M] () -- C:\APR2007_d3dx10_33_x86.cab

[2010/06/02 06:21:36 | 001,607,358 | ---- | M] () -- C:\APR2007_d3dx9_33_x64.cab

[2010/06/02 06:21:38 | 001,606,039 | ---- | M] () -- C:\APR2007_d3dx9_33_x86.cab

[2010/06/02 06:21:38 | 000,195,766 | ---- | M] () -- C:\APR2007_XACT_x64.cab

[2010/06/02 06:21:38 | 000,151,225 | ---- | M] () -- C:\APR2007_XACT_x86.cab

[2010/06/02 06:21:38 | 000,096,817 | ---- | M] () -- C:\APR2007_xinput_x64.cab

[2010/06/02 06:21:40 | 000,053,302 | ---- | M] () -- C:\APR2007_xinput_x86.cab

[2010/06/02 06:21:40 | 001,350,542 | ---- | M] () -- C:\Aug2005_d3dx9_27_x64.cab

[2010/06/02 06:21:40 | 001,077,644 | ---- | M] () -- C:\Aug2005_d3dx9_27_x86.cab

[2010/06/02 06:21:40 | 000,182,903 | ---- | M] () -- C:\AUG2006_XACT_x64.cab

[2010/06/02 06:21:40 | 000,137,235 | ---- | M] () -- C:\AUG2006_XACT_x86.cab

[2010/06/02 06:21:40 | 000,087,142 | ---- | M] () -- C:\AUG2006_xinput_x64.cab

[2010/06/02 06:21:40 | 000,046,058 | ---- | M] () -- C:\AUG2006_xinput_x86.cab

[2010/06/02 06:21:42 | 000,852,286 | ---- | M] () -- C:\AUG2007_d3dx10_35_x64.cab

[2010/06/02 06:21:42 | 000,796,867 | ---- | M] () -- C:\AUG2007_d3dx10_35_x86.cab

[2010/06/02 06:21:42 | 001,800,160 | ---- | M] () -- C:\AUG2007_d3dx9_35_x64.cab

[2010/06/02 06:21:42 | 001,708,152 | ---- | M] () -- C:\AUG2007_d3dx9_35_x86.cab

[2010/06/02 06:21:44 | 000,198,096 | ---- | M] () -- C:\AUG2007_XACT_x64.cab

[2010/06/02 06:21:44 | 000,153,012 | ---- | M] () -- C:\AUG2007_XACT_x86.cab

[2010/06/02 06:21:42 | 000,867,612 | ---- | M] () -- C:\Aug2008_d3dx10_39_x64.cab

[2010/06/02 06:21:44 | 000,849,167 | ---- | M] () -- C:\Aug2008_d3dx10_39_x86.cab

[2010/06/02 06:21:44 | 001,794,084 | ---- | M] () -- C:\Aug2008_d3dx9_39_x64.cab

[2010/06/02 06:21:44 | 001,464,672 | ---- | M] () -- C:\Aug2008_d3dx9_39_x86.cab

[2010/06/02 06:21:44 | 000,121,772 | ---- | M] () -- C:\Aug2008_XACT_x64.cab

[2010/06/02 06:21:44 | 000,092,996 | ---- | M] () -- C:\Aug2008_XACT_x86.cab

[2010/06/02 06:21:46 | 000,271,412 | ---- | M] () -- C:\Aug2008_XAudio_x64.cab

[2010/06/02 06:21:46 | 000,271,038 | ---- | M] () -- C:\Aug2008_XAudio_x86.cab

[2010/06/02 06:21:46 | 000,919,044 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 06:21:56 | 000,900,598 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 06:21:56 | 003,112,111 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 06:21:56 | 003,319,740 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 06:21:58 | 000,232,635 | ---- | M] () -- C:\Aug2009_d3dx10_42_x64.cab

[2010/06/02 06:21:58 | 000,192,131 | ---- | M] () -- C:\Aug2009_d3dx10_42_x86.cab

[2010/06/02 06:21:58 | 000,136,301 | ---- | M] () -- C:\Aug2009_d3dx11_42_x64.cab

[2010/06/02 06:21:58 | 000,105,044 | ---- | M] () -- C:\Aug2009_d3dx11_42_x86.cab

[2010/06/02 06:21:58 | 000,930,116 | ---- | M] () -- C:\Aug2009_d3dx9_42_x64.cab

[2010/06/02 06:21:58 | 000,728,456 | ---- | M] () -- C:\Aug2009_d3dx9_42_x86.cab

[2010/06/02 06:22:00 | 000,122,408 | ---- | M] () -- C:\Aug2009_XACT_x64.cab

[2010/06/02 06:22:00 | 000,093,106 | ---- | M] () -- C:\Aug2009_XACT_x86.cab

[2010/06/02 06:22:00 | 000,273,264 | ---- | M] () -- C:\Aug2009_XAudio_x64.cab

[2010/06/02 06:22:00 | 000,272,642 | ---- | M] () -- C:\Aug2009_XAudio_x86.cab

[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2010/08/11 21:38:06 | 000,000,090 | ---- | M] () -- C:\bcmwl6.log

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2009/08/08 05:42:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2012/03/14 08:56:03 | 000,007,907 | R--- | M] () -- C:\CLDMA.LOG

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2010/06/02 06:22:00 | 001,357,976 | ---- | M] () -- C:\Dec2005_d3dx9_28_x64.cab

[2010/06/02 06:22:00 | 001,079,456 | ---- | M] () -- C:\Dec2005_d3dx9_28_x86.cab

[2010/06/02 06:22:00 | 000,212,807 | ---- | M] () -- C:\DEC2006_d3dx10_00_x64.cab

[2010/06/02 06:22:00 | 000,191,720 | ---- | M] () -- C:\DEC2006_d3dx10_00_x86.cab

[2010/06/02 06:22:00 | 001,571,154 | ---- | M] () -- C:\DEC2006_d3dx9_32_x64.cab

[2010/06/02 06:22:02 | 001,574,376 | ---- | M] () -- C:\DEC2006_d3dx9_32_x86.cab

[2010/06/02 06:22:02 | 000,192,475 | ---- | M] () -- C:\DEC2006_XACT_x64.cab

[2010/06/02 06:22:02 | 000,145,599 | ---- | M] () -- C:\DEC2006_XACT_x86.cab

[2011/03/30 12:40:32 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\DSETUP.dll

[2011/03/30 12:40:32 | 001,566,040 | ---- | M] (Microsoft Corporation) -- C:\dsetup32.dll

[2011/03/30 12:40:32 | 000,044,624 | ---- | M] () -- C:\dxdllreg_x86.cab

[2011/03/30 12:40:34 | 000,517,976 | ---- | M] (Microsoft Corporation) -- C:\DXSETUP.exe

[2011/03/30 12:40:32 | 000,097,152 | ---- | M] () -- C:\dxupdate.cab

[2009/12/15 22:14:25 | 000,000,000 | ---- | M] () -- C:\dxva.log

[2010/06/02 06:22:02 | 001,247,499 | ---- | M] () -- C:\Feb2005_d3dx9_24_x64.cab

[2010/06/02 06:22:02 | 001,013,225 | ---- | M] () -- C:\Feb2005_d3dx9_24_x86.cab

[2010/06/02 06:22:02 | 001,362,796 | ---- | M] () -- C:\Feb2006_d3dx9_29_x64.cab

[2010/06/02 06:22:04 | 001,084,720 | ---- | M] () -- C:\Feb2006_d3dx9_29_x86.cab

[2010/06/02 06:22:10 | 000,178,359 | ---- | M] () -- C:\Feb2006_XACT_x64.cab

[2010/06/02 06:22:10 | 000,132,409 | ---- | M] () -- C:\Feb2006_XACT_x86.cab

[2010/06/02 06:22:12 | 000,194,675 | ---- | M] () -- C:\FEB2007_XACT_x64.cab

[2010/06/02 06:22:12 | 000,147,983 | ---- | M] () -- C:\FEB2007_XACT_x86.cab

[2010/06/02 06:22:12 | 000,054,678 | ---- | M] () -- C:\Feb2010_X3DAudio_x64.cab

[2010/06/02 06:22:12 | 000,020,713 | ---- | M] () -- C:\Feb2010_X3DAudio_x86.cab

[2010/06/02 06:22:14 | 000,122,446 | ---- | M] () -- C:\Feb2010_XACT_x64.cab

[2010/06/02 06:22:14 | 000,093,180 | ---- | M] () -- C:\Feb2010_XACT_x86.cab

[2010/06/02 06:22:14 | 000,276,960 | ---- | M] () -- C:\Feb2010_XAudio_x64.cab

[2010/06/02 06:22:14 | 000,277,191 | ---- | M] () -- C:\Feb2010_XAudio_x86.cab

[2010/09/17 00:31:11 | 000,000,104 | ---- | M] () -- C:\Internet Explorer - Shortcut (2).lnk

[2009/09/26 01:17:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/06/02 06:22:14 | 001,336,002 | ---- | M] () -- C:\Jun2005_d3dx9_26_x64.cab

[2010/06/02 06:22:16 | 001,064,925 | ---- | M] () -- C:\Jun2005_d3dx9_26_x86.cab

[2010/06/02 06:22:16 | 000,180,785 | ---- | M] () -- C:\JUN2006_XACT_x64.cab

[2010/06/02 06:22:16 | 000,133,671 | ---- | M] () -- C:\JUN2006_XACT_x86.cab

[2010/06/02 06:22:16 | 000,699,044 | ---- | M] () -- C:\JUN2007_d3dx10_34_x64.cab

[2010/06/02 06:22:16 | 000,698,472 | ---- | M] () -- C:\JUN2007_d3dx10_34_x86.cab

[2010/06/02 06:22:16 | 001,607,774 | ---- | M] () -- C:\JUN2007_d3dx9_34_x64.cab

[2010/06/02 06:22:16 | 001,607,286 | ---- | M] () -- C:\JUN2007_d3dx9_34_x86.cab

[2010/06/02 06:22:16 | 000,197,122 | ---- | M] () -- C:\JUN2007_XACT_x64.cab

[2010/06/02 06:22:18 | 000,152,909 | ---- | M] () -- C:\JUN2007_XACT_x86.cab

[2010/06/02 06:22:18 | 000,867,828 | ---- | M] () -- C:\JUN2008_d3dx10_38_x64.cab

[2010/06/02 06:22:18 | 000,849,919 | ---- | M] () -- C:\JUN2008_d3dx10_38_x86.cab

[2010/06/02 06:22:18 | 001,792,608 | ---- | M] () -- C:\JUN2008_d3dx9_38_x64.cab

[2010/06/02 06:22:18 | 001,463,878 | ---- | M] () -- C:\JUN2008_d3dx9_38_x86.cab

[2010/06/02 06:22:18 | 000,055,154 | ---- | M] () -- C:\JUN2008_X3DAudio_x64.cab

[2010/06/02 06:22:18 | 000,021,905 | ---- | M] () -- C:\JUN2008_X3DAudio_x86.cab

[2010/06/02 06:22:18 | 000,121,054 | ---- | M] () -- C:\JUN2008_XACT_x64.cab

[2010/06/02 06:22:18 | 000,093,128 | ---- | M] () -- C:\JUN2008_XACT_x86.cab

[2010/06/02 06:22:18 | 000,269,628 | ---- | M] () -- C:\JUN2008_XAudio_x64.cab

[2010/06/02 06:22:20 | 000,269,024 | ---- | M] () -- C:\JUN2008_XAudio_x86.cab

[2010/06/02 06:22:28 | 000,944,460 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 06:22:28 | 000,931,471 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 06:22:28 | 000,752,783 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 06:22:30 | 000,762,188 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 06:22:30 | 000,235,955 | ---- | M] () -- C:\Jun2010_d3dx10_43_x64.cab

[2010/06/02 06:22:30 | 000,197,283 | ---- | M] () -- C:\Jun2010_d3dx10_43_x86.cab

[2010/06/02 06:22:30 | 000,138,205 | ---- | M] () -- C:\Jun2010_d3dx11_43_x64.cab

[2010/06/02 06:22:30 | 000,109,445 | ---- | M] () -- C:\Jun2010_d3dx11_43_x86.cab

[2010/06/02 06:22:32 | 000,937,246 | ---- | M] () -- C:\Jun2010_d3dx9_43_x64.cab

[2010/06/02 06:22:32 | 000,768,036 | ---- | M] () -- C:\Jun2010_d3dx9_43_x86.cab

[2010/06/02 06:22:32 | 000,124,596 | ---- | M] () -- C:\Jun2010_XACT_x64.cab

[2010/06/02 06:22:32 | 000,093,686 | ---- | M] () -- C:\Jun2010_XACT_x86.cab

[2010/06/02 06:22:32 | 000,277,338 | ---- | M] () -- C:\Jun2010_XAudio_x64.cab

[2010/06/02 06:22:32 | 000,278,060 | ---- | M] () -- C:\Jun2010_XAudio_x86.cab

[2010/06/02 06:22:32 | 000,844,884 | ---- | M] () -- C:\Mar2008_d3dx10_37_x64.cab

[2010/06/02 06:22:34 | 000,818,260 | ---- | M] () -- C:\Mar2008_d3dx10_37_x86.cab

[2010/06/02 06:22:34 | 001,769,862 | ---- | M] () -- C:\Mar2008_d3dx9_37_x64.cab

[2010/06/02 06:22:34 | 001,443,282 | ---- | M] () -- C:\Mar2008_d3dx9_37_x86.cab

[2010/06/02 06:22:34 | 000,055,058 | ---- | M] () -- C:\Mar2008_X3DAudio_x64.cab

[2010/06/02 06:22:34 | 000,021,867 | ---- | M] () -- C:\Mar2008_X3DAudio_x86.cab

[2010/06/02 06:22:36 | 000,122,336 | ---- | M] () -- C:\Mar2008_XACT_x64.cab

[2010/06/02 06:22:36 | 000,093,734 | ---- | M] () -- C:\Mar2008_XACT_x86.cab

[2010/06/02 06:22:36 | 000,251,194 | ---- | M] () -- C:\Mar2008_XAudio_x64.cab

[2010/06/02 06:22:36 | 000,226,250 | ---- | M] () -- C:\Mar2008_XAudio_x86.cab

[2010/06/02 06:22:36 | 001,067,160 | ---- | M] () -- C:\Mar2009_d3dx10_41_x64.cab

[2010/06/02 06:22:36 | 001,040,745 | ---- | M] () -- C:\Mar2009_d3dx10_41_x86.cab

[2010/06/02 06:22:36 | 001,973,702 | ---- | M] () -- C:\Mar2009_d3dx9_41_x64.cab

[2010/06/02 06:22:36 | 001,612,446 | ---- | M] () -- C:\Mar2009_d3dx9_41_x86.cab

[2010/06/02 06:22:38 | 000,054,600 | ---- | M] () -- C:\Mar2009_X3DAudio_x64.cab

[2010/06/02 06:22:38 | 000,021,298 | ---- | M] () -- C:\Mar2009_X3DAudio_x86.cab

[2010/06/02 06:22:46 | 000,121,506 | ---- | M] () -- C:\Mar2009_XACT_x64.cab

[2010/06/02 06:22:46 | 000,092,740 | ---- | M] () -- C:\Mar2009_XACT_x86.cab

[2010/06/02 06:22:46 | 000,275,044 | ---- | M] () -- C:\Mar2009_XAudio_x64.cab

[2010/06/02 06:22:48 | 000,273,018 | ---- | M] () -- C:\Mar2009_XAudio_x86.cab

[2009/09/26 01:17:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/10/25 13:49:12 | 000,000,029 | ---- | M] () -- C:\mylog.txt

[2010/06/02 06:22:48 | 000,864,600 | ---- | M] () -- C:\Nov2007_d3dx10_36_x64.cab

[2010/06/02 06:22:48 | 000,803,884 | ---- | M] () -- C:\Nov2007_d3dx10_36_x86.cab

[2010/06/02 06:22:48 | 001,802,058 | ---- | M] () -- C:\Nov2007_d3dx9_36_x64.cab

[2010/06/02 06:22:48 | 001,709,360 | ---- | M] () -- C:\Nov2007_d3dx9_36_x86.cab

[2010/06/02 06:22:50 | 000,046,144 | ---- | M] () -- C:\NOV2007_X3DAudio_x64.cab

[2010/06/02 06:22:50 | 000,018,496 | ---- | M] () -- C:\NOV2007_X3DAudio_x86.cab

[2010/06/02 06:22:50 | 000,196,762 | ---- | M] () -- C:\NOV2007_XACT_x64.cab

[2010/06/02 06:22:50 | 000,148,264 | ---- | M] () -- C:\NOV2007_XACT_x86.cab

[2010/06/02 06:22:50 | 000,994,154 | ---- | M] () -- C:\Nov2008_d3dx10_40_x64.cab

[2010/06/02 06:22:52 | 000,965,421 | ---- | M] () -- C:\Nov2008_d3dx10_40_x86.cab

[2010/06/02 06:22:52 | 001,906,878 | ---- | M] () -- C:\Nov2008_d3dx9_40_x64.cab

[2010/06/02 06:22:52 | 001,550,796 | ---- | M] () -- C:\Nov2008_d3dx9_40_x86.cab

[2010/06/02 06:22:52 | 000,054,522 | ---- | M] () -- C:\Nov2008_X3DAudio_x64.cab

[2010/06/02 06:22:52 | 000,021,851 | ---- | M] () -- C:\Nov2008_X3DAudio_x86.cab

[2010/06/02 06:22:52 | 000,121,794 | ---- | M] () -- C:\Nov2008_XACT_x64.cab

[2010/06/02 06:22:52 | 000,092,684 | ---- | M] () -- C:\Nov2008_XACT_x86.cab

[2010/06/02 06:22:54 | 000,273,960 | ---- | M] () -- C:\Nov2008_XAudio_x64.cab

[2010/06/02 06:22:54 | 000,272,611 | ---- | M] () -- C:\Nov2008_XAudio_x86.cab

[2010/06/02 06:22:54 | 000,086,037 | ---- | M] () -- C:\Oct2005_xinput_x64.cab

[2010/06/02 06:22:54 | 000,045,359 | ---- | M] () -- C:\Oct2005_xinput_x86.cab

[2010/06/02 06:22:54 | 001,412,902 | ---- | M] () -- C:\OCT2006_d3dx9_31_x64.cab

[2010/06/02 06:22:54 | 001,127,217 | ---- | M] () -- C:\OCT2006_d3dx9_31_x86.cab

[2010/06/02 06:22:54 | 000,182,361 | ---- | M] () -- C:\OCT2006_XACT_x64.cab

[2010/06/02 06:22:54 | 000,138,017 | ---- | M] () -- C:\OCT2006_XACT_x86.cab

[2010/01/19 14:32:26 | 000,000,866 | ---- | M] () -- C:\OpenOffice.org 3.1.lnk

[2012/04/29 14:51:03 | 2694,594,560 | -HS- | M] () -- C:\pagefile.sys

[2009/09/15 13:14:41 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log

[2011/09/04 18:32:26 | 000,000,370 | ---- | M] () -- C:\rkill.log

[2010/03/06 00:45:35 | 000,497,542 | ---- | M] () -- C:\ScanImage01.jpg

[2010/03/06 00:45:37 | 001,225,551 | ---- | M] () -- C:\ScanImage02.jpg

[2010/03/06 00:45:38 | 001,277,259 | ---- | M] () -- C:\ScanImage03.jpg

[2010/03/06 00:45:39 | 001,417,040 | ---- | M] () -- C:\ScanImage04.jpg

[2010/03/06 00:45:40 | 001,177,474 | ---- | M] () -- C:\ScanImage05.jpg

[2010/03/06 00:45:41 | 001,490,617 | ---- | M] () -- C:\ScanImage06.jpg

[2010/03/06 00:45:42 | 001,361,389 | ---- | M] () -- C:\ScanImage07.jpg

[2010/03/06 00:45:43 | 001,241,114 | ---- | M] () -- C:\ScanImage08.jpg

[2010/03/06 00:45:44 | 000,611,744 | ---- | M] () -- C:\ScanImage09.jpg

[2010/03/06 00:45:46 | 001,664,031 | ---- | M] () -- C:\ScanImage10.jpg

[2010/03/06 00:47:27 | 001,317,610 | ---- | M] () -- C:\ScanImage100.jpg

[2010/03/06 00:47:28 | 001,376,471 | ---- | M] () -- C:\ScanImage101.jpg

[2010/03/06 00:47:29 | 001,461,973 | ---- | M] () -- C:\ScanImage102.jpg

[2010/03/06 00:45:47 | 000,648,572 | ---- | M] () -- C:\ScanImage11.jpg

[2010/03/06 00:45:48 | 000,633,808 | ---- | M] () -- C:\ScanImage12.jpg

[2010/03/06 00:45:49 | 000,567,145 | ---- | M] () -- C:\ScanImage13.jpg

[2010/03/06 00:45:50 | 000,846,684 | ---- | M] () -- C:\ScanImage14.jpg

[2010/03/06 00:45:51 | 000,739,236 | ---- | M] () -- C:\ScanImage15.jpg

[2010/03/06 00:45:52 | 001,261,208 | ---- | M] () -- C:\ScanImage16.jpg

[2010/03/06 00:45:53 | 001,358,596 | ---- | M] () -- C:\ScanImage17.jpg

[2010/03/06 00:45:55 | 001,388,630 | ---- | M] () -- C:\ScanImage18.jpg

[2010/03/06 00:45:56 | 001,542,479 | ---- | M] () -- C:\ScanImage19.jpg

[2010/03/06 00:45:57 | 000,766,325 | ---- | M] () -- C:\ScanImage20.jpg

[2010/03/06 00:45:58 | 001,329,710 | ---- | M] () -- C:\ScanImage21.jpg

[2010/03/06 00:45:59 | 001,628,297 | ---- | M] () -- C:\ScanImage22.jpg

[2010/03/06 00:46:01 | 000,967,719 | ---- | M] () -- C:\ScanImage23.jpg

[2010/03/06 00:46:02 | 000,949,955 | ---- | M] () -- C:\ScanImage24.jpg

[2010/03/06 00:46:03 | 000,779,886 | ---- | M] () -- C:\ScanImage25.jpg

[2010/03/06 00:46:04 | 000,520,498 | ---- | M] () -- C:\ScanImage26.jpg

[2010/03/06 00:46:05 | 000,398,555 | ---- | M] () -- C:\ScanImage27.jpg

[2010/03/06 00:46:06 | 000,469,175 | ---- | M] () -- C:\ScanImage28.jpg

[2010/03/06 00:46:07 | 000,493,843 | ---- | M] () -- C:\ScanImage29.jpg

[2010/03/06 00:46:08 | 001,399,777 | ---- | M] () -- C:\ScanImage30.jpg

[2010/03/06 00:46:09 | 001,418,353 | ---- | M] () -- C:\ScanImage31.jpg

[2010/03/06 00:46:10 | 001,407,178 | ---- | M] () -- C:\ScanImage32.jpg

[2010/03/06 00:46:11 | 001,004,001 | ---- | M] () -- C:\ScanImage33.jpg

[2010/03/06 00:46:13 | 001,614,431 | ---- | M] () -- C:\ScanImage34.jpg

[2010/03/06 00:46:14 | 000,974,932 | ---- | M] () -- C:\ScanImage35.jpg

[2010/03/06 00:46:15 | 000,315,121 | ---- | M] () -- C:\ScanImage36.jpg

[2010/03/06 00:46:16 | 000,994,408 | ---- | M] () -- C:\ScanImage37.jpg

[2010/03/06 00:46:17 | 000,820,129 | ---- | M] () -- C:\ScanImage38.jpg

[2010/03/06 00:46:18 | 001,507,269 | ---- | M] () -- C:\ScanImage39.jpg

[2010/03/06 00:46:19 | 001,138,119 | ---- | M] () -- C:\ScanImage40.jpg

[2010/03/06 00:46:20 | 001,063,731 | ---- | M] () -- C:\ScanImage41.jpg

[2010/03/06 00:46:21 | 001,169,277 | ---- | M] () -- C:\ScanImage42.jpg

[2010/03/06 00:46:23 | 001,320,179 | ---- | M] () -- C:\ScanImage43.jpg

[2010/03/06 00:46:24 | 001,232,008 | ---- | M] () -- C:\ScanImage44.jpg

[2010/03/06 00:46:25 | 001,478,098 | ---- | M] () -- C:\ScanImage45.jpg

[2010/03/06 00:46:26 | 001,470,491 | ---- | M] () -- C:\ScanImage46.jpg

[2010/03/06 00:46:27 | 001,334,979 | ---- | M] () -- C:\ScanImage47.jpg

[2010/03/06 00:46:28 | 001,225,015 | ---- | M] () -- C:\ScanImage48.jpg

[2010/03/06 00:46:30 | 000,726,714 | ---- | M] () -- C:\ScanImage49.jpg

[2010/03/06 00:46:31 | 001,463,849 | ---- | M] () -- C:\ScanImage50.jpg

[2010/03/06 00:46:32 | 001,614,709 | ---- | M] () -- C:\ScanImage51.jpg

[2010/03/06 00:46:33 | 000,176,441 | ---- | M] () -- C:\ScanImage52.jpg

[2010/03/06 00:46:34 | 001,576,530 | ---- | M] () -- C:\ScanImage53.jpg

[2010/03/06 00:46:35 | 001,583,156 | ---- | M] () -- C:\ScanImage54.jpg

[2010/03/06 00:46:36 | 001,741,682 | ---- | M] () -- C:\ScanImage55.jpg

[2010/03/06 00:46:38 | 001,402,625 | ---- | M] () -- C:\ScanImage56.jpg

[2010/03/06 00:46:39 | 001,430,170 | ---- | M] () -- C:\ScanImage57.jpg

[2010/03/06 00:46:40 | 000,796,870 | ---- | M] () -- C:\ScanImage58.jpg

[2010/03/06 00:46:41 | 001,357,854 | ---- | M] () -- C:\ScanImage59.jpg

[2010/03/06 00:46:42 | 000,514,876 | ---- | M] () -- C:\ScanImage60.jpg

[2010/03/06 00:46:43 | 001,179,194 | ---- | M] () -- C:\ScanImage61.jpg

[2010/03/06 00:46:44 | 001,481,701 | ---- | M] () -- C:\ScanImage62.jpg

[2010/03/06 00:46:46 | 001,326,628 | ---- | M] () -- C:\ScanImage63.jpg

[2010/03/06 00:46:47 | 001,449,474 | ---- | M] () -- C:\ScanImage64.jpg

[2010/03/06 00:46:48 | 001,254,957 | ---- | M] () -- C:\ScanImage65.jpg

[2010/03/06 00:46:49 | 001,136,703 | ---- | M] () -- C:\ScanImage66.jpg

[2010/03/06 00:46:50 | 001,424,583 | ---- | M] () -- C:\ScanImage67.jpg

[2010/03/06 00:46:51 | 001,173,365 | ---- | M] () -- C:\ScanImage68.jpg

[2010/03/06 00:46:53 | 000,807,519 | ---- | M] () -- C:\ScanImage69.jpg

[2010/03/06 00:46:54 | 001,468,030 | ---- | M] () -- C:\ScanImage70.jpg

[2010/03/06 00:46:55 | 001,394,176 | ---- | M] () -- C:\ScanImage71.jpg

[2010/03/06 00:46:56 | 001,010,966 | ---- | M] () -- C:\ScanImage72.jpg

[2010/03/06 00:46:57 | 000,624,878 | ---- | M] () -- C:\ScanImage73.jpg

[2010/03/06 00:46:58 | 000,185,761 | ---- | M] () -- C:\ScanImage74.jpg

[2010/03/06 00:46:59 | 000,582,301 | ---- | M] () -- C:\ScanImage75.jpg

[2010/03/06 00:47:00 | 000,412,592 | ---- | M] () -- C:\ScanImage76.jpg

[2010/03/06 00:47:01 | 000,616,921 | ---- | M] () -- C:\ScanImage77.jpg

[2010/03/06 00:47:02 | 000,721,510 | ---- | M] () -- C:\ScanImage78.jpg

[2010/03/06 00:47:03 | 000,231,366 | ---- | M] () -- C:\ScanImage79.jpg

[2010/03/06 00:47:04 | 001,004,454 | ---- | M] () -- C:\ScanImage80.jpg

[2010/03/06 00:47:05 | 001,072,298 | ---- | M] () -- C:\ScanImage81.jpg

[2010/03/06 00:47:06 | 000,478,925 | ---- | M] () -- C:\ScanImage82.jpg

[2010/03/06 00:47:08 | 001,042,559 | ---- | M] () -- C:\ScanImage83.jpg

[2010/03/06 00:47:09 | 001,325,223 | ---- | M] () -- C:\ScanImage84.jpg

[2010/03/06 00:47:10 | 000,546,508 | ---- | M] () -- C:\ScanImage85.jpg

[2010/03/06 00:47:11 | 000,842,765 | ---- | M] () -- C:\ScanImage86.jpg

[2010/03/06 00:47:12 | 000,531,415 | ---- | M] () -- C:\ScanImage87.jpg

[2010/03/06 00:47:13 | 000,469,758 | ---- | M] () -- C:\ScanImage88.jpg

[2010/03/06 00:47:14 | 001,321,915 | ---- | M] () -- C:\ScanImage89.jpg

[2010/03/06 00:47:16 | 000,792,536 | ---- | M] () -- C:\ScanImage90.jpg

[2010/03/06 00:47:17 | 001,293,287 | ---- | M] () -- C:\ScanImage91.jpg

[2010/03/06 00:47:18 | 001,386,516 | ---- | M] () -- C:\ScanImage92.jpg

[2010/03/06 00:47:19 | 001,450,788 | ---- | M] () -- C:\ScanImage93.jpg

[2010/03/06 00:47:20 | 000,625,973 | ---- | M] () -- C:\ScanImage94.jpg

[2010/03/06 00:47:21 | 000,624,873 | ---- | M] () -- C:\ScanImage95.jpg

[2010/03/06 00:47:22 | 000,597,353 | ---- | M] () -- C:\ScanImage96.jpg

[2010/03/06 00:47:23 | 001,060,559 | ---- | M] () -- C:\ScanImage97.jpg

[2010/03/06 00:47:25 | 001,245,729 | ---- | M] () -- C:\ScanImage98.jpg

[2010/03/06 00:47:26 | 001,347,805 | ---- | M] () -- C:\ScanImage99.jpg

[2010/07/09 19:41:12 | 000,009,715 | ---- | M] () -- C:\scramble.log

[2010/07/21 20:35:19 | 000,061,440 | -H-- | M] () -- C:\SZKGFS.dat

[2012/03/04 09:37:28 | 000,000,237 | ---- | M] () -- C:\user.js

[2009/12/15 22:14:25 | 000,000,000 | ---- | M] () -- C:\VO.log

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008/05/09 13:53:58 | 000,121,856 | ---- | M] () -- C:\Windows\system32\Spool\prtprocs\w32x86\dldwdrpp.dll

[2006/11/02 10:46:04 | 000,032,768 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\system32\Spool\prtprocs\w32x86\EP0NPP01.DLL

[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\system32\*.exe /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %PROGRAMFILES%\* >

[2010/06/02 05:21:16 | 001,347,354 | ---- | M] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 05:21:16 | 001,078,962 | ---- | M] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

[2010/06/02 05:21:16 | 001,397,830 | ---- | M] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 05:21:16 | 001,115,221 | ---- | M] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 05:21:18 | 000,916,430 | ---- | M] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 05:21:18 | 004,162,630 | ---- | M] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 05:21:18 | 000,179,133 | ---- | M] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 05:21:18 | 000,133,103 | ---- | M] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 05:21:20 | 000,087,101 | ---- | M] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 05:21:34 | 000,046,010 | ---- | M] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 05:21:36 | 000,698,612 | ---- | M] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 05:21:36 | 000,695,865 | ---- | M] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 05:21:36 | 001,607,358 | ---- | M] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 05:21:38 | 001,606,039 | ---- | M] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 05:21:38 | 000,195,766 | ---- | M] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 05:21:38 | 000,151,225 | ---- | M] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 05:21:38 | 000,096,817 | ---- | M] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 05:21:40 | 000,053,302 | ---- | M] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 05:21:40 | 001,350,542 | ---- | M] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 05:21:40 | 001,077,644 | ---- | M] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 05:21:40 | 000,182,903 | ---- | M] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 05:21:40 | 000,137,235 | ---- | M] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 05:21:40 | 000,087,142 | ---- | M] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 05:21:40 | 000,046,058 | ---- | M] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 05:21:42 | 000,852,286 | ---- | M] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 05:21:42 | 000,796,867 | ---- | M] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 05:21:42 | 001,800,160 | ---- | M] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 05:21:42 | 001,708,152 | ---- | M] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 05:21:44 | 000,198,096 | ---- | M] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 05:21:44 | 000,153,012 | ---- | M] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 05:21:42 | 000,867,612 | ---- | M] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 05:21:44 | 000,849,167 | ---- | M] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 05:21:44 | 001,794,084 | ---- | M] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 05:21:44 | 001,464,672 | ---- | M] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 05:21:44 | 000,121,772 | ---- | M] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 05:21:44 | 000,092,996 | ---- | M] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 05:21:46 | 000,271,412 | ---- | M] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 05:21:46 | 000,271,038 | ---- | M] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 05:21:46 | 000,919,044 | ---- | M] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 05:21:56 | 000,900,598 | ---- | M] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 05:21:56 | 003,112,111 | ---- | M] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 05:21:56 | 003,319,740 | ---- | M] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 05:21:58 | 000,232,635 | ---- | M] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 05:21:58 | 000,192,131 | ---- | M] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 05:21:58 | 000,136,301 | ---- | M] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 05:21:58 | 000,105,044 | ---- | M] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 05:21:58 | 000,930,116 | ---- | M] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 05:21:58 | 000,728,456 | ---- | M] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 05:22:00 | 000,122,408 | ---- | M] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 05:22:00 | 000,093,106 | ---- | M] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 05:22:00 | 000,273,264 | ---- | M] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 05:22:00 | 000,272,642 | ---- | M] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 05:22:00 | 001,357,976 | ---- | M] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 05:22:00 | 001,079,456 | ---- | M] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 05:22:00 | 000,212,807 | ---- | M] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 05:22:00 | 000,191,720 | ---- | M] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 05:22:00 | 001,571,154 | ---- | M] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 05:22:02 | 001,574,376 | ---- | M] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 05:22:02 | 000,192,475 | ---- | M] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 05:22:02 | 000,145,599 | ---- | M] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2009/09/16 08:48:47 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[2011/03/30 11:40:32 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[2011/03/30 11:40:32 | 001,566,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll

[2011/03/30 11:40:32 | 000,044,624 | ---- | M] () -- C:\Program Files\dxdllreg_x86.cab

[2011/03/30 11:40:34 | 000,517,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

[2011/03/30 11:40:32 | 000,097,152 | ---- | M] () -- C:\Program Files\dxupdate.cab

[2010/06/02 05:22:02 | 001,247,499 | ---- | M] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 05:22:02 | 001,013,225 | ---- | M] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 05:22:02 | 001,362,796 | ---- | M] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 05:22:04 | 001,084,720 | ---- | M] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 05:22:10 | 000,178,359 | ---- | M] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 05:22:10 | 000,132,409 | ---- | M] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 05:22:12 | 000,194,675 | ---- | M] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 05:22:12 | 000,147,983 | ---- | M] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 05:22:12 | 000,054,678 | ---- | M] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 05:22:12 | 000,020,713 | ---- | M] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 05:22:14 | 000,122,446 | ---- | M] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 05:22:14 | 000,093,180 | ---- | M] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 05:22:14 | 000,276,960 | ---- | M] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 05:22:14 | 000,277,191 | ---- | M] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 05:22:14 | 001,336,002 | ---- | M] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 05:22:16 | 001,064,925 | ---- | M] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 05:22:16 | 000,180,785 | ---- | M] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 05:22:16 | 000,133,671 | ---- | M] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 05:22:16 | 000,699,044 | ---- | M] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 05:22:16 | 000,698,472 | ---- | M] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 05:22:16 | 001,607,774 | ---- | M] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 05:22:16 | 001,607,286 | ---- | M] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 05:22:16 | 000,197,122 | ---- | M] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 05:22:18 | 000,152,909 | ---- | M] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 05:22:18 | 000,867,828 | ---- | M] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 05:22:18 | 000,849,919 | ---- | M] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 05:22:18 | 001,792,608 | ---- | M] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 05:22:18 | 001,463,878 | ---- | M] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 05:22:18 | 000,055,154 | ---- | M] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 05:22:18 | 000,021,905 | ---- | M] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 05:22:18 | 000,121,054 | ---- | M] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 05:22:18 | 000,093,128 | ---- | M] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 05:22:18 | 000,269,628 | ---- | M] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 05:22:20 | 000,269,024 | ---- | M] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 05:22:28 | 000,944,460 | ---- | M] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 05:22:28 | 000,931,471 | ---- | M] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 05:22:28 | 000,752,783 | ---- | M] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 05:22:30 | 000,762,188 | ---- | M] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 05:22:30 | 000,235,955 | ---- | M] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 05:22:30 | 000,197,283 | ---- | M] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 05:22:30 | 000,138,205 | ---- | M] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 05:22:30 | 000,109,445 | ---- | M] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 05:22:32 | 000,937,246 | ---- | M] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 05:22:32 | 000,768,036 | ---- | M] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 05:22:32 | 000,124,596 | ---- | M] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 05:22:32 | 000,093,686 | ---- | M] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 05:22:32 | 000,277,338 | ---- | M] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 05:22:32 | 000,278,060 | ---- | M] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 05:22:32 | 000,844,884 | ---- | M] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 05:22:34 | 000,818,260 | ---- | M] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 05:22:34 | 001,769,862 | ---- | M] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 05:22:34 | 001,443,282 | ---- | M] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 05:22:34 | 000,055,058 | ---- | M] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 05:22:34 | 000,021,867 | ---- | M] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 05:22:36 | 000,122,336 | ---- | M] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 05:22:36 | 000,093,734 | ---- | M] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 05:22:36 | 000,251,194 | ---- | M] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 05:22:36 | 000,226,250 | ---- | M] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 05:22:36 | 001,067,160 | ---- | M] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 05:22:36 | 001,040,745 | ---- | M] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 05:22:36 | 001,973,702 | ---- | M] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 05:22:36 | 001,612,446 | ---- | M] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 05:22:38 | 000,054,600 | ---- | M] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 05:22:38 | 000,021,298 | ---- | M] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 05:22:46 | 000,121,506 | ---- | M] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 05:22:46 | 000,092,740 | ---- | M] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 05:22:46 | 000,275,044 | ---- | M] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 05:22:48 | 000,273,018 | ---- | M] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 05:22:48 | 000,864,600 | ---- | M] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 05:22:48 | 000,803,884 | ---- | M] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 05:22:48 | 001,802,058 | ---- | M] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 05:22:48 | 001,709,360 | ---- | M] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 05:22:50 | 000,046,144 | ---- | M] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 05:22:50 | 000,018,496 | ---- | M] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 05:22:50 | 000,196,762 | ---- | M] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 05:22:50 | 000,148,264 | ---- | M] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 05:22:50 | 000,994,154 | ---- | M] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 05:22:52 | 000,965,421 | ---- | M] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 05:22:52 | 001,906,878 | ---- | M] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 05:22:52 | 001,550,796 | ---- | M] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 05:22:52 | 000,054,522 | ---- | M] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 05:22:52 | 000,021,851 | ---- | M] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 05:22:52 | 000,121,794 | ---- | M] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 05:22:52 | 000,092,684 | ---- | M] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 05:22:54 | 000,273,960 | ---- | M] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 05:22:54 | 000,272,611 | ---- | M] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 05:22:54 | 000,086,037 | ---- | M] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 05:22:54 | 000,045,359 | ---- | M] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 05:22:54 | 001,412,902 | ---- | M] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 05:22:54 | 001,127,217 | ---- | M] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 05:22:54 | 000,182,361 | ---- | M] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 05:22:54 | 000,138,017 | ---- | M] () -- C:\Program Files\OCT2006_XACT_x86.cab

 

< %USERPROFILE%\..|smtmp;true;true;true /FP >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/12 08:37:36 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

 

< End of report >

mij Newbie

mij

Posted
  • Author
Posted

first part of OTL extras log.

 

OTL Extras logfile created on: 29/04/2012 15:32:15 - Run 1

OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\crispin\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

2.00 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 46.57% Memory free

4.46 Gb Paging File | 0.85 Gb Available in Paging File | 19.13% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465.76 Gb Total Space | 237.80 Gb Free Space | 51.06% Space Free | Partition Type: NTFS

 

Computer Name: JIMS-PC | User Name: crispin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.bat [@ = batfile] -- Reg Error: Key error. File not found

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2178092456-3463494078-4020983743-1000]

"EnableNotifications" = 1

"EnableNotificationsRef" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04A164D4-5CC7-4733-91E0-C29DF647E3B3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{09693BA0-EEE4-4D54-9258-20D4899001EF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{0F904FAF-1DD9-4FA0-9519-502D04707DB9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{11C468D8-8B46-4C03-99D4-D264B53E3025}" = lport=1935 | protocol=6 | dir=in | name=broadcam video streaming server flash video server |

"{2562E7FE-C80B-4EB3-BD41-A4457CD355FA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{30948125-9D9E-4C6F-8F13-94B0A68BBAE5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{313847B7-4574-48BD-9B50-437560239B05}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{318F4C81-D9EA-47AC-AC28-B062461A6868}" = rport=139 | protocol=6 | dir=out | app=system |

"{4352A122-C9FA-49F3-B46E-8854115938DE}" = rport=445 | protocol=6 | dir=out | app=system |

"{467CE25F-8686-403F-BE67-5486AAAC08F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{4D5A1307-9AD1-4953-8B95-317FAA78C3E3}" = lport=86 | protocol=6 | dir=in | name=broadcam video streaming server web server |

"{661D2976-723F-4A89-8879-CA65AB595CD0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{7826C0C7-DE19-4A12-8C86-4BB5D392C2B6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{78A4CD5D-09D1-4C1D-8B13-1647C87729E4}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{858A4D86-4B19-4FE8-8F45-B4F774F09B41}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{8F243FA4-3035-45B1-9C98-A1D949105BD0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{8FA47BE9-ABF2-4C0E-BF2B-AC101A2D12BB}" = lport=2869 | protocol=6 | dir=in | app=system |

"{91237784-7D60-4738-A2A0-B188372F37AD}" = lport=138 | protocol=17 | dir=in | app=system |

"{91ED0C39-9743-4B69-B325-FF28E8F0C452}" = lport=445 | protocol=6 | dir=in | app=system |

"{97C93160-5808-485D-A2D6-4F0955634E9C}" = lport=10243 | protocol=6 | dir=in | app=system |

"{9EB7EDDB-9D2A-41A4-872C-147696C03901}" = lport=139 | protocol=6 | dir=in | app=system |

"{A0996373-7D30-4B70-99C1-8EF79D333F7E}" = rport=138 | protocol=17 | dir=out | app=system |

"{AE506891-5FE3-453C-8861-69E6D86CBAA1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{B7BBB912-EAC2-47BD-A639-1D5C7D5B065B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{B7EA688F-3378-4B03-9666-ABA57A13744E}" = lport=137 | protocol=17 | dir=in | app=system |

"{BDD9399A-3204-4CA0-8B86-8A8B0439CC1A}" = lport=4100 | protocol=17 | dir=in | name=upnp router control port |

"{CA13CAB5-79F9-4821-8746-A70D2E808939}" = rport=10243 | protocol=6 | dir=out | app=system |

"{D761DF6C-9F42-4181-93C0-3805188A1DA2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DA55BB0F-8368-4BD2-94AD-6E55262DEEE6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{EBAE5F06-32B8-4BA2-869D-83744477D22D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F0F70533-2868-4A45-93F6-127F4D36DB60}" = rport=137 | protocol=17 | dir=out | app=system |

"{FFE3F8B7-A0E6-4E7A-BD76-C0D1C1CD0E1B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03478944-E40C-4499-A26E-F37CA153AE50}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |

"{04EE2E10-3C1E-428F-9875-52E63D542C8E}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |

"{09B06624-8BD3-4D85-B6E0-E63A11D1CED0}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |

"{169357C7-E56D-4495-B67B-C515C9EA9B80}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{19E9F754-A047-4D8F-B5A3-FD1B51A6676C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{25D5D525-0EFC-479B-A72A-3C09D193F455}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |

"{260D91B0-5B66-4425-BB15-3437A46ACCD0}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |

"{272C0112-3597-4DB0-8949-F007E560643C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{2816BE1C-81BF-494D-BC0D-E76678E8BD71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{2AC126AD-8343-4C13-BC17-7A4BEA97A2A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{2CBC9C3C-05F9-45BF-9B34-1FBAE81D63DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{2CD893B4-319A-4A39-9637-8FD04ECCC140}" = protocol=6 | dir=in | app=d:\network\epsonnetsetup\eneasyapp.exe |

"{2D4A6123-9C3E-41FC-B3FF-D168AF182F13}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{360B39FE-9DD8-431F-8CC7-9F169C27DAEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3C0C7B6C-3745-454D-91CB-477A55BCA664}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |

"{3E9F310D-71B9-494F-B017-373CE586DED8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{3F582D37-0540-4F97-8485-157E84F112AF}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{4512E011-BD29-48D9-8C9C-A7FDDC8D913A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |

"{465C31B1-9DDD-4663-B047-977E5402E54A}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldwpswx.exe |

"{4FD8EEBF-DE54-4F1B-A79A-45F7406C5493}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{50081AEA-2A2F-435D-A9C0-EFE12A7EE6C8}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2009\3dsmax.exe |

"{511728C7-4C8E-4704-B2FC-C5ADEA79AF46}" = protocol=6 | dir=in | app=c:\program files\dell v505\dldwamon.exe |

"{54044CA2-DB61-47CA-8D37-994423239034}" = dir=in | app=c:\program files\itunes\itunes.exe |

"{556628EA-446D-4E46-B489-93E443FC68E9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{6087D238-A691-4A97-A7B1-D37FEB0E48E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{63FDF3E1-A42F-4E1F-BB9A-26D4CE375C96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{6D42BE49-2A93-4FCB-BDD0-4B9961FBE22E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |

"{6F456964-8A0E-420A-93E0-3880AAEC8162}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{7A2B46EC-4F29-45A3-A34A-0A61B10E96CE}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |

"{8A0A440F-A2F3-46A8-80E7-D657566B0FCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{8A8AFF24-ABA7-432C-83EA-6D4B29157A82}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{9270C00B-1514-47D6-929F-1D9E6D137DB6}" = protocol=17 | dir=in | app=c:\program files\dell v505\frun.exe |

"{A3763342-DAFC-49BB-BCB3-0F59D1CCAD06}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2009\3dsmax.exe |

"{A47FF7C9-9F7E-4173-AB9C-8465FB9ED31D}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |

"{A4CD4BB9-5697-4D22-A501-4E8FC2466DDB}" = protocol=6 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{B2CF9B77-9309-4993-ACF6-89C5AA329449}" = protocol=6 | dir=in | app=c:\windows\system32\dldwcoms.exe |

"{B6CF12CB-3FFE-4B2A-B869-F4E4F0EF435F}" = protocol=17 | dir=in | app=c:\program files\dell v505\dldwamon.exe |

"{BBB105C1-156C-4FB4-9EF6-65A6A1A8E248}" = protocol=17 | dir=in | app=d:\network\epsonnetsetup\eneasyapp.exe |

"{C34C28BE-B30A-4A28-8193-6B48DDFCA338}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{C7843180-19D9-4276-9960-7EB9E27B0154}" = protocol=17 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe |

"{CD743709-239A-419E-ACB4-044DD9E151EA}" = protocol=6 | dir=out | app=system |

"{CE88E70C-3ED7-4D37-B19A-2212DC30E87D}" = protocol=17 | dir=in | app=c:\windows\system32\dldwcoms.exe |

"{D1F610D3-8D73-43CA-84D8-DD3559D0BE12}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D4086E26-F1DD-407D-9D8F-55AD5CDA2BF9}" = protocol=6 | dir=in | app=c:\program files\dell v505\frun.exe |

"{D5C2E0B2-41F8-46D6-93F5-4653C723C538}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldwpswx.exe |

"{E27143E2-C2B2-4606-9024-D70C784BC9AC}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |

"{E66DEA3D-EBFE-46F0-AFAB-AE14523D3566}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{E7D3001F-0988-4861-A36F-04965CD52B55}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{F3042221-A98D-4800-B9D5-C300A51CB9A4}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"TCP Query User{0BDB7588-D9F2-49D2-B3A3-F559EAA0CF20}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{28545D96-74BC-4FA0-A44C-22BD2526031B}D:\setup\upgradewizard\win2kxpvista\stsetup.exe" = protocol=6 | dir=in | app=d:\setup\upgradewizard\win2kxpvista\stsetup.exe |

"TCP Query User{3370DD5F-6721-4527-BC8B-BA39C5FBA74E}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"TCP Query User{52A2DF26-48DE-4B43-A783-8987B3641BF6}C:\windows\temp\navbrowser.exe" = protocol=6 | dir=in | app=c:\windows\temp\navbrowser.exe |

"TCP Query User{658BC605-9E51-4AAF-A599-79C0022670FB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{78639ACF-3A52-4ABE-868E-8E103552A2A4}C:\program files\western digital\wd discovery software\wd discovery.exe" = protocol=6 | dir=in | app=c:\program files\western digital\wd discovery software\wd discovery.exe |

"TCP Query User{7C2C8FE4-7EAF-4093-8A74-B5ECE75BF0A1}D:\wd discovery software\wd discovery.exe" = protocol=6 | dir=in | app=d:\wd discovery software\wd discovery.exe |

"TCP Query User{92EEC27B-1265-4E81-AD13-2B7108151CB0}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"TCP Query User{B40D3F3E-7473-4B91-95B9-24286741A296}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"UDP Query User{11975F07-637E-4FB3-BFEA-D0C227E2FEAD}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"UDP Query User{11F0FED1-358E-4019-8FE9-40A594674DEF}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"UDP Query User{389920FC-D986-4E90-B147-21D1464F72AF}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |

"UDP Query User{390F8E5C-6661-44E2-BD37-751AF485F761}C:\program files\western digital\wd discovery software\wd discovery.exe" = protocol=17 | dir=in | app=c:\program files\western digital\wd discovery software\wd discovery.exe |

"UDP Query User{44E67584-F594-4C27-A5BB-A101BD7F2FBA}D:\wd discovery software\wd discovery.exe" = protocol=17 | dir=in | app=d:\wd discovery software\wd discovery.exe |

"UDP Query User{4747C48D-A9AC-46E3-B7C5-230B667DECD7}C:\windows\temp\navbrowser.exe" = protocol=17 | dir=in | app=c:\windows\temp\navbrowser.exe |

"UDP Query User{951C2805-4279-442A-9573-246D993E2FCE}D:\setup\upgradewizard\win2kxpvista\stsetup.exe" = protocol=17 | dir=in | app=d:\setup\upgradewizard\win2kxpvista\stsetup.exe |

"UDP Query User{CA3A4D9B-D33E-43D2-9B05-058A7C38BD27}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

"UDP Query User{E2D86611-0AF0-4713-8599-058CEB35BBC8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

mij Newbie

mij

Posted
  • Author
Posted

my computer slowing down

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client

"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)

"{1266764D-FC4F-4FA7-B63B-884D53B1680F}" = NetAssistant

"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes

"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety

"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 4

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print

"{41E340F0-0BD6-4A87-AF29-E9E584471756}" = VideoMate Driver

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective

"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion

"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6E8BA460-41DE-4C91-9596-0C675864E7FC}" = MOBZRuler

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{82AF3E91-57E1-4754-84D0-40A46E2479AB}" = OpenOffice.org 3.3

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{888019C0-54D4-40C2-9274-27B9DAB17017}" = Intel® Network Connections 14.0.40.0

"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)

"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2

"{B64C27C6-0450-4354-BE59-59FCA65BF236}" = Accurasee

"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center

"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.00

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb

"{ECE80888-45E5-46FD-8E0C-FEF3648847BB}" = Sibelius Scorch (all browsers)

"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5223680-993A-11D4-86F6-0001031E5712}" = InterVideo Installer

"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint

"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint

"ActiveScan 2.0" = Panda ActiveScan 2.0

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop 6.0" = Adobe Photoshop 6.0

"Airytec Switch Off" = Airytec Switch Off

"Amazon Kindle" = Amazon Kindle

"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.04

"Belarc Advisor" = Belarc Advisor 8.1

"Burn4Free CD & DVD_is1" = Burn4Free CD & DVD 5.4.0.0

"Debut" = Debut Video Capture Software

"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility

"Dell V505" = Dell V505

"Easy DVD Player" = Easy DVD Player

"Email Notifier" = Email Notifier

"EPSON Printer and Utilities" = EPSON Printer Software

"EPSON SX235 Series" = EPSON SX235 Series Printer Uninstall

"EPSON SX235 Series Netg" = Network Guide EPSON SX235 Series

"EPSON SX235 Series Useg" = User's Guide EPSON SX235 Series

"ESET Online Scanner" = ESET Online Scanner v3

"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner

"FBX Plugin 2009.0 for Max 2009" = FBX Plugin 2009.0 for Max 2009

"FileHippo.com" = FileHippo.com Update Checker

"FreeFileViewer_is1" = Free File Viewer 2011

"HijackThis" = HijackThis 2.0.2

"IE New Window Maximizer_is1" = IE New Window Maximizer 2.4

"IrfanView" = IrfanView (remove only)

"jZip" = jZip

"Ken Ward's Zipper_is1" = Ken Ward's Zipper 1.4000

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"MGI_PHOTOSUITE_SE_V10" = MGI PhotoSuite SE (Remove Only)

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

"Microsoft Security Client" = Microsoft Security Essentials

"Mozilla Firefox 13.0 (x86 en-US)" = Mozilla Firefox 13.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MuseScore 0.9" = MuseScore 0.9 MuseScore score typesetter

"Pen Tablet Driver" = Pen Tablet

"Picasa 3" = Picasa 3

"PROSetDX" = Intel® Network Connections 14.0.40.0

"PWStudio" = PWStudio

"Quero Toolbar_is1" = Quero Toolbar 6 Build Windows 7 x86, Vista x86

"Rapport_msi" = Rapport

"Remote Access Viewer_is1" = Remote Access Viewer Ver 4.4.4

"Searchqu Toolbar" = Windows Searchqu Toolbar

"Smart Defrag 2_is1" = Smart Defrag 2

"Speccy" = Speccy

"Taskbar Hide" = Taskbar Hide

"TextBridge Classic 2.0" = TextBridge Classic 2.0

"TomTom HOME" = TomTom HOME 2.8.3.2499

"Trusted Software Assistant_is1" = File Type Assistant

"Uninstall_is1" = Uninstall 1.0.0.1

"VideoPad" = VideoPad Video Editor

"VLC media player" = VLC media player 1.1.11

"webmmf" = WebM Media Foundation Components

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"Winter Landscape" = Winter Landscape

"WRUNINST" = Webroot SecureAnywhere

"XnView_is1" = XnView 1.98.2

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"GoToMeeting" = GoToMeeting 5.1.0.880

"NetAssistant" = NetAssistant for Firefox

"Windows System Scanner" = Windows System Scanner

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 03/03/2011 21:21:43 | Computer Name = jims-pc | Source = EventSystem | ID = 4621

Description =

 

Error - 05/03/2011 04:58:02 | Computer Name = jims-pc | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Logitech\SetPoint\SetPoint.exe".

Dependent

Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 05/03/2011 22:08:20 | Computer Name = jims-pc | Source = EventSystem | ID = 4621

Description =

 

Error - 06/03/2011 22:01:44 | Computer Name = jims-pc | Source = EventSystem | ID = 4621

Description =

 

Error - 07/03/2011 04:24:46 | Computer Name = jims-pc | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Logitech\SetPoint\SetPoint.exe".

Dependent

Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 07/03/2011 04:34:13 | Computer Name = jims-pc | Source = MatSvc | ID = 262152

Description = The MATS service encountered a failure when loading SAP. hr=0x80092003

 

 

SAP folder: C:\Program Files\Microsoft Fix it Center\SAPFolder\Scheduled\DDA435FA-6E05-4DBF-80FE-C4EBE882E798.18

 

 

 

Error - 07/03/2011 04:34:13 | Computer Name = jims-pc | Source = MatSvc | ID = 262159

Description = The scheduled MATS task encountered a failure when collecting configuration

data. hr=0x80092003 .

 

Error - 07/03/2011 04:34:15 | Computer Name = jims-pc | Source = MatSvc | ID = 262152

Description = The MATS service encountered a failure when loading SAP. hr=0x80092003

 

 

SAP folder: C:\Program Files\Microsoft Fix it Center\SAPFolder\Scheduled\DDA435FA-6E05-4DBF-80FE-C4EBE882E798.18

 

 

 

Error - 07/03/2011 04:34:16 | Computer Name = jims-pc | Source = MatSvc | ID = 262159

Description = The scheduled MATS task encountered a failure when collecting configuration

data. hr=0x80092003 .

 

Error - 08/03/2011 18:18:18 | Computer Name = jims-pc | Source = EventSystem | ID = 4621

Description =

 

[ Media Center Events ]

Error - 26/04/2012 03:42:23 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 27/04/2012 02:33:51 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 02:21:13 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 03:23:21 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 09:46:43 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 12:50:20 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 13:07:04 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 28/04/2012 14:02:49 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 29/04/2012 02:05:24 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

Error - 29/04/2012 05:40:11 | Computer Name = jims-pc | Source = ehRecvr | ID = 4

Description =

 

[ System Events ]

Error - 29/04/2012 06:22:55 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7031

Description =

 

Error - 29/04/2012 06:22:56 | Computer Name = jims-pc | Source = DCOM | ID = 10005

Description =

 

Error - 29/04/2012 06:22:56 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7009

Description =

 

Error - 29/04/2012 06:23:03 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7000

Description =

 

Error - 29/04/2012 06:23:13 | Computer Name = jims-pc | Source = DCOM | ID = 10005

Description =

 

Error - 29/04/2012 06:23:13 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7009

Description =

 

Error - 29/04/2012 06:23:13 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7000

Description =

 

Error - 29/04/2012 06:23:38 | Computer Name = jims-pc | Source = DCOM | ID = 10016

Description =

 

Error - 29/04/2012 06:23:43 | Computer Name = jims-pc | Source = DCOM | ID = 10016

Description =

 

Error - 29/04/2012 06:25:43 | Computer Name = jims-pc | Source = Service Control Manager | ID = 7024

Description =

 

 

< End of report >

etavares Newbie

etavares

Posted
Posted

Hello, mij.

 

 

 

 

Step 1

 

 

PUP.FunWeb stands for Potentially Unwanted Program - Funweb. This class of products download advertising and toolbars without your permission. I do recommend you let MBAM remove it...it is more than tracking cookies. IN this case, I strongly suggest removing SearchQu Toolbar.

 

 

I also see multiple antivirus/antimalware programs running. Having more than 1 each of a) antivirus, b) firewall and c) antispyware running in real time protection mode can result in false positives and really slow down your system. They fight for access to scan files in real time...so it can slow up your computer.

 

 

I see:

Antivirus: Microsoft Security Essentials, Webroot SecureAnywhere

Antimalware: MBAM, SAS, Spybot S&D

Firewall: windows

 

 

To improve system performance, I recommend you uninstall Webroot, Spybot S&D and either MBAM OR SAS.

 

 

Reboot and let me know if system speed is improved.

 

 

Next, I see you have IOBit Smart Defrag 2 installed. I strongly recommend against using IOBIt products. THey were caught red-handed stealing the virus definitions from Malwarebytes' for their security program. I don't trust any software that steals other's IP...how is that any different from a virus? I strongly recommend you uninstall that program. I can recommend other free defragmenters.

 

 

 

 

 

 

 

 

 

 

Step 2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Ask Toolbar Warning"

 

 

I see you have the Ask.Com toolbar installed. This often comes bundled with spyware and is recommended you remove.

 

 

Please see here for more information:

http://www.bleepingcomputer.com/uninstall/94/Ask-Toolbar.html

 

 

If you would like to remove it, please go to add/Remove Programs and uninstall it.

Conduit Toolbar Warning"

 

 

I see you have the a Conduit toolbar installed. This often is recognized as trackware and I recommend you remove it.

 

 

If you would like to remove it, please go to add/Remove Programs and uninstall .

 

 

 

 

 

 

 

 

 

 

 

 

Step 3

 

 

 

 

After uninstalling the programs above, please reboot and run an OTL log with the same custom scan as before. Let me know if the system is any more responsive.

 

 

etavares

 

 

mij Newbie

mij

Posted
  • Author
Posted

I had removed many of the programs this afternoon only to find them reinstated at a later time. I will continue this tomorrow.

jim

mij Newbie

mij

Posted
  • Author
Posted

I hope I have followedthe steps ok.

 

 

Step 1

MBAM got rid of the 7PUP.funweb advertizers

RemovedSuperanntispyware

Unable to remove MBAM,it required permission from somewhere- don't know what this refers toas I have the administrator access thing switched off.

Removed S&D

Removed Webroot secureanywhere

Removed Iobit smartdefrag

 

 

Step 2

I cannot find theAsk.com toolbar but I was deleting all and sundry yesterday afternoonin the belief that it would isolate the fault, perhaps it is gone? Ifnot I'll try to find it again.

Similarly the ConduitToolbar Warning can't find it.

 

 

 

 

Without all the drossthis machine is really light footing it and has speeded up ever somuch.

Ok Ill do step threeand post the OTL report again.

jim

mij Newbie

mij

Posted
  • Author
Posted

Step 3 first part of OTL report

 

OTL logfile created on: 01/05/2012 09:19:25 - Run 2

OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\crispin\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

2.00 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 50.91% Memory free

4.23 Gb Paging File | 3.28 Gb Available in Paging File | 77.47% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465.76 Gb Total Space | 255.85 Gb Free Space | 54.93% Space Free | Partition Type: NTFS

 

Computer Name: JIMS-PC | User Name: crispin | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\crispin\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)

PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.)

PRC - C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll ()

MOD - C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\avutil-51.dll ()

MOD - C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\avformat-53.dll ()

MOD - C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll ()

MOD - C:\Windows\System32\atitmmxx.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (RapportMgmtService) -- File not found

SRV - (dldw_device) -- File not found

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (EPSON_EB_RPCV4_04) EPSON V5 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE (SEIKO EPSON CORPORATION)

SRV - (EPSON_PM_RPCV4_04) EPSON V3 Service4(04) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE (SEIKO EPSON CORPORATION)

SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)

SRV - (TabletServicePen) -- C:\Windows\System32\Pen_Tablet.exe (Wacom Technology, Corp.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (TfSysMon) -- system32\drivers\TfSysMon.sys File not found

DRV - (TfNetMon) -- C:\Windows\system32\drivers\TfNetMon.sys File not found

DRV - (TfFsMon) -- system32\drivers\TfFsMon.sys File not found

DRV - (Point32) -- system32\DRIVERS\point32k.sys File not found

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (ASTRA32) -- C:\Program Files\ASTRA32\ASTRA32.sys File not found

DRV - (MpKslf46535d3) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E362508-7C36-4768-BB2E-672D1F7DB826}\MpKslf46535d3.sys (Microsoft Corporation)

DRV - (MpKslf7424e10) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E362508-7C36-4768-BB2E-672D1F7DB826}\MpKslf7424e10.sys ()

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)

DRV - (pavboot) -- C:\Windows\System32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)

DRV - (NAL) -- C:\Windows\System32\drivers\iqvw32.sys (Intel Corporation )

DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)

DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (BANTExt) -- C:\Windows\System32\drivers\BANTExt.sys ()

DRV - (LMouKE) -- C:\Windows\System32\drivers\LMouKE.Sys (Logitech, Inc.)

DRV - (L8042mou) -- C:\Windows\System32\drivers\L8042mou.Sys (Logitech, Inc.)

DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.)

DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)

DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)

DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)

DRV - (WacomVKHid) -- C:\Windows\System32\drivers\WacomVKHid.sys (Wacom Technology)

DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (ASUSTeK Computer Inc.)

DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=grupo&s={searchTerms}&f=4

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678

IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\crispin\Desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 13 42 D8 20 66 CB 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=GB&install_date=20111011&user_guid=38364539440942149575D0FDAFDA5960&machine_id=3e0bb42f8eceaa5373cfbf14c7ae4b59&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=grupo&s={searchTerms}&f=4

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=109794&babsrc=SP_ss&mntrId=14c9c13e00000000000000c0a8c3bbf7

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=BLT&o=15554&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=HH&apn_dtid=YYYYYYYYGB&apn_uid=95782B35-9D0A-4BCF-9038-34D29F1BA4E7&apn_sauid=D3494CD7-2EB5-4CD4-A2F6-40426EBF60E0

IE - HKCU\..\SearchScopes\{538C4605-3F03-41DF-BA24-0477A6A2AA35}: "URL" = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en

IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/burn4free/{45E368B2-EE5C-489A-8E46-BC29B29E60EA}?q={searchTerms}

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=102&sr=0&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678

IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://inboxtoolbar.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80150&lng=en

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.google.co.uk"

 

 

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found

FF - HKLM\Software\MozillaPlugins\@ei.RadioPI_4e.com/Plugin: File not found

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\crispin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\crispin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/01 08:06:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/01 08:06:21 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1266764D-FC4F-4FA7-B63B-884D53B1680F}: C:\Users\crispin\AppData\Roaming\NetAssistant\ [2011/03/11 16:17:04 | 000,000,000 | ---D | M]

 

[2012/04/29 09:55:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Extensions

[2010/01/30 23:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2012/04/30 18:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions

[2010/09/17 11:05:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/17 11:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2012/04/30 17:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\2h87q0wd.Default User\extensions\plugin@yontoo.com

[2012/04/30 18:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{c2db4fe6-8409-45ce-8010-189a7b5cce86}

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{cb84136f-9c44-433a-9048-c5cd9df1dc16}

[2011/01/18 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2012/04/30 17:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\dmbo0wzm.Default User\extensions\plugin@yontoo.com

[2012/04/30 18:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions

[2010/07/30 00:58:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/08/19 00:42:59 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\en-GB@dictionaries.addons.mozilla.org

[2012/04/30 17:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\eidwrwj3.default\extensions\plugin@yontoo.com

[2012/04/30 18:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions

[2011/01/23 12:32:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/01/22 09:03:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2011/01/23 12:30:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2012/04/30 17:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\uti5rigv.default\extensions\plugin@yontoo.com

[2012/04/30 20:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\crispin\AppData\Roaming\mozilla\Firefox\Profiles\xoz8dqmb.default\extensions

[2010/05/26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Users\crispin\AppData\Roaming\Mozilla\Firefox\Profiles\2h87q0wd.Default User\searchplugins\askcom.xml

[2012/04/30 15:54:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/04/30 15:05:37 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

[2012/04/25 23:59:55 | 000,085,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2009/08/09 02:11:22 | 010,437,264 | ---- | M] (PDFTron Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\PDFNetC.dll

[2010/04/08 12:36:02 | 000,107,760 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll

[2012/03/04 09:37:21 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml

[2011/11/26 14:27:08 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\crispin\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.20 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: YouTube = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Gmail = C:\Users\crispin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2011/09/08 08:58:15 | 000,504,831 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost #[iPv6]

O1 - Hosts: 127.0.0.1 fr.a2dfp.net

O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net

O1 - Hosts: 127.0.0.1 ad.a8.net

O1 - Hosts: 127.0.0.1 asy.a8ww.net

O1 - Hosts: 127.0.0.1 abcstats.com

O1 - Hosts: 127.0.0.1 a.abv.bg

O1 - Hosts: 127.0.0.1 adserver.abv.bg

O1 - Hosts: 127.0.0.1 adv.abv.bg

O1 - Hosts: 127.0.0.1 bimg.abv.bg

O1 - Hosts: 127.0.0.1 ca.abv.bg

O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua

O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com

O1 - Hosts: 127.0.0.1 accuserveadsystem.com

O1 - Hosts: 127.0.0.1 http://www.accuserveadsystem.com

O1 - Hosts: 127.0.0.1 achmedia.com

O1 - Hosts: 127.0.0.1 aconti.net

O1 - Hosts: 127.0.0.1 secure.aconti.net

O1 - Hosts: 127.0.0.1 http://www.aconti.net #[Dialer.Aconti]

O1 - Hosts: 127.0.0.1 am1.activemeter.com

O1 - Hosts: 127.0.0.1 http://www.activemeter.com #[Tracking.Cookie]

O1 - Hosts: 127.0.0.1 ads.activepower.net

O1 - Hosts: 14644 more lines...

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)

O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - Reg Error: Value error. File not found

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O4 - HKLM..\RunOnce: [textbridge98unins] C:\Windows\~alitb98.bat ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.0)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E48B3B5-6445-4A56-A4B3-609D77EBBE29}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AEBD7FC-5B3C-466F-89C2-7E3CA8ACD89F}: NameServer = 87.194.255.154,87.194.255.155

O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)

O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

MsConfig - StartUpFolder: C:^Users^crispin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe - ()

MsConfig - StartUpFolder: C:^Users^crispin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^reminder-ScanSoft Product Registration.lnk - Reg Error: Value error. - File not found

MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

MsConfig - StartUpReg: DATAMNGR - hkey= - key= - C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

MsConfig - StartUpReg: EEventManager - hkey= - key= - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)

MsConfig - StartUpReg: EPSON29C7FF (Epson Stylus SX235) - hkey= - key= - File not found

MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\crispin\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

MsConfig - StartUpReg: IE New Window Maximizer - hkey= - key= - C:\Program Files\IE New Window Maximizer\iemaximizer.exe (jiiSoft)

MsConfig - StartUpReg: IntelliPoint - hkey= - key= - c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

MsConfig - StartUpReg: MSC - hkey= - key= - c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - Reg Error: Value error. File not found

MsConfig - StartUpReg: RemoteControl - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.)

MsConfig - StartUpReg: RtHDVCpl - hkey= - key= - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

MsConfig - State: "startup" - 1

MsConfig - State: "services" - 0

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/05/01 09:18:07 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\crispin\Desktop\OTL.exe

[2012/05/01 01:58:24 | 000,000,000 | -HSD | C] -- C:\found.001

[2012/04/29 17:36:22 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012/04/29 17:36:22 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012/04/28 18:25:52 | 000,000,000 | ---D | C] -- C:\Windows\en

[2012/04/28 18:03:17 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Logitech

[2012/04/28 18:03:16 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Logishrd

[2012/04/28 17:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/04/28 17:42:03 | 000,772,552 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/04/28 17:42:03 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/04/28 17:41:43 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/04/28 17:41:43 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/04/28 17:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse

[2012/04/28 17:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2012/04/28 17:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service

[2012/04/28 17:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla

[2012/04/28 07:51:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs

[2012/04/28 07:51:08 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\VistaCodecs

[2012/04/28 07:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\VistaCodecPack

[2012/04/28 07:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\VistaCodecs

[2012/04/20 17:02:14 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Roaming\Dell Imaging Toolbox

[2012/04/20 17:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Dl_cats

[2012/04/20 16:58:41 | 000,000,000 | ---D | C] -- C:\logs

[2012/04/20 14:10:03 | 000,000,000 | ---D | C] -- C:\Users\crispin\AppData\Local\ABBYY

[2012/04/20 14:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY

[2012/04/20 14:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software

[2012/04/20 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software

[2012/04/20 14:02:35 | 000,458,129 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll

[2012/04/20 14:02:35 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll

[2012/04/20 14:02:34 | 000,475,410 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll

[2012/04/20 14:02:34 | 000,475,410 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll

[2012/04/20 14:02:34 | 000,458,129 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll

[2012/04/20 14:02:34 | 000,249,344 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll

[2012/04/20 14:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet

[2012/04/20 14:00:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON

[2012/04/20 13:56:47 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL

[2012/04/20 13:56:38 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBHLE.DLL

[2012/04/20 13:56:27 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BHLE.DLL

[2012/04/20 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON

[2012/04/20 13:55:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

[2012/04/20 13:55:21 | 000,341,504 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll

[2012/04/20 13:55:21 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe

[2012/04/20 13:55:21 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\escdev.dll

[2012/04/12 05:03:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012/04/12 05:03:45 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012/04/12 05:03:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012/04/12 05:03:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012/04/12 05:03:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012/04/12 05:03:43 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012/04/11 17:23:36 | 000,000,000 | ---D | C] -- C:\Windows\tessdata

[2012/04/11 14:26:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/04/11 14:25:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/03/30 11:40:34 | 000,517,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

[2011/03/30 11:40:32 | 001,566,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll

[2011/03/30 11:40:32 | 000,095,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[1 C:\Users\crispin\Desktop\Jim\Documents\*.tmp files -> C:\Users\crispin\Desktop\Jim\Documents\*.tmp -> ]

[1 C:\Users\crispin\AppData\Local\*.tmp files -> C:\Users\crispin\AppData\Local\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/05/01 09:18:12 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\crispin\Desktop\OTL.exe

[2012/05/01 09:16:41 | 000,000,061 | ---- | M] () -- C:\Windows\~alitb98.bat

[2012/05/01 09:10:19 | 000,013,136 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\reply to free pc help1.odt

[2012/05/01 08:34:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178092456-3463494078-4020983743-1000UA.job

[2012/05/01 08:31:52 | 000,610,860 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/05/01 08:31:52 | 000,109,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/05/01 08:28:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/05/01 08:26:12 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job

[2012/05/01 08:26:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/05/01 08:26:11 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AutoSmartDefrag.job

[2012/05/01 08:26:05 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012/05/01 08:26:04 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012/05/01 08:25:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/05/01 03:45:01 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job

[2012/05/01 03:36:00 | 000,002,052 | ---- | M] () -- C:\Users\crispin\Desktop\Google Chrome.lnk

[2012/05/01 00:15:37 | 000,001,647 | ---- | M] () -- C:\Users\crispin\Desktop\IrfanView Thumbnails.lnk

[2012/05/01 00:15:37 | 000,000,767 | ---- | M] () -- C:\Users\crispin\Desktop\IrfanView.lnk

[2012/04/30 20:34:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2178092456-3463494078-4020983743-1000Core.job

[2012/04/30 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job

[2012/04/30 13:08:54 | 000,023,198 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\jims adress book.odt

[2012/04/30 12:38:35 | 000,000,199 | ---- | M] () -- C:\Users\crispin\Desktop\freepchelp.url

[2012/04/30 10:12:00 | 000,037,380 | ---- | M] () -- C:\Users\crispin\Desktop\mary modified.jpg

[2012/04/29 18:30:10 | 000,476,972 | ---- | M] () -- C:\Users\crispin\Desktop\AlanSam daily painting.jpg

[2012/04/29 18:24:59 | 000,000,854 | ---- | M] () -- C:\Users\crispin\.recently-used.xbel

[2012/04/29 09:55:15 | 000,000,115 | ---- | M] () -- C:\Windows\wininit.ini

[2012/04/28 17:48:02 | 000,294,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012/04/28 17:41:23 | 000,772,552 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2012/04/28 17:41:23 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2012/04/28 17:41:23 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2012/04/28 17:41:23 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2012/04/28 17:41:22 | 000,687,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2012/04/28 17:13:50 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2012/04/28 14:28:29 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012/04/26 00:37:40 | 000,001,479 | ---- | M] () -- C:\Users\crispin\Desktop\mspaint.exe.lnk

[2012/04/25 05:00:23 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif

[2012/04/23 17:57:50 | 000,000,173 | ---- | M] () -- C:\Users\crispin\Desktop\Freegle.url

[2012/04/22 00:31:58 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI

[2012/04/20 14:07:03 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss

[2012/04/20 13:55:22 | 000,000,765 | ---- | M] () -- C:\Users\crispin\Desktop\EPSON Scan.lnk

[2012/04/20 13:53:38 | 000,008,192 | ---- | M] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL

[2012/04/20 13:53:37 | 000,093,696 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBHLE.DLL

[2012/04/20 13:53:37 | 000,063,488 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BHLE.DLL

[2012/04/14 15:13:45 | 000,085,263 | ---- | M] () -- C:\Users\crispin\Desktop\IMG.jpg

[2012/04/12 19:40:37 | 000,013,369 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\madras curry meal.odt

[2012/04/12 14:52:52 | 000,555,384 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\A9R2E2F.pdf

[2012/04/11 20:48:37 | 000,017,546 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\sweet and sour chicken breasts.odt

[2012/04/11 16:39:28 | 000,169,084 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\reipe for sweet and sour meal kit.odt

[2012/04/05 19:18:13 | 000,015,733 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\Aprils goals.odt

[2012/04/04 18:14:15 | 000,302,651 | ---- | M] () -- C:\Users\crispin\Desktop\Jim\Documents\comparison of photo and grid drawing.odt

[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[1 C:\Users\crispin\Desktop\Jim\Documents\*.tmp files -> C:\Users\crispin\Desktop\Jim\Documents\*.tmp -> ]

[1 C:\Users\crispin\AppData\Local\*.tmp files -> C:\Users\crispin\AppData\Local\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012/05/01 09:16:41 | 000,000,061 | ---- | C] () -- C:\Windows\~alitb98.bat

[2012/05/01 09:10:16 | 000,013,136 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\reply to free pc help1.odt

[2012/05/01 00:15:37 | 000,001,647 | ---- | C] () -- C:\Users\crispin\Desktop\IrfanView Thumbnails.lnk

[2012/05/01 00:15:37 | 000,000,767 | ---- | C] () -- C:\Users\crispin\Desktop\IrfanView.lnk

[2012/04/29 18:30:10 | 000,476,972 | ---- | C] () -- C:\Users\crispin\Desktop\AlanSam daily painting.jpg

[2012/04/29 18:24:59 | 000,000,854 | ---- | C] () -- C:\Users\crispin\.recently-used.xbel

[2012/04/29 16:25:08 | 000,037,380 | ---- | C] () -- C:\Users\crispin\Desktop\mary modified.jpg

[2012/04/29 10:51:59 | 000,002,052 | ---- | C] () -- C:\Users\crispin\Desktop\Google Chrome.lnk

[2012/04/29 09:55:15 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini

[2012/04/28 14:28:29 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk

[2012/04/26 00:36:58 | 000,001,479 | ---- | C] () -- C:\Users\crispin\Desktop\mspaint.exe.lnk

[2012/04/25 05:00:16 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2012/04/23 17:57:38 | 000,000,173 | ---- | C] () -- C:\Users\crispin\Desktop\Freegle.url

[2012/04/22 00:31:58 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI

[2012/04/20 16:50:53 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\dldwlmpm.dll

[2012/04/20 14:06:45 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss

[2012/04/20 13:55:22 | 000,000,765 | ---- | C] () -- C:\Users\crispin\Desktop\EPSON Scan.lnk

[2012/04/14 15:13:44 | 000,085,263 | ---- | C] () -- C:\Users\crispin\Desktop\IMG.jpg

[2012/04/12 19:37:15 | 000,013,369 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\madras curry meal.odt

[2012/04/12 14:53:23 | 000,555,384 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\A9R2E2F.pdf

[2012/04/11 20:43:04 | 000,017,546 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\sweet and sour chicken breasts.odt

[2012/04/11 16:39:26 | 000,169,084 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\reipe for sweet and sour meal kit.odt

[2012/04/04 18:14:13 | 000,302,651 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\comparison of photo and grid drawing.odt

[2012/04/01 18:47:20 | 000,015,733 | ---- | C] () -- C:\Users\crispin\Desktop\Jim\Documents\Aprils goals.odt

[2012/02/09 14:20:38 | 004,794,880 | ---- | C] () -- C:\Windows\System32\x264vfw.dll

[2012/01/09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2011/12/29 09:10:25 | 000,125,308 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2011/03/31 14:30:53 | 000,000,547 | ---- | C] () -- C:\Users\crispin\AppData\Roaming\FreeDesktopClock.ini

[2011/03/31 01:22:41 | 000,000,680 | ---- | C] () -- C:\Users\crispin\AppData\Local\d3d9caps.dat

[2011/03/30 11:40:32 | 000,097,152 | ---- | C] () -- C:\Program Files\dxupdate.cab

[2011/03/30 11:40:32 | 000,044,624 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab

[2010/12/06 23:24:59 | 000,000,511 | ---- | C] () -- C:\Windows\Snowflake Screen Saver Audio Files.dat

[2010/12/06 23:24:59 | 000,000,376 | ---- | C] () -- C:\Windows\Snowflake Screen Saver Captions.dat

[2010/10/03 12:59:21 | 000,000,025 | ---- | C] () -- C:\Windows\CDE CX6600E.ini

[2010/09/30 21:53:53 | 000,000,120 | ---- | C] () -- C:\Users\crispin\AppData\Local\Ovihomigobabamis.dat

[2010/09/07 23:08:34 | 000,099,965 | ---- | C] () -- C:\Windows\UninstallFirefox.exe

[2010/09/07 23:08:25 | 000,003,137 | ---- | C] () -- C:\Windows\mozver.dat

[2010/06/27 23:06:51 | 000,176,235 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll

[2010/06/02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab

[2010/06/02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2010/06/02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

 

========== LOP Check ==========

 

[2012/04/30 14:31:41 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Airytec

[2010/01/19 20:15:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Autodesk

[2010/01/19 22:01:21 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\DriverCure

[2012/04/29 18:10:35 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\EPSON

[2012/04/30 17:06:13 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\FreeFileViewer

[2012/04/30 18:29:44 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\gtk-2.0

[2010/11/15 02:55:36 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\ID Vault

[2010/05/04 17:39:33 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\InterVideo

[2011/03/25 16:50:47 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\IObit

[2012/05/01 00:15:34 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\IrfanView

[2011/03/11 16:17:04 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\NetAssistant

[2010/01/19 14:31:39 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\OpenOffice.org

[2012/04/21 00:33:40 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Opera

[2010/10/25 12:59:47 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\PCToolsFirewallPlus

[2010/06/27 23:07:42 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\PrimoPDF

[2012/01/03 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\QuickScan

[2010/10/25 12:59:20 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Spam Monitor

[2010/08/11 09:07:20 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\TeamViewer

[2010/01/19 19:16:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\TomTom

[2010/02/15 12:42:09 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Trusteer

[2010/09/30 22:07:30 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Unyp

[2012/04/28 07:51:09 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\VistaCodecs

[2011/11/09 12:03:49 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Weather Clock

[2011/04/09 11:25:01 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\Windows Live Writer

[2011/10/18 01:44:17 | 000,000,000 | ---D | M] -- C:\Users\crispin\AppData\Roaming\XnView

[2012/05/01 08:26:11 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\AutoSmartDefrag.job

[2012/03/25 04:55:00 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job

[2012/05/01 08:26:12 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\FreeFileViewerUpdateChecker.job

[2012/04/30 18:00:00 | 000,000,446 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job

[2012/05/01 03:45:01 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job

[2012/05/01 08:24:55 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

mij Newbie

mij

Posted
  • Author
Posted

step 3 second part of OTL report

 

 

 

 

========== Custom Scans ==========

 

< %SYSTEMDRIVE%\*.* >

[2010/06/02 06:21:16 | 001,347,354 | ---- | M] () -- C:\Apr2005_d3dx9_25_x64.cab

[2010/06/02 06:21:16 | 001,078,962 | ---- | M] () -- C:\Apr2005_d3dx9_25_x86.cab

[2010/06/02 06:21:16 | 001,397,830 | ---- | M] () -- C:\Apr2006_d3dx9_30_x64.cab

[2010/06/02 06:21:16 | 001,115,221 | ---- | M] () -- C:\Apr2006_d3dx9_30_x86.cab

[2010/06/02 06:21:18 | 000,916,430 | ---- | M] () -- C:\Apr2006_MDX1_x86.cab

[2010/06/02 06:21:18 | 004,162,630 | ---- | M] () -- C:\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 06:21:18 | 000,179,133 | ---- | M] () -- C:\Apr2006_XACT_x64.cab

[2010/06/02 06:21:18 | 000,133,103 | ---- | M] () -- C:\Apr2006_XACT_x86.cab

[2010/06/02 06:21:20 | 000,087,101 | ---- | M] () -- C:\Apr2006_xinput_x64.cab

[2010/06/02 06:21:34 | 000,046,010 | ---- | M] () -- C:\Apr2006_xinput_x86.cab

[2010/06/02 06:21:36 | 000,698,612 | ---- | M] () -- C:\APR2007_d3dx10_33_x64.cab

[2010/06/02 06:21:36 | 000,695,865 | ---- | M] () -- C:\APR2007_d3dx10_33_x86.cab

[2010/06/02 06:21:36 | 001,607,358 | ---- | M] () -- C:\APR2007_d3dx9_33_x64.cab

[2010/06/02 06:21:38 | 001,606,039 | ---- | M] () -- C:\APR2007_d3dx9_33_x86.cab

[2010/06/02 06:21:38 | 000,195,766 | ---- | M] () -- C:\APR2007_XACT_x64.cab

[2010/06/02 06:21:38 | 000,151,225 | ---- | M] () -- C:\APR2007_XACT_x86.cab

[2010/06/02 06:21:38 | 000,096,817 | ---- | M] () -- C:\APR2007_xinput_x64.cab

[2010/06/02 06:21:40 | 000,053,302 | ---- | M] () -- C:\APR2007_xinput_x86.cab

[2010/06/02 06:21:40 | 001,350,542 | ---- | M] () -- C:\Aug2005_d3dx9_27_x64.cab

[2010/06/02 06:21:40 | 001,077,644 | ---- | M] () -- C:\Aug2005_d3dx9_27_x86.cab

[2010/06/02 06:21:40 | 000,182,903 | ---- | M] () -- C:\AUG2006_XACT_x64.cab

[2010/06/02 06:21:40 | 000,137,235 | ---- | M] () -- C:\AUG2006_XACT_x86.cab

[2010/06/02 06:21:40 | 000,087,142 | ---- | M] () -- C:\AUG2006_xinput_x64.cab

[2010/06/02 06:21:40 | 000,046,058 | ---- | M] () -- C:\AUG2006_xinput_x86.cab

[2010/06/02 06:21:42 | 000,852,286 | ---- | M] () -- C:\AUG2007_d3dx10_35_x64.cab

[2010/06/02 06:21:42 | 000,796,867 | ---- | M] () -- C:\AUG2007_d3dx10_35_x86.cab

[2010/06/02 06:21:42 | 001,800,160 | ---- | M] () -- C:\AUG2007_d3dx9_35_x64.cab

[2010/06/02 06:21:42 | 001,708,152 | ---- | M] () -- C:\AUG2007_d3dx9_35_x86.cab

[2010/06/02 06:21:44 | 000,198,096 | ---- | M] () -- C:\AUG2007_XACT_x64.cab

[2010/06/02 06:21:44 | 000,153,012 | ---- | M] () -- C:\AUG2007_XACT_x86.cab

[2010/06/02 06:21:42 | 000,867,612 | ---- | M] () -- C:\Aug2008_d3dx10_39_x64.cab

[2010/06/02 06:21:44 | 000,849,167 | ---- | M] () -- C:\Aug2008_d3dx10_39_x86.cab

[2010/06/02 06:21:44 | 001,794,084 | ---- | M] () -- C:\Aug2008_d3dx9_39_x64.cab

[2010/06/02 06:21:44 | 001,464,672 | ---- | M] () -- C:\Aug2008_d3dx9_39_x86.cab

[2010/06/02 06:21:44 | 000,121,772 | ---- | M] () -- C:\Aug2008_XACT_x64.cab

[2010/06/02 06:21:44 | 000,092,996 | ---- | M] () -- C:\Aug2008_XACT_x86.cab

[2010/06/02 06:21:46 | 000,271,412 | ---- | M] () -- C:\Aug2008_XAudio_x64.cab

[2010/06/02 06:21:46 | 000,271,038 | ---- | M] () -- C:\Aug2008_XAudio_x86.cab

[2010/06/02 06:21:46 | 000,919,044 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 06:21:56 | 000,900,598 | ---- | M] () -- C:\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 06:21:56 | 003,112,111 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 06:21:56 | 003,319,740 | ---- | M] () -- C:\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 06:21:58 | 000,232,635 | ---- | M] () -- C:\Aug2009_d3dx10_42_x64.cab

[2010/06/02 06:21:58 | 000,192,131 | ---- | M] () -- C:\Aug2009_d3dx10_42_x86.cab

[2010/06/02 06:21:58 | 000,136,301 | ---- | M] () -- C:\Aug2009_d3dx11_42_x64.cab

[2010/06/02 06:21:58 | 000,105,044 | ---- | M] () -- C:\Aug2009_d3dx11_42_x86.cab

[2010/06/02 06:21:58 | 000,930,116 | ---- | M] () -- C:\Aug2009_d3dx9_42_x64.cab

[2010/06/02 06:21:58 | 000,728,456 | ---- | M] () -- C:\Aug2009_d3dx9_42_x86.cab

[2010/06/02 06:22:00 | 000,122,408 | ---- | M] () -- C:\Aug2009_XACT_x64.cab

[2010/06/02 06:22:00 | 000,093,106 | ---- | M] () -- C:\Aug2009_XACT_x86.cab

[2010/06/02 06:22:00 | 000,273,264 | ---- | M] () -- C:\Aug2009_XAudio_x64.cab

[2010/06/02 06:22:00 | 000,272,642 | ---- | M] () -- C:\Aug2009_XAudio_x86.cab

[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2010/08/11 21:38:06 | 000,000,090 | ---- | M] () -- C:\bcmwl6.log

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2009/08/08 05:42:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2012/03/14 08:56:03 | 000,007,907 | R--- | M] () -- C:\CLDMA.LOG

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2010/06/02 06:22:00 | 001,357,976 | ---- | M] () -- C:\Dec2005_d3dx9_28_x64.cab

[2010/06/02 06:22:00 | 001,079,456 | ---- | M] () -- C:\Dec2005_d3dx9_28_x86.cab

[2010/06/02 06:22:00 | 000,212,807 | ---- | M] () -- C:\DEC2006_d3dx10_00_x64.cab

[2010/06/02 06:22:00 | 000,191,720 | ---- | M] () -- C:\DEC2006_d3dx10_00_x86.cab

[2010/06/02 06:22:00 | 001,571,154 | ---- | M] () -- C:\DEC2006_d3dx9_32_x64.cab

[2010/06/02 06:22:02 | 001,574,376 | ---- | M] () -- C:\DEC2006_d3dx9_32_x86.cab

[2010/06/02 06:22:02 | 000,192,475 | ---- | M] () -- C:\DEC2006_XACT_x64.cab

[2010/06/02 06:22:02 | 000,145,599 | ---- | M] () -- C:\DEC2006_XACT_x86.cab

[2012/04/30 15:04:33 | 000,000,078 | ---- | M] () -- C:\dldw.log

[2011/03/30 12:40:32 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\DSETUP.dll

[2011/03/30 12:40:32 | 001,566,040 | ---- | M] (Microsoft Corporation) -- C:\dsetup32.dll

[2011/03/30 12:40:32 | 000,044,624 | ---- | M] () -- C:\dxdllreg_x86.cab

[2011/03/30 12:40:34 | 000,517,976 | ---- | M] (Microsoft Corporation) -- C:\DXSETUP.exe

[2011/03/30 12:40:32 | 000,097,152 | ---- | M] () -- C:\dxupdate.cab

[2009/12/15 22:14:25 | 000,000,000 | ---- | M] () -- C:\dxva.log

[2010/06/02 06:22:02 | 001,247,499 | ---- | M] () -- C:\Feb2005_d3dx9_24_x64.cab

[2010/06/02 06:22:02 | 001,013,225 | ---- | M] () -- C:\Feb2005_d3dx9_24_x86.cab

[2010/06/02 06:22:02 | 001,362,796 | ---- | M] () -- C:\Feb2006_d3dx9_29_x64.cab

[2010/06/02 06:22:04 | 001,084,720 | ---- | M] () -- C:\Feb2006_d3dx9_29_x86.cab

[2010/06/02 06:22:10 | 000,178,359 | ---- | M] () -- C:\Feb2006_XACT_x64.cab

[2010/06/02 06:22:10 | 000,132,409 | ---- | M] () -- C:\Feb2006_XACT_x86.cab

[2010/06/02 06:22:12 | 000,194,675 | ---- | M] () -- C:\FEB2007_XACT_x64.cab

[2010/06/02 06:22:12 | 000,147,983 | ---- | M] () -- C:\FEB2007_XACT_x86.cab

[2010/06/02 06:22:12 | 000,054,678 | ---- | M] () -- C:\Feb2010_X3DAudio_x64.cab

[2010/06/02 06:22:12 | 000,020,713 | ---- | M] () -- C:\Feb2010_X3DAudio_x86.cab

[2010/06/02 06:22:14 | 000,122,446 | ---- | M] () -- C:\Feb2010_XACT_x64.cab

[2010/06/02 06:22:14 | 000,093,180 | ---- | M] () -- C:\Feb2010_XACT_x86.cab

[2010/06/02 06:22:14 | 000,276,960 | ---- | M] () -- C:\Feb2010_XAudio_x64.cab

[2010/06/02 06:22:14 | 000,277,191 | ---- | M] () -- C:\Feb2010_XAudio_x86.cab

[2010/09/17 00:31:11 | 000,000,104 | ---- | M] () -- C:\Internet Explorer - Shortcut (2).lnk

[2009/09/26 01:17:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/06/02 06:22:14 | 001,336,002 | ---- | M] () -- C:\Jun2005_d3dx9_26_x64.cab

[2010/06/02 06:22:16 | 001,064,925 | ---- | M] () -- C:\Jun2005_d3dx9_26_x86.cab

[2010/06/02 06:22:16 | 000,180,785 | ---- | M] () -- C:\JUN2006_XACT_x64.cab

[2010/06/02 06:22:16 | 000,133,671 | ---- | M] () -- C:\JUN2006_XACT_x86.cab

[2010/06/02 06:22:16 | 000,699,044 | ---- | M] () -- C:\JUN2007_d3dx10_34_x64.cab

[2010/06/02 06:22:16 | 000,698,472 | ---- | M] () -- C:\JUN2007_d3dx10_34_x86.cab

[2010/06/02 06:22:16 | 001,607,774 | ---- | M] () -- C:\JUN2007_d3dx9_34_x64.cab

[2010/06/02 06:22:16 | 001,607,286 | ---- | M] () -- C:\JUN2007_d3dx9_34_x86.cab

[2010/06/02 06:22:16 | 000,197,122 | ---- | M] () -- C:\JUN2007_XACT_x64.cab

[2010/06/02 06:22:18 | 000,152,909 | ---- | M] () -- C:\JUN2007_XACT_x86.cab

[2010/06/02 06:22:18 | 000,867,828 | ---- | M] () -- C:\JUN2008_d3dx10_38_x64.cab

[2010/06/02 06:22:18 | 000,849,919 | ---- | M] () -- C:\JUN2008_d3dx10_38_x86.cab

[2010/06/02 06:22:18 | 001,792,608 | ---- | M] () -- C:\JUN2008_d3dx9_38_x64.cab

[2010/06/02 06:22:18 | 001,463,878 | ---- | M] () -- C:\JUN2008_d3dx9_38_x86.cab

[2010/06/02 06:22:18 | 000,055,154 | ---- | M] () -- C:\JUN2008_X3DAudio_x64.cab

[2010/06/02 06:22:18 | 000,021,905 | ---- | M] () -- C:\JUN2008_X3DAudio_x86.cab

[2010/06/02 06:22:18 | 000,121,054 | ---- | M] () -- C:\JUN2008_XACT_x64.cab

[2010/06/02 06:22:18 | 000,093,128 | ---- | M] () -- C:\JUN2008_XACT_x86.cab

[2010/06/02 06:22:18 | 000,269,628 | ---- | M] () -- C:\JUN2008_XAudio_x64.cab

[2010/06/02 06:22:20 | 000,269,024 | ---- | M] () -- C:\JUN2008_XAudio_x86.cab

[2010/06/02 06:22:28 | 000,944,460 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 06:22:28 | 000,931,471 | ---- | M] () -- C:\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 06:22:28 | 000,752,783 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 06:22:30 | 000,762,188 | ---- | M] () -- C:\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 06:22:30 | 000,235,955 | ---- | M] () -- C:\Jun2010_d3dx10_43_x64.cab

[2010/06/02 06:22:30 | 000,197,283 | ---- | M] () -- C:\Jun2010_d3dx10_43_x86.cab

[2010/06/02 06:22:30 | 000,138,205 | ---- | M] () -- C:\Jun2010_d3dx11_43_x64.cab

[2010/06/02 06:22:30 | 000,109,445 | ---- | M] () -- C:\Jun2010_d3dx11_43_x86.cab

[2010/06/02 06:22:32 | 000,937,246 | ---- | M] () -- C:\Jun2010_d3dx9_43_x64.cab

[2010/06/02 06:22:32 | 000,768,036 | ---- | M] () -- C:\Jun2010_d3dx9_43_x86.cab

[2010/06/02 06:22:32 | 000,124,596 | ---- | M] () -- C:\Jun2010_XACT_x64.cab

[2010/06/02 06:22:32 | 000,093,686 | ---- | M] () -- C:\Jun2010_XACT_x86.cab

[2010/06/02 06:22:32 | 000,277,338 | ---- | M] () -- C:\Jun2010_XAudio_x64.cab

[2010/06/02 06:22:32 | 000,278,060 | ---- | M] () -- C:\Jun2010_XAudio_x86.cab

[2010/06/02 06:22:32 | 000,844,884 | ---- | M] () -- C:\Mar2008_d3dx10_37_x64.cab

[2010/06/02 06:22:34 | 000,818,260 | ---- | M] () -- C:\Mar2008_d3dx10_37_x86.cab

[2010/06/02 06:22:34 | 001,769,862 | ---- | M] () -- C:\Mar2008_d3dx9_37_x64.cab

[2010/06/02 06:22:34 | 001,443,282 | ---- | M] () -- C:\Mar2008_d3dx9_37_x86.cab

[2010/06/02 06:22:34 | 000,055,058 | ---- | M] () -- C:\Mar2008_X3DAudio_x64.cab

[2010/06/02 06:22:34 | 000,021,867 | ---- | M] () -- C:\Mar2008_X3DAudio_x86.cab

[2010/06/02 06:22:36 | 000,122,336 | ---- | M] () -- C:\Mar2008_XACT_x64.cab

[2010/06/02 06:22:36 | 000,093,734 | ---- | M] () -- C:\Mar2008_XACT_x86.cab

[2010/06/02 06:22:36 | 000,251,194 | ---- | M] () -- C:\Mar2008_XAudio_x64.cab

[2010/06/02 06:22:36 | 000,226,250 | ---- | M] () -- C:\Mar2008_XAudio_x86.cab

[2010/06/02 06:22:36 | 001,067,160 | ---- | M] () -- C:\Mar2009_d3dx10_41_x64.cab

[2010/06/02 06:22:36 | 001,040,745 | ---- | M] () -- C:\Mar2009_d3dx10_41_x86.cab

[2010/06/02 06:22:36 | 001,973,702 | ---- | M] () -- C:\Mar2009_d3dx9_41_x64.cab

[2010/06/02 06:22:36 | 001,612,446 | ---- | M] () -- C:\Mar2009_d3dx9_41_x86.cab

[2010/06/02 06:22:38 | 000,054,600 | ---- | M] () -- C:\Mar2009_X3DAudio_x64.cab

[2010/06/02 06:22:38 | 000,021,298 | ---- | M] () -- C:\Mar2009_X3DAudio_x86.cab

[2010/06/02 06:22:46 | 000,121,506 | ---- | M] () -- C:\Mar2009_XACT_x64.cab

[2010/06/02 06:22:46 | 000,092,740 | ---- | M] () -- C:\Mar2009_XACT_x86.cab

[2010/06/02 06:22:46 | 000,275,044 | ---- | M] () -- C:\Mar2009_XAudio_x64.cab

[2010/06/02 06:22:48 | 000,273,018 | ---- | M] () -- C:\Mar2009_XAudio_x86.cab

[2009/09/26 01:17:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2010/10/25 13:49:12 | 000,000,029 | ---- | M] () -- C:\mylog.txt

[2010/06/02 06:22:48 | 000,864,600 | ---- | M] () -- C:\Nov2007_d3dx10_36_x64.cab

[2010/06/02 06:22:48 | 000,803,884 | ---- | M] () -- C:\Nov2007_d3dx10_36_x86.cab

[2010/06/02 06:22:48 | 001,802,058 | ---- | M] () -- C:\Nov2007_d3dx9_36_x64.cab

[2010/06/02 06:22:48 | 001,709,360 | ---- | M] () -- C:\Nov2007_d3dx9_36_x86.cab

[2010/06/02 06:22:50 | 000,046,144 | ---- | M] () -- C:\NOV2007_X3DAudio_x64.cab

[2010/06/02 06:22:50 | 000,018,496 | ---- | M] () -- C:\NOV2007_X3DAudio_x86.cab

[2010/06/02 06:22:50 | 000,196,762 | ---- | M] () -- C:\NOV2007_XACT_x64.cab

[2010/06/02 06:22:50 | 000,148,264 | ---- | M] () -- C:\NOV2007_XACT_x86.cab

[2010/06/02 06:22:50 | 000,994,154 | ---- | M] () -- C:\Nov2008_d3dx10_40_x64.cab

[2010/06/02 06:22:52 | 000,965,421 | ---- | M] () -- C:\Nov2008_d3dx10_40_x86.cab

[2010/06/02 06:22:52 | 001,906,878 | ---- | M] () -- C:\Nov2008_d3dx9_40_x64.cab

[2010/06/02 06:22:52 | 001,550,796 | ---- | M] () -- C:\Nov2008_d3dx9_40_x86.cab

[2010/06/02 06:22:52 | 000,054,522 | ---- | M] () -- C:\Nov2008_X3DAudio_x64.cab

[2010/06/02 06:22:52 | 000,021,851 | ---- | M] () -- C:\Nov2008_X3DAudio_x86.cab

[2010/06/02 06:22:52 | 000,121,794 | ---- | M] () -- C:\Nov2008_XACT_x64.cab

[2010/06/02 06:22:52 | 000,092,684 | ---- | M] () -- C:\Nov2008_XACT_x86.cab

[2010/06/02 06:22:54 | 000,273,960 | ---- | M] () -- C:\Nov2008_XAudio_x64.cab

[2010/06/02 06:22:54 | 000,272,611 | ---- | M] () -- C:\Nov2008_XAudio_x86.cab

[2010/06/02 06:22:54 | 000,086,037 | ---- | M] () -- C:\Oct2005_xinput_x64.cab

[2010/06/02 06:22:54 | 000,045,359 | ---- | M] () -- C:\Oct2005_xinput_x86.cab

[2010/06/02 06:22:54 | 001,412,902 | ---- | M] () -- C:\OCT2006_d3dx9_31_x64.cab

[2010/06/02 06:22:54 | 001,127,217 | ---- | M] () -- C:\OCT2006_d3dx9_31_x86.cab

[2010/06/02 06:22:54 | 000,182,361 | ---- | M] () -- C:\OCT2006_XACT_x64.cab

[2010/06/02 06:22:54 | 000,138,017 | ---- | M] () -- C:\OCT2006_XACT_x86.cab

[2010/01/19 14:32:26 | 000,000,866 | ---- | M] () -- C:\OpenOffice.org 3.1.lnk

[2012/05/01 08:25:51 | 2459,713,536 | -HS- | M] () -- C:\pagefile.sys

[2009/09/15 13:14:41 | 000,000,426 | ---- | M] () -- C:\RHDSetup.log

[2011/09/04 18:32:26 | 000,000,370 | ---- | M] () -- C:\rkill.log

[2010/03/06 00:45:35 | 000,497,542 | ---- | M] () -- C:\ScanImage01.jpg

[2010/03/06 00:45:37 | 001,225,551 | ---- | M] () -- C:\ScanImage02.jpg

[2010/03/06 00:45:38 | 001,277,259 | ---- | M] () -- C:\ScanImage03.jpg

[2010/03/06 00:45:39 | 001,417,040 | ---- | M] () -- C:\ScanImage04.jpg

[2010/03/06 00:45:40 | 001,177,474 | ---- | M] () -- C:\ScanImage05.jpg

[2010/03/06 00:45:41 | 001,490,617 | ---- | M] () -- C:\ScanImage06.jpg

[2010/03/06 00:45:42 | 001,361,389 | ---- | M] () -- C:\ScanImage07.jpg

[2010/03/06 00:45:43 | 001,241,114 | ---- | M] () -- C:\ScanImage08.jpg

[2010/03/06 00:45:44 | 000,611,744 | ---- | M] () -- C:\ScanImage09.jpg

[2010/03/06 00:45:46 | 001,664,031 | ---- | M] () -- C:\ScanImage10.jpg

[2010/03/06 00:47:27 | 001,317,610 | ---- | M] () -- C:\ScanImage100.jpg

[2010/03/06 00:47:28 | 001,376,471 | ---- | M] () -- C:\ScanImage101.jpg

[2010/03/06 00:47:29 | 001,461,973 | ---- | M] () -- C:\ScanImage102.jpg

[2010/03/06 00:45:47 | 000,648,572 | ---- | M] () -- C:\ScanImage11.jpg

[2010/03/06 00:45:48 | 000,633,808 | ---- | M] () -- C:\ScanImage12.jpg

[2010/03/06 00:45:49 | 000,567,145 | ---- | M] () -- C:\ScanImage13.jpg

[2010/03/06 00:45:50 | 000,846,684 | ---- | M] () -- C:\ScanImage14.jpg

[2010/03/06 00:45:51 | 000,739,236 | ---- | M] () -- C:\ScanImage15.jpg

[2010/03/06 00:45:52 | 001,261,208 | ---- | M] () -- C:\ScanImage16.jpg

[2010/03/06 00:45:53 | 001,358,596 | ---- | M] () -- C:\ScanImage17.jpg

[2010/03/06 00:45:55 | 001,388,630 | ---- | M] () -- C:\ScanImage18.jpg

[2010/03/06 00:45:56 | 001,542,479 | ---- | M] () -- C:\ScanImage19.jpg

[2010/03/06 00:45:57 | 000,766,325 | ---- | M] () -- C:\ScanImage20.jpg

[2010/03/06 00:45:58 | 001,329,710 | ---- | M] () -- C:\ScanImage21.jpg

[2010/03/06 00:45:59 | 001,628,297 | ---- | M] () -- C:\ScanImage22.jpg

[2010/03/06 00:46:01 | 000,967,719 | ---- | M] () -- C:\ScanImage23.jpg

[2010/03/06 00:46:02 | 000,949,955 | ---- | M] () -- C:\ScanImage24.jpg

[2010/03/06 00:46:03 | 000,779,886 | ---- | M] () -- C:\ScanImage25.jpg

[2010/03/06 00:46:04 | 000,520,498 | ---- | M] () -- C:\ScanImage26.jpg

[2010/03/06 00:46:05 | 000,398,555 | ---- | M] () -- C:\ScanImage27.jpg

[2010/03/06 00:46:06 | 000,469,175 | ---- | M] () -- C:\ScanImage28.jpg

[2010/03/06 00:46:07 | 000,493,843 | ---- | M] () -- C:\ScanImage29.jpg

[2010/03/06 00:46:08 | 001,399,777 | ---- | M] () -- C:\ScanImage30.jpg

[2010/03/06 00:46:09 | 001,418,353 | ---- | M] () -- C:\ScanImage31.jpg

[2010/03/06 00:46:10 | 001,407,178 | ---- | M] () -- C:\ScanImage32.jpg

[2010/03/06 00:46:11 | 001,004,001 | ---- | M] () -- C:\ScanImage33.jpg

[2010/03/06 00:46:13 | 001,614,431 | ---- | M] () -- C:\ScanImage34.jpg

[2010/03/06 00:46:14 | 000,974,932 | ---- | M] () -- C:\ScanImage35.jpg

[2010/03/06 00:46:15 | 000,315,121 | ---- | M] () -- C:\ScanImage36.jpg

[2010/03/06 00:46:16 | 000,994,408 | ---- | M] () -- C:\ScanImage37.jpg

[2010/03/06 00:46:17 | 000,820,129 | ---- | M] () -- C:\ScanImage38.jpg

[2010/03/06 00:46:18 | 001,507,269 | ---- | M] () -- C:\ScanImage39.jpg

[2010/03/06 00:46:19 | 001,138,119 | ---- | M] () -- C:\ScanImage40.jpg

[2010/03/06 00:46:20 | 001,063,731 | ---- | M] () -- C:\ScanImage41.jpg

[2010/03/06 00:46:21 | 001,169,277 | ---- | M] () -- C:\ScanImage42.jpg

[2010/03/06 00:46:23 | 001,320,179 | ---- | M] () -- C:\ScanImage43.jpg

[2010/03/06 00:46:24 | 001,232,008 | ---- | M] () -- C:\ScanImage44.jpg

[2010/03/06 00:46:25 | 001,478,098 | ---- | M] () -- C:\ScanImage45.jpg

[2010/03/06 00:46:26 | 001,470,491 | ---- | M] () -- C:\ScanImage46.jpg

[2010/03/06 00:46:27 | 001,334,979 | ---- | M] () -- C:\ScanImage47.jpg

[2010/03/06 00:46:28 | 001,225,015 | ---- | M] () -- C:\ScanImage48.jpg

[2010/03/06 00:46:30 | 000,726,714 | ---- | M] () -- C:\ScanImage49.jpg

[2010/03/06 00:46:31 | 001,463,849 | ---- | M] () -- C:\ScanImage50.jpg

[2010/03/06 00:46:32 | 001,614,709 | ---- | M] () -- C:\ScanImage51.jpg

[2010/03/06 00:46:33 | 000,176,441 | ---- | M] () -- C:\ScanImage52.jpg

[2010/03/06 00:46:34 | 001,576,530 | ---- | M] () -- C:\ScanImage53.jpg

[2010/03/06 00:46:35 | 001,583,156 | ---- | M] () -- C:\ScanImage54.jpg

[2010/03/06 00:46:36 | 001,741,682 | ---- | M] () -- C:\ScanImage55.jpg

[2010/03/06 00:46:38 | 001,402,625 | ---- | M] () -- C:\ScanImage56.jpg

[2010/03/06 00:46:39 | 001,430,170 | ---- | M] () -- C:\ScanImage57.jpg

[2010/03/06 00:46:40 | 000,796,870 | ---- | M] () -- C:\ScanImage58.jpg

[2010/03/06 00:46:41 | 001,357,854 | ---- | M] () -- C:\ScanImage59.jpg

[2010/03/06 00:46:42 | 000,514,876 | ---- | M] () -- C:\ScanImage60.jpg

[2010/03/06 00:46:43 | 001,179,194 | ---- | M] () -- C:\ScanImage61.jpg

[2010/03/06 00:46:44 | 001,481,701 | ---- | M] () -- C:\ScanImage62.jpg

[2010/03/06 00:46:46 | 001,326,628 | ---- | M] () -- C:\ScanImage63.jpg

[2010/03/06 00:46:47 | 001,449,474 | ---- | M] () -- C:\ScanImage64.jpg

[2010/03/06 00:46:48 | 001,254,957 | ---- | M] () -- C:\ScanImage65.jpg

[2010/03/06 00:46:49 | 001,136,703 | ---- | M] () -- C:\ScanImage66.jpg

[2010/03/06 00:46:50 | 001,424,583 | ---- | M] () -- C:\ScanImage67.jpg

[2010/03/06 00:46:51 | 001,173,365 | ---- | M] () -- C:\ScanImage68.jpg

[2010/03/06 00:46:53 | 000,807,519 | ---- | M] () -- C:\ScanImage69.jpg

[2010/03/06 00:46:54 | 001,468,030 | ---- | M] () -- C:\ScanImage70.jpg

[2010/03/06 00:46:55 | 001,394,176 | ---- | M] () -- C:\ScanImage71.jpg

[2010/03/06 00:46:56 | 001,010,966 | ---- | M] () -- C:\ScanImage72.jpg

[2010/03/06 00:46:57 | 000,624,878 | ---- | M] () -- C:\ScanImage73.jpg

[2010/03/06 00:46:58 | 000,185,761 | ---- | M] () -- C:\ScanImage74.jpg

[2010/03/06 00:46:59 | 000,582,301 | ---- | M] () -- C:\ScanImage75.jpg

[2010/03/06 00:47:00 | 000,412,592 | ---- | M] () -- C:\ScanImage76.jpg

[2010/03/06 00:47:01 | 000,616,921 | ---- | M] () -- C:\ScanImage77.jpg

[2010/03/06 00:47:02 | 000,721,510 | ---- | M] () -- C:\ScanImage78.jpg

[2010/03/06 00:47:03 | 000,231,366 | ---- | M] () -- C:\ScanImage79.jpg

[2010/03/06 00:47:04 | 001,004,454 | ---- | M] () -- C:\ScanImage80.jpg

[2010/03/06 00:47:05 | 001,072,298 | ---- | M] () -- C:\ScanImage81.jpg

[2010/03/06 00:47:06 | 000,478,925 | ---- | M] () -- C:\ScanImage82.jpg

[2010/03/06 00:47:08 | 001,042,559 | ---- | M] () -- C:\ScanImage83.jpg

[2010/03/06 00:47:09 | 001,325,223 | ---- | M] () -- C:\ScanImage84.jpg

[2010/03/06 00:47:10 | 000,546,508 | ---- | M] () -- C:\ScanImage85.jpg

[2010/03/06 00:47:11 | 000,842,765 | ---- | M] () -- C:\ScanImage86.jpg

[2010/03/06 00:47:12 | 000,531,415 | ---- | M] () -- C:\ScanImage87.jpg

[2010/03/06 00:47:13 | 000,469,758 | ---- | M] () -- C:\ScanImage88.jpg

[2010/03/06 00:47:14 | 001,321,915 | ---- | M] () -- C:\ScanImage89.jpg

[2010/03/06 00:47:16 | 000,792,536 | ---- | M] () -- C:\ScanImage90.jpg

[2010/03/06 00:47:17 | 001,293,287 | ---- | M] () -- C:\ScanImage91.jpg

[2010/03/06 00:47:18 | 001,386,516 | ---- | M] () -- C:\ScanImage92.jpg

[2010/03/06 00:47:19 | 001,450,788 | ---- | M] () -- C:\ScanImage93.jpg

[2010/03/06 00:47:20 | 000,625,973 | ---- | M] () -- C:\ScanImage94.jpg

[2010/03/06 00:47:21 | 000,624,873 | ---- | M] () -- C:\ScanImage95.jpg

[2010/03/06 00:47:22 | 000,597,353 | ---- | M] () -- C:\ScanImage96.jpg

[2010/03/06 00:47:23 | 001,060,559 | ---- | M] () -- C:\ScanImage97.jpg

[2010/03/06 00:47:25 | 001,245,729 | ---- | M] () -- C:\ScanImage98.jpg

[2010/03/06 00:47:26 | 001,347,805 | ---- | M] () -- C:\ScanImage99.jpg

[2010/07/09 19:41:12 | 000,009,715 | ---- | M] () -- C:\scramble.log

[2010/07/21 20:35:19 | 000,061,440 | -H-- | M] () -- C:\SZKGFS.dat

[2012/03/04 09:37:28 | 000,000,237 | ---- | M] () -- C:\user.js

[2009/12/15 22:14:25 | 000,000,000 | ---- | M] () -- C:\VO.log

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2008/05/09 13:53:58 | 000,121,856 | ---- | M] () -- C:\Windows\system32\Spool\prtprocs\w32x86\dldwdrpp.dll

[2006/11/02 10:46:04 | 000,032,768 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\system32\Spool\prtprocs\w32x86\EP0NPP01.DLL

[2006/11/02 13:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\system32\*.exe /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %PROGRAMFILES%\* >

[2010/06/02 05:21:16 | 001,347,354 | ---- | M] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab

[2010/06/02 05:21:16 | 001,078,962 | ---- | M] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab

[2010/06/02 05:21:16 | 001,397,830 | ---- | M] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab

[2010/06/02 05:21:16 | 001,115,221 | ---- | M] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab

[2010/06/02 05:21:18 | 000,916,430 | ---- | M] () -- C:\Program Files\Apr2006_MDX1_x86.cab

[2010/06/02 05:21:18 | 004,162,630 | ---- | M] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab

[2010/06/02 05:21:18 | 000,179,133 | ---- | M] () -- C:\Program Files\Apr2006_XACT_x64.cab

[2010/06/02 05:21:18 | 000,133,103 | ---- | M] () -- C:\Program Files\Apr2006_XACT_x86.cab

[2010/06/02 05:21:20 | 000,087,101 | ---- | M] () -- C:\Program Files\Apr2006_xinput_x64.cab

[2010/06/02 05:21:34 | 000,046,010 | ---- | M] () -- C:\Program Files\Apr2006_xinput_x86.cab

[2010/06/02 05:21:36 | 000,698,612 | ---- | M] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab

[2010/06/02 05:21:36 | 000,695,865 | ---- | M] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab

[2010/06/02 05:21:36 | 001,607,358 | ---- | M] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab

[2010/06/02 05:21:38 | 001,606,039 | ---- | M] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab

[2010/06/02 05:21:38 | 000,195,766 | ---- | M] () -- C:\Program Files\APR2007_XACT_x64.cab

[2010/06/02 05:21:38 | 000,151,225 | ---- | M] () -- C:\Program Files\APR2007_XACT_x86.cab

[2010/06/02 05:21:38 | 000,096,817 | ---- | M] () -- C:\Program Files\APR2007_xinput_x64.cab

[2010/06/02 05:21:40 | 000,053,302 | ---- | M] () -- C:\Program Files\APR2007_xinput_x86.cab

[2010/06/02 05:21:40 | 001,350,542 | ---- | M] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab

[2010/06/02 05:21:40 | 001,077,644 | ---- | M] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab

[2010/06/02 05:21:40 | 000,182,903 | ---- | M] () -- C:\Program Files\AUG2006_XACT_x64.cab

[2010/06/02 05:21:40 | 000,137,235 | ---- | M] () -- C:\Program Files\AUG2006_XACT_x86.cab

[2010/06/02 05:21:40 | 000,087,142 | ---- | M] () -- C:\Program Files\AUG2006_xinput_x64.cab

[2010/06/02 05:21:40 | 000,046,058 | ---- | M] () -- C:\Program Files\AUG2006_xinput_x86.cab

[2010/06/02 05:21:42 | 000,852,286 | ---- | M] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab

[2010/06/02 05:21:42 | 000,796,867 | ---- | M] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab

[2010/06/02 05:21:42 | 001,800,160 | ---- | M] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab

[2010/06/02 05:21:42 | 001,708,152 | ---- | M] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab

[2010/06/02 05:21:44 | 000,198,096 | ---- | M] () -- C:\Program Files\AUG2007_XACT_x64.cab

[2010/06/02 05:21:44 | 000,153,012 | ---- | M] () -- C:\Program Files\AUG2007_XACT_x86.cab

[2010/06/02 05:21:42 | 000,867,612 | ---- | M] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab

[2010/06/02 05:21:44 | 000,849,167 | ---- | M] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab

[2010/06/02 05:21:44 | 001,794,084 | ---- | M] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab

[2010/06/02 05:21:44 | 001,464,672 | ---- | M] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab

[2010/06/02 05:21:44 | 000,121,772 | ---- | M] () -- C:\Program Files\Aug2008_XACT_x64.cab

[2010/06/02 05:21:44 | 000,092,996 | ---- | M] () -- C:\Program Files\Aug2008_XACT_x86.cab

[2010/06/02 05:21:46 | 000,271,412 | ---- | M] () -- C:\Program Files\Aug2008_XAudio_x64.cab

[2010/06/02 05:21:46 | 000,271,038 | ---- | M] () -- C:\Program Files\Aug2008_XAudio_x86.cab

[2010/06/02 05:21:46 | 000,919,044 | ---- | M] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab

[2010/06/02 05:21:56 | 000,900,598 | ---- | M] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab

[2010/06/02 05:21:56 | 003,112,111 | ---- | M] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab

[2010/06/02 05:21:56 | 003,319,740 | ---- | M] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab

[2010/06/02 05:21:58 | 000,232,635 | ---- | M] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab

[2010/06/02 05:21:58 | 000,192,131 | ---- | M] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab

[2010/06/02 05:21:58 | 000,136,301 | ---- | M] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab

[2010/06/02 05:21:58 | 000,105,044 | ---- | M] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab

[2010/06/02 05:21:58 | 000,930,116 | ---- | M] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab

[2010/06/02 05:21:58 | 000,728,456 | ---- | M] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab

[2010/06/02 05:22:00 | 000,122,408 | ---- | M] () -- C:\Program Files\Aug2009_XACT_x64.cab

[2010/06/02 05:22:00 | 000,093,106 | ---- | M] () -- C:\Program Files\Aug2009_XACT_x86.cab

[2010/06/02 05:22:00 | 000,273,264 | ---- | M] () -- C:\Program Files\Aug2009_XAudio_x64.cab

[2010/06/02 05:22:00 | 000,272,642 | ---- | M] () -- C:\Program Files\Aug2009_XAudio_x86.cab

[2010/06/02 05:22:00 | 001,357,976 | ---- | M] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab

[2010/06/02 05:22:00 | 001,079,456 | ---- | M] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab

[2010/06/02 05:22:00 | 000,212,807 | ---- | M] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab

[2010/06/02 05:22:00 | 000,191,720 | ---- | M] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab

[2010/06/02 05:22:00 | 001,571,154 | ---- | M] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab

[2010/06/02 05:22:02 | 001,574,376 | ---- | M] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab

[2010/06/02 05:22:02 | 000,192,475 | ---- | M] () -- C:\Program Files\DEC2006_XACT_x64.cab

[2010/06/02 05:22:02 | 000,145,599 | ---- | M] () -- C:\Program Files\DEC2006_XACT_x86.cab

[2009/09/16 08:48:47 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[2011/03/30 11:40:32 | 000,095,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll

[2011/03/30 11:40:32 | 001,566,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll

[2011/03/30 11:40:32 | 000,044,624 | ---- | M] () -- C:\Program Files\dxdllreg_x86.cab

[2011/03/30 11:40:34 | 000,517,976 | ---- | M] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe

[2011/03/30 11:40:32 | 000,097,152 | ---- | M] () -- C:\Program Files\dxupdate.cab

[2010/06/02 05:22:02 | 001,247,499 | ---- | M] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab

[2010/06/02 05:22:02 | 001,013,225 | ---- | M] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab

[2010/06/02 05:22:02 | 001,362,796 | ---- | M] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab

[2010/06/02 05:22:04 | 001,084,720 | ---- | M] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab

[2010/06/02 05:22:10 | 000,178,359 | ---- | M] () -- C:\Program Files\Feb2006_XACT_x64.cab

[2010/06/02 05:22:10 | 000,132,409 | ---- | M] () -- C:\Program Files\Feb2006_XACT_x86.cab

[2010/06/02 05:22:12 | 000,194,675 | ---- | M] () -- C:\Program Files\FEB2007_XACT_x64.cab

[2010/06/02 05:22:12 | 000,147,983 | ---- | M] () -- C:\Program Files\FEB2007_XACT_x86.cab

[2010/06/02 05:22:12 | 000,054,678 | ---- | M] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab

[2010/06/02 05:22:12 | 000,020,713 | ---- | M] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab

[2010/06/02 05:22:14 | 000,122,446 | ---- | M] () -- C:\Program Files\Feb2010_XACT_x64.cab

[2010/06/02 05:22:14 | 000,093,180 | ---- | M] () -- C:\Program Files\Feb2010_XACT_x86.cab

[2010/06/02 05:22:14 | 000,276,960 | ---- | M] () -- C:\Program Files\Feb2010_XAudio_x64.cab

[2010/06/02 05:22:14 | 000,277,191 | ---- | M] () -- C:\Program Files\Feb2010_XAudio_x86.cab

[2010/06/02 05:22:14 | 001,336,002 | ---- | M] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab

[2010/06/02 05:22:16 | 001,064,925 | ---- | M] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab

[2010/06/02 05:22:16 | 000,180,785 | ---- | M] () -- C:\Program Files\JUN2006_XACT_x64.cab

[2010/06/02 05:22:16 | 000,133,671 | ---- | M] () -- C:\Program Files\JUN2006_XACT_x86.cab

[2010/06/02 05:22:16 | 000,699,044 | ---- | M] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab

[2010/06/02 05:22:16 | 000,698,472 | ---- | M] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab

[2010/06/02 05:22:16 | 001,607,774 | ---- | M] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab

[2010/06/02 05:22:16 | 001,607,286 | ---- | M] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab

[2010/06/02 05:22:16 | 000,197,122 | ---- | M] () -- C:\Program Files\JUN2007_XACT_x64.cab

[2010/06/02 05:22:18 | 000,152,909 | ---- | M] () -- C:\Program Files\JUN2007_XACT_x86.cab

[2010/06/02 05:22:18 | 000,867,828 | ---- | M] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab

[2010/06/02 05:22:18 | 000,849,919 | ---- | M] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab

[2010/06/02 05:22:18 | 001,792,608 | ---- | M] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab

[2010/06/02 05:22:18 | 001,463,878 | ---- | M] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab

[2010/06/02 05:22:18 | 000,055,154 | ---- | M] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab

[2010/06/02 05:22:18 | 000,021,905 | ---- | M] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab

[2010/06/02 05:22:18 | 000,121,054 | ---- | M] () -- C:\Program Files\JUN2008_XACT_x64.cab

[2010/06/02 05:22:18 | 000,093,128 | ---- | M] () -- C:\Program Files\JUN2008_XACT_x86.cab

[2010/06/02 05:22:18 | 000,269,628 | ---- | M] () -- C:\Program Files\JUN2008_XAudio_x64.cab

[2010/06/02 05:22:20 | 000,269,024 | ---- | M] () -- C:\Program Files\JUN2008_XAudio_x86.cab

[2010/06/02 05:22:28 | 000,944,460 | ---- | M] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab

[2010/06/02 05:22:28 | 000,931,471 | ---- | M] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab

[2010/06/02 05:22:28 | 000,752,783 | ---- | M] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab

[2010/06/02 05:22:30 | 000,762,188 | ---- | M] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab

[2010/06/02 05:22:30 | 000,235,955 | ---- | M] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab

[2010/06/02 05:22:30 | 000,197,283 | ---- | M] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab

[2010/06/02 05:22:30 | 000,138,205 | ---- | M] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab

[2010/06/02 05:22:30 | 000,109,445 | ---- | M] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab

[2010/06/02 05:22:32 | 000,937,246 | ---- | M] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab

[2010/06/02 05:22:32 | 000,768,036 | ---- | M] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab

[2010/06/02 05:22:32 | 000,124,596 | ---- | M] () -- C:\Program Files\Jun2010_XACT_x64.cab

[2010/06/02 05:22:32 | 000,093,686 | ---- | M] () -- C:\Program Files\Jun2010_XACT_x86.cab

[2010/06/02 05:22:32 | 000,277,338 | ---- | M] () -- C:\Program Files\Jun2010_XAudio_x64.cab

[2010/06/02 05:22:32 | 000,278,060 | ---- | M] () -- C:\Program Files\Jun2010_XAudio_x86.cab

[2010/06/02 05:22:32 | 000,844,884 | ---- | M] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab

[2010/06/02 05:22:34 | 000,818,260 | ---- | M] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab

[2010/06/02 05:22:34 | 001,769,862 | ---- | M] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab

[2010/06/02 05:22:34 | 001,443,282 | ---- | M] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab

[2010/06/02 05:22:34 | 000,055,058 | ---- | M] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab

[2010/06/02 05:22:34 | 000,021,867 | ---- | M] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab

[2010/06/02 05:22:36 | 000,122,336 | ---- | M] () -- C:\Program Files\Mar2008_XACT_x64.cab

[2010/06/02 05:22:36 | 000,093,734 | ---- | M] () -- C:\Program Files\Mar2008_XACT_x86.cab

[2010/06/02 05:22:36 | 000,251,194 | ---- | M] () -- C:\Program Files\Mar2008_XAudio_x64.cab

[2010/06/02 05:22:36 | 000,226,250 | ---- | M] () -- C:\Program Files\Mar2008_XAudio_x86.cab

[2010/06/02 05:22:36 | 001,067,160 | ---- | M] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab

[2010/06/02 05:22:36 | 001,040,745 | ---- | M] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab

[2010/06/02 05:22:36 | 001,973,702 | ---- | M] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab

[2010/06/02 05:22:36 | 001,612,446 | ---- | M] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab

[2010/06/02 05:22:38 | 000,054,600 | ---- | M] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab

[2010/06/02 05:22:38 | 000,021,298 | ---- | M] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab

[2010/06/02 05:22:46 | 000,121,506 | ---- | M] () -- C:\Program Files\Mar2009_XACT_x64.cab

[2010/06/02 05:22:46 | 000,092,740 | ---- | M] () -- C:\Program Files\Mar2009_XACT_x86.cab

[2010/06/02 05:22:46 | 000,275,044 | ---- | M] () -- C:\Program Files\Mar2009_XAudio_x64.cab

[2010/06/02 05:22:48 | 000,273,018 | ---- | M] () -- C:\Program Files\Mar2009_XAudio_x86.cab

[2010/06/02 05:22:48 | 000,864,600 | ---- | M] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab

[2010/06/02 05:22:48 | 000,803,884 | ---- | M] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab

[2010/06/02 05:22:48 | 001,802,058 | ---- | M] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab

[2010/06/02 05:22:48 | 001,709,360 | ---- | M] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab

[2010/06/02 05:22:50 | 000,046,144 | ---- | M] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab

[2010/06/02 05:22:50 | 000,018,496 | ---- | M] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab

[2010/06/02 05:22:50 | 000,196,762 | ---- | M] () -- C:\Program Files\NOV2007_XACT_x64.cab

[2010/06/02 05:22:50 | 000,148,264 | ---- | M] () -- C:\Program Files\NOV2007_XACT_x86.cab

[2010/06/02 05:22:50 | 000,994,154 | ---- | M] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab

[2010/06/02 05:22:52 | 000,965,421 | ---- | M] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab

[2010/06/02 05:22:52 | 001,906,878 | ---- | M] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab

[2010/06/02 05:22:52 | 001,550,796 | ---- | M] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab

[2010/06/02 05:22:52 | 000,054,522 | ---- | M] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab

[2010/06/02 05:22:52 | 000,021,851 | ---- | M] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab

[2010/06/02 05:22:52 | 000,121,794 | ---- | M] () -- C:\Program Files\Nov2008_XACT_x64.cab

[2010/06/02 05:22:52 | 000,092,684 | ---- | M] () -- C:\Program Files\Nov2008_XACT_x86.cab

[2010/06/02 05:22:54 | 000,273,960 | ---- | M] () -- C:\Program Files\Nov2008_XAudio_x64.cab

[2010/06/02 05:22:54 | 000,272,611 | ---- | M] () -- C:\Program Files\Nov2008_XAudio_x86.cab

[2010/06/02 05:22:54 | 000,086,037 | ---- | M] () -- C:\Program Files\Oct2005_xinput_x64.cab

[2010/06/02 05:22:54 | 000,045,359 | ---- | M] () -- C:\Program Files\Oct2005_xinput_x86.cab

[2010/06/02 05:22:54 | 001,412,902 | ---- | M] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab

[2010/06/02 05:22:54 | 001,127,217 | ---- | M] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab

[2010/06/02 05:22:54 | 000,182,361 | ---- | M] () -- C:\Program Files\OCT2006_XACT_x64.cab

[2010/06/02 05:22:54 | 000,138,017 | ---- | M] () -- C:\Program Files\OCT2006_XACT_x86.cab

 

< %USERPROFILE%\..|smtmp;true;true;true /FP >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/25 23:59:56 | 000,866,992 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/25 23:59:21 | 000,913,848 | ---- | M] (Mozilla Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\crispin\AppData\Local\Google\Chrome\Application\chrome.exe" [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/03/29 13:21:26 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/29 13:21:28 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

 

< End of report >

mij Newbie

mij

Posted
  • Author
Posted

OTL has not provided an Extras report like it did last time, I'm wondering why? Have I omitted something?

jim

etavares Newbie

etavares

Posted
Posted

Hi jim,

 

Nope...to save time, it only creates that report the first time it's run unless we change an option. So you did everything right. Glad to hear the speed is improving. A few questions for you:

 

I do see a little bit of questionable toolbars we can remove if you're game. We'll use OTL to script them out. It should help a bit more for internet browsing.

 

If you do want to uninstall MBAM please try again and let me know the exact error.

 

Other than that...if you're happy, we're at an OK place. I do recommend removing the other toolbars. Just let me know.

 

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...