Jump to content

maa

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Maniac, Below is the log file from JRT. The popup no longer appears on startup and I haven't noticed any other issues. Should I uninstall any of the programs I ran through the course of this cleaning? Are there any other steps? Thanks, maa ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.4.2 (01.08.2013:1) OS: Windows Vista Home Basic x86 Ran by Mario on Wed 01/09/2013 at 21:17:24.92 Blog: http://thisisudax.blogspot.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope Successfully repaired: [Registry Value] hkey_users\S-1-5-21-293651391-2175594108-1919989058-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Mario\appdata\locallow\boost_interprocess" ~~~ FireFox Successfully deleted: [File] "C:\Users\Mario\AppData\Roaming\mozilla\firefox\profiles\3l4hn9aq.default\extensions\isreaditlater@ideashower.com.xpi" Emptied folder: C:\Users\Mario\AppData\Roaming\mozilla\firefox\profiles\3l4hn9aq.default\minidumps [2 files] Emptied folder: C:\Users\Mario\AppData\Roaming\mozilla\firefox\profiles\5xwdjfww.New Profile1\minidumps [17 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 01/09/2013 at 21:19:55.83 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  2. After running this, the popup message on startup no longer appears. Here is the log: All processes killed ========== OTL ========== C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_91616670.lnk moved successfully. C:\Users\Mario\AppData\Local\temp\_uninst_91616670.bat moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Mario\Desktop\cmd.bat deleted successfully. C:\Users\Mario\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Mario ->Temp folder emptied: 1758243217 bytes ->Temporary Internet Files folder emptied: 256642090 bytes ->Java cache emptied: 51051462 bytes ->FireFox cache emptied: 104176020 bytes ->Google Chrome cache emptied: 23274921 bytes ->Flash cache emptied: 4321070 bytes User: postgres ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1457527563 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 8588315 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 3,494.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 01082013_210101 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
  3. Yes, I still receive this popup when windows starts: "Windows cannot find '215900.exe'. Make sure you typed the name correctly, and then try again" Thanks.
  4. Extras.txt: OTL Extras logfile created on: 1/2/2013 6:49:10 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mario\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 33.68% Memory free 6.20 Gb Paging File | 4.41 Gb Available in Paging File | 71.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.96 Gb Total Space | 3.03 Gb Free Space | 2.18% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 6.75 Gb Free Space | 67.50% Space Free | Partition Type: NTFS Drive F: | 465.76 Gb Total Space | 35.95 Gb Free Space | 7.72% Space Free | Partition Type: NTFS Computer Name: NOFACE | User Name: Mario | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{1D8C2737-3837-4F4A-953B-E212C91E40DF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2A5CE730-4572-4DC1-A5F6-A93F9227FD0A}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs3 server | "{2CB19442-94FB-40B1-9D3C-E36BCEDE267B}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp1\rpcsandrasrv.exe | "{5640303A-CA50-4D41-BEE3-417DE40D9C23}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5A22518E-F1AA-4958-894F-C7FAF4836282}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5DB78D6E-6592-4C82-A554-E3E7EC35BAF1}" = rport=10243 | protocol=6 | dir=out | app=system | "{63E1AC1B-57D3-4395-AE1C-C6591C635FE0}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp1\win32\rpcdatasrv.exe | "{6660BA29-248E-499E-B8D0-88984AEDA131}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8AB256E8-6F83-48CD-9936-21D54C7D659B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{A0573678-D080-4F7C-B90B-D71A8974FE41}" = lport=2869 | protocol=6 | dir=in | app=system | "{C68C873F-9067-44C3-AF2F-EEBA8F55733A}" = lport=50900 | protocol=6 | dir=in | name=adobe version cue cs3 server | "{C834EFBF-4A23-49D8-A0BF-7666CD056A10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ECC09929-3F8C-4E17-9EF9-3BE2E6B12417}" = lport=50901 | protocol=6 | dir=in | name=adobe version cue cs3 server | "{EE52F220-D8A1-4FBF-B319-8CA5FC79F708}" = lport=10243 | protocol=6 | dir=in | app=system | "{EEC304D6-AF8F-4C81-A742-562FE1E4CA0A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F54E84E1-C9DD-48A5-8967-B7B9F8EB7886}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs3 server | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01EB3169-F627-43AA-99DD-4BFF745E92D0}" = protocol=6 | dir=in | app=f:\program files\itunes\itunes.exe | "{0A42B183-7650-400B-ACAB-4A48A95849B1}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{184F61FE-4C6E-4D1C-A154-71B6354F8C27}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{18C2B24C-DD78-49AC-A3E4-D808B3AEA1DB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{19C70447-9B3C-43D5-9574-3F0EE26DB609}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{1C0F94DF-6A1D-435A-8259-71A459B52598}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{2237E4A8-53B4-4CDD-8F8D-DC0EFE968C44}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "{24EC1A1B-61EF-4BC3-A2F2-CF23FB9667EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{2B6EFDD5-5BFD-4C8E-BB7B-A84483C873EC}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{2EE8A05F-637B-4FEB-9510-6E8859356064}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{349B43D0-D9F1-4958-9D83-119FBDF31122}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{35F9C0E1-A070-46B6-B5CF-8345F79C9857}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe | "{44F8ADE0-35A7-4624-B5C9-6AB937DA8507}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5241BE76-D6C2-433A-B8C2-7AFBBEB3E277}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | "{52E04BCD-EC4F-4F65-B51F-B930FF62CE75}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{533E2A8D-BABE-4A03-9A79-7D5F6F682775}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{551DCBCF-CFB3-4722-A251-AB76070B27B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5796C31A-5447-4806-B4C1-DBC0B685A02D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{5F5EA076-7E43-419C-BAFE-08DC210AD780}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{5F78A92A-33E0-4E29-9B2D-BC46EA0CA170}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{63066B05-76CA-43D4-B010-640624D19DB9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{6BB0ABE5-19A0-4F32-BCB0-D7E2A538CB99}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{7014662B-0856-48ED-92A3-24A2DC1D674E}" = protocol=6 | dir=in | app=c:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe | "{716DB8F8-6BB0-4954-B8ED-C65D747E1B0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{74A98A37-E7BF-41ED-8AFC-E94EBFD7763E}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe | "{761CB22C-BE72-4EB3-ACC2-B6DF032C85B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{769F72B2-57E7-401C-88E9-3E6D55EF8A55}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{76A32861-F7B8-484E-B107-CA16A19DF073}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{77AA929B-8E81-47ED-B2F5-E46903BF5A9E}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{7C041B2E-01D1-4B2E-ACF5-0CF1BBB00C09}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{85EC71EB-99CA-43F3-8960-11D63FA5F94C}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{8BB629AC-EFE0-47C8-BAD7-D22E13F2673C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8E3A54D8-7393-4D47-9AC7-21B29B52A7BC}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs3\server\bin\versioncuecs3.exe | "{8EFB1E56-5DAD-418E-A34C-B0DFD0B6C28D}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9076E82D-B962-45AC-9255-095DBA9D66B8}" = protocol=6 | dir=in | app=c:\program files\symantec antivirus\rtvscan.exe | "{918DBF11-3008-4A27-A2D6-1C6388552CAB}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{9329DF39-092E-4BF4-A09C-099E1ADFBE29}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{94D9B2E2-7961-4E65-B703-4A045BADD5DE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{98C9CE01-6219-46B6-8170-244BECB526EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9CEA3E03-073D-471A-9557-46D662C68E42}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{A326D819-1D83-4386-AA9C-FC86E736BC01}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{A8DABBF7-8DB0-4F67-9B90-80B376A2B06E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{AEEE594D-D551-4E86-8979-62F9091C84D8}" = protocol=1 | dir=in | name=sisoftware database agent service (icmp-in) | "{B2FAEA6A-FD17-4671-9F16-DB31A5C935E6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{B42F15C8-36DD-41B1-83C1-29E9F4900A83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B84103E0-B9D2-42B2-8D9F-DF7A848ED0AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{BF531A01-F287-4902-89C4-A332439B4F45}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{BFFF63E0-ABB9-4B3A-99FD-580D85399AA1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C1226EDA-1516-49B6-BF6C-F760D44E6F22}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{C3E6AEFB-695C-46AF-B95B-0080E033DCBA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CD62D56B-CC27-42B3-B436-0D4B32B858C5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D187D326-A604-4D3F-B405-887C9FAE7013}" = protocol=6 | dir=out | app=system | "{DC35B95F-53C0-41EA-8EA9-07BA6B52030E}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | "{DCCA2BA7-0C32-4458-9B78-97DE9A8C5B59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DF353FCB-DE21-4851-8E63-347102507391}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{E3D5F0A2-E69D-4288-9EDD-E2CE81A69B99}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe | "{E504FDE3-89BB-468D-8ACE-CA29E0A437FF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{E54E3AAB-1AD2-472D-BE09-931BC5746792}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{E5F5DB0B-A413-43D9-B381-A18E0454D031}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe | "{E9B83EBA-F297-439D-BF0E-1789E2B279B5}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EBFFBB72-FA3F-45F2-92B4-D5A0D2D4284E}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{F01CEE94-0BB0-4040-929E-A346D6B27765}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | "{F1C53632-37B2-4CCA-9396-9A21A10B445E}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe | "{FB41452E-5EA0-499A-B86D-44C47CFFC316}" = protocol=17 | dir=in | app=c:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe | "{FC590F60-A952-4A71-86FC-E27481CECD72}" = protocol=17 | dir=in | app=c:\program files\symantec antivirus\rtvscan.exe | "TCP Query User{186FAE04-743F-47E5-A6A1-63707891B742}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{3067B47A-341E-4877-8464-D9296EE20818}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | "TCP Query User{385FD31A-83C7-4E3D-AFC2-0CED761A4283}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "TCP Query User{3B2E236E-80A1-4C81-9CCE-9C1C902CB572}C:\blp\wintrv\wintrv.exe" = protocol=6 | dir=in | app=c:\blp\wintrv\wintrv.exe | "TCP Query User{3CFF1882-FE3A-42D6-BF3C-7F0CA83025C9}C:\blp\wintrv\wintrv.exe" = protocol=6 | dir=in | app=c:\blp\wintrv\wintrv.exe | "TCP Query User{4D138DA9-3296-4243-A75F-AC8BDA7E11A9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{61943F57-2454-487A-B428-258DB6395D1E}F:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=f:\program files\itunes\itunes.exe | "TCP Query User{66529CC3-6D70-44C3-BF2D-2CB19C0FBE60}C:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe | "TCP Query User{66E35D12-7DFB-45ED-9F1B-B51F31A5E036}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "TCP Query User{6A959463-B5EE-44DF-A4F7-03D0FD6981EE}C:\program files\stc\qa_07_05\wwwroot\cbt.exe" = protocol=6 | dir=in | app=c:\program files\stc\qa_07_05\wwwroot\cbt.exe | "TCP Query User{A48FAC7C-D986-45D5-8605-49713FF4B600}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{B79367CC-BB30-4BF2-961C-E77F62061993}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | "TCP Query User{E53EE2CC-FB3B-41CE-BB15-41FF02BFF493}C:\blp\api\bbcomm.exe" = protocol=6 | dir=in | app=c:\blp\api\bbcomm.exe | "UDP Query User{07D67426-EEA1-4078-9A1A-C235078908C6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{08D8E764-6F4D-438C-A5C3-0C3D80CD1B4D}C:\blp\api\bbcomm.exe" = protocol=17 | dir=in | app=c:\blp\api\bbcomm.exe | "UDP Query User{0ACEFEAF-89E6-4639-8C92-400E600F9D7A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{75D156A4-BD5A-475C-98C0-A2FA2E6A50E7}C:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\mario\appdata\roaming\dropbox\bin\dropbox.exe | "UDP Query User{8F9373FE-9F09-49D3-BE39-B296075002FE}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe | "UDP Query User{91C971D4-F07B-43A5-8F78-4727B9C1F13F}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | "UDP Query User{B1181B10-79EE-4F59-9336-D482F30E602F}C:\program files\stc\qa_07_05\wwwroot\cbt.exe" = protocol=17 | dir=in | app=c:\program files\stc\qa_07_05\wwwroot\cbt.exe | "UDP Query User{B20AE0CD-771A-4E76-8C0D-70B3F5A1E194}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{D49376ED-3AC0-4469-81AA-F62E426B974C}C:\blp\wintrv\wintrv.exe" = protocol=17 | dir=in | app=c:\blp\wintrv\wintrv.exe | "UDP Query User{E6B80DBA-98E5-4048-848E-F74263B7C8DD}C:\blp\wintrv\wintrv.exe" = protocol=17 | dir=in | app=c:\blp\wintrv\wintrv.exe | "UDP Query User{F38FC82C-37C3-4055-9B68-0378C2001942}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | "UDP Query User{F8382B6A-A389-4075-B432-07881876B0BA}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3 "{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{0DF34F71-6182-474F-B6FE-0B2AF069E6FD}" = VBA (2627.01) "{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard "{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive "{159C13FA-82AF-4DD9-8BC9-5EA368613A20}" = WebEx Recorder and Player "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets "{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server "{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10 "{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes "{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder "{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{32A5AE69-72DD-4E99-BE79-27E1ED6F4F43}" = Bentley SELECT Server V8 XM Edition "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{3B0F52AC-EF5C-4831-B221-06C782E41280}" = Quicken 2008 "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant "{3FA5E4CC-58ED-4ED0-AC9E-ED0759E9166E}" = RedistSysFiles "{4458C442-7376-4CF9-AF58-E8CEA6722363}" = Adobe Setup "{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video "{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3 "{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01) "{5783F2D7-0101-0409-0000-0060B0CE6BBA}" = AutoCAD 2002 "{5783F2D7-6001-0409-0002-0060B0CE6BBA}" = AutoCAD 2008 - English "{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3 "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3 "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash "{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1" = PokerStove version 1.23 "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3 "{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus "{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3 "{7C9E6E52-EB11-44DB-A761-82D5D873A8D9}" = Symantec AntiVirus "{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3 "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles "{8718DC03-D066-4957-94E5-50C3C5042E8E}" = Adobe Creative Suite 3 Master Collection "{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090 "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Documentation & Support Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DFB3904-FBDB-4C2B-AC98-20EFDD37C83D}" = GameTime+ "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core "{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications ® Core - English "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3 "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional "{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3 "{AC8A37CB-39AD-46C2-9AB5-F6FBE037CC57}" = Bentley MicroStation V8 XM Edition 08.09.04.51 "{AFD9E698-03C2-4E88-80A6-1496562D4304}" = Google SketchUp 7.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3 "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3 "{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3 "{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX "{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3 "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XII.SP1 "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3 "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}" = WinZip 15.5 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3 "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{DD7A785B-45C9-4DDB-A726-0889F7A9C006}" = WD SmartWare "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net "{E31E2A9F-D76D-49DD-9851-930DD1B0A081}" = Poker Grapher "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software) "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar "{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler "{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3 "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3 "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.1 "{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE "{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3 "7-Zip" = 7-Zip 4.57 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe_4dcfd9b7e901b57f81f667144603236" = Add or Remove Adobe Creative Suite 3 Master Collection "Any Video Converter_is1" = Any Video Converter 3.1.0 "AutoCAD 2008 - English" = AutoCAD 2008 - English "AutoHotkey" = AutoHotkey 1.0.48.05 "Bloomberg SFD Data Dictionary" = Bloomberg SFD Data Dictionary "CCleaner" = CCleaner "CinemaForge" = CinemaForge "Cisco Connect" = Cisco Connect "DivX Setup" = DivX Setup "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "Fences" = Fences "Free iPod Video Converter_is1" = Free iPod Video Converter 1.26 "Google Desktop" = Google Desktop "GTK 2.0" = GTK+ Runtime 2.12.1 rev b (remove only) "InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video "KLiteCodecPack_is1" = K-Lite Codec Pack 2.27 Full "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000 "McAfee Security Scan" = McAfee Security Scan Plus "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MoneyToolbox" = MSN Money Investment Toolbox "Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Pdf995" = Pdf995 "Pidgin" = Pidgin "Poker Tracker Version 2.16.03d_is1" = Poker Tracker Version 2.16.03d "PokerAce Hud" = PokerAce Hud (remove only) "Pokerazor" = Pokerazor 1.28 "PokerStars" = PokerStars "PokerTracker3" = PokerTracker 3 (remove only) "PowerISO" = PowerISO "RealPlayer 6.0" = RealPlayer "Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0 "VLC media player" = VLC media player 1.0.0 "WinRAR archiver" = WinRAR archiver "Xvid_is1" = Xvid 1.2.2 final uninstall ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2/11/2011 4:56:42 AM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/11/2011 4:56:51 AM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/11/2011 7:59:46 PM | Computer Name = NoFace | Source = Application Error | ID = 1000 Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp 0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception code 0xc0000142, fault offset 0x00009f7d, process id 0x15d0, application start time 0x01cbca47c17107f7. Error - 2/11/2011 8:41:44 PM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/11/2011 8:41:48 PM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/12/2011 12:57:18 AM | Computer Name = NoFace | Source = Application Error | ID = 1000 Description = Faulting application postgres.exe, version 8.3.4.8262, time stamp 0x48d39b63, faulting module kernel32.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception code 0xc0000142, fault offset 0x00009f7d, process id 0x124c, application start time 0x01cbca71525016ea. Error - 2/12/2011 5:31:30 PM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/12/2011 5:31:31 PM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/13/2011 1:54:11 AM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = Error - 2/13/2011 1:54:13 AM | Computer Name = NoFace | Source = Microsoft-Windows-CAPI2 | ID = 131585 Description = [ System Events ] Error - 12/28/2012 2:13:45 AM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 12/28/2012 10:20:24 AM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 12/28/2012 11:34:50 AM | Computer Name = NoFace | Source = Service Control Manager | ID = 7011 Description = Error - 12/30/2012 9:03:07 PM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 12/31/2012 2:37:14 PM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 12/31/2012 5:55:11 PM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 12/31/2012 6:01:08 PM | Computer Name = NoFace | Source = Service Control Manager | ID = 7022 Description = Error - 1/2/2013 7:18:10 PM | Computer Name = NoFace | Source = LSM | ID = 1048 Description = Error - 1/2/2013 7:23:01 PM | Computer Name = NoFace | Source = Service Control Manager | ID = 7022 Description = Error - 1/2/2013 8:00:58 PM | Computer Name = NoFace | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = < End of report >
  5. OTL.txt: OTL logfile created on: 1/2/2013 6:49:10 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mario\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 33.68% Memory free 6.20 Gb Paging File | 4.41 Gb Available in Paging File | 71.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138.96 Gb Total Space | 3.03 Gb Free Space | 2.18% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 6.75 Gb Free Space | 67.50% Space Free | Partition Type: NTFS Drive F: | 465.76 Gb Total Space | 35.95 Gb Free Space | 7.72% Space Free | Partition Type: NTFS Computer Name: NOFACE | User Name: Mario | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/02 18:45:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mario\Desktop\OTL.exe PRC - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012/10/02 14:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012/10/02 14:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012/02/03 12:34:58 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe PRC - [2012/02/03 12:34:56 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe PRC - [2010/12/16 10:57:20 | 000,956,416 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe PRC - [2009/08/17 09:52:08 | 002,043,904 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2009/08/17 09:52:08 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2009/08/17 09:50:32 | 008,919,040 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe PRC - [2009/05/21 09:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/09/19 07:30:34 | 003,674,112 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe PRC - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe PRC - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe PRC - [2007/10/26 14:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe PRC - [2007/03/26 14:00:04 | 000,102,400 | ---- | M] (Bentley Systems, Incorporated) -- C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe PRC - [2007/02/08 00:16:24 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe PRC - [2006/11/28 05:34:38 | 000,134,808 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe PRC - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe PRC - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe PRC - [2006/11/22 16:12:36 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2006/11/12 01:19:46 | 000,446,976 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe PRC - [2006/10/20 16:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe PRC - [2006/09/29 11:39:20 | 000,151,552 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006/09/29 11:38:50 | 000,081,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe ========== Modules (No Company Name) ========== MOD - [2012/12/14 13:26:59 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll MOD - [2012/12/14 13:25:50 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll MOD - [2012/12/14 13:25:46 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll MOD - [2012/12/14 13:25:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll MOD - [2012/12/14 13:25:27 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll MOD - [2012/12/14 13:25:20 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll MOD - [2012/12/14 13:23:40 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll MOD - [2012/12/14 13:23:24 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll MOD - [2012/12/14 13:23:15 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll MOD - [2012/12/14 13:23:06 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll MOD - [2012/12/14 13:22:27 | 007,976,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll MOD - [2012/12/14 13:22:17 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe MOD - [2010/12/16 10:36:18 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll MOD - [2010/12/16 10:36:16 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll MOD - [2010/12/16 10:36:10 | 000,200,704 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libpcre.dll MOD - [2009/08/17 09:26:24 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll MOD - [2009/07/29 15:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll MOD - [2009/03/29 23:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2006/10/26 15:21:22 | 000,056,056 | ---- | M] () -- C:\Windows\System32\DLAAPI_W.DLL ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2012/12/12 23:31:58 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/10/27 13:06:25 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/10/10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/02/03 12:34:58 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc) SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2010/04/15 08:38:29 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service) SRV - [2009/11/06 11:00:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/08/17 09:52:08 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService) SRV - [2008/09/19 03:03:58 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3) SRV - [2008/08/13 17:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/12/12 17:32:20 | 001,253,568 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\RpcSandraSrv.exe -- (SandraTheSrv) SRV - [2007/12/12 17:31:58 | 000,213,176 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP1\Win32\RpcDataSrv.exe -- (SandraDataSrv) SRV - [2007/10/26 14:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2007/07/11 16:25:20 | 000,025,640 | R--- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe -- (ADVService) SRV - [2007/03/26 14:00:04 | 000,102,400 | ---- | M] (Bentley Systems, Incorporated) [Auto | Running] -- C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Gateway.exe -- (Bentley SELECT Server Gateway) SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3) SRV - [2006/11/28 05:34:26 | 000,122,008 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam) SRV - [2006/11/28 05:34:18 | 001,962,136 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus) SRV - [2006/11/28 05:34:00 | 000,030,872 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch) SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2006/11/22 16:12:16 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2006/11/07 12:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService) SRV - [2006/10/31 09:32:09 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2006/09/29 11:38:50 | 000,081,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Mario\AppData\Local\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2012/10/10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012/09/17 03:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20121212.006\NAVEX15.SYS -- (NAVEX15) DRV - [2012/09/17 03:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20121212.006\NAVENG.SYS -- (NAVENG) DRV - [2012/07/31 19:34:46 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012/07/31 19:34:45 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2009/11/08 22:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2008/01/18 23:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) DRV - [2007/10/26 14:27:00 | 000,306,300 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV - [2007/06/09 19:27:59 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2007/02/08 19:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M) DRV - [2007/02/08 19:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2007/02/08 00:16:26 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2007/01/31 13:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE) DRV - [2007/01/18 16:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA) DRV - [2006/11/22 15:17:06 | 000,274,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2006/11/22 15:17:06 | 000,247,144 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2006/11/22 15:17:06 | 000,025,448 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006/10/26 15:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM) DRV - [2006/10/26 15:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2006/10/26 15:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM) DRV - [2006/10/26 15:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2006/10/26 15:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2006/10/26 15:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2006/10/26 15:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2006/10/26 15:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2006/10/26 11:01:34 | 000,185,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI) DRV - [2006/10/26 11:01:34 | 000,026,384 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV) DRV - [2006/10/06 13:26:16 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct) DRV - [2006/08/17 14:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.dell.com/support/in [binary data over 200 bytes] IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60341 IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DLUS_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=OmyzwPx2JnLS6GhGmPVW8C6J31E?q={searchTerms} IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.epcompanion.org" FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..keyword.enabled: false FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\@xmlauthor.com/downloads: C:\Windows\system32\npmirage.dll (XMLAuthor Inc.) FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Mario\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: C:\Users\Mario\AppData\Roaming\nprhapengine.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/01/01 23:37:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/04 20:47:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 13:06:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 13:06:18 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Mario\AppData\Roaming\Move Networks [2012/12/04 20:59:58 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/27 13:06:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/27 13:06:18 | 000,000,000 | ---D | M] [2008/09/11 14:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mario\AppData\Roaming\Mozilla\Extensions [2010/08/13 18:44:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\extensions [2010/02/10 11:24:27 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010/07/22 07:32:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/10/22 17:59:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\extensions [2012/07/15 19:13:38 | 000,223,394 | ---- | M] () (No name found) -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\extensions\isreaditlater@ideashower.com.xpi [2008/05/03 23:13:59 | 000,001,504 | ---- | M] () -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\searchplugins\imdb.xml [2010/08/07 16:04:21 | 000,001,562 | ---- | M] () -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\searchplugins\tableratings.xml [2008/05/04 16:11:14 | 000,000,705 | ---- | M] () -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\searchplugins\webster.xml [2008/05/04 09:24:48 | 000,001,032 | ---- | M] () -- C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\3l4hn9aq.default\searchplugins\wikipedia-eng.xml [2012/10/27 13:06:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [2012/12/04 20:59:58 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\MARIO\APPDATA\ROAMING\MOVE NETWORKS [2012/10/27 13:06:26 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012/08/30 17:19:07 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/10/13 15:50:30 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - homepage: http://www.epcompanion.org/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://www.epcompanion.org/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mario\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mario\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mario\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Mario\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files\DivX\DivX Content Uploader\npUpload.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Google Update (Enabled) = C:\Users\Mario\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Mario\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: XMLAuthor Inc. npmirage (Enabled) = C:\Windows\system32\npmirage.dll CHR - plugin: iTunes Application Detector (Enabled) = F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - Extension: Speed Dial = C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\ CHR - Extension: Springpad = C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\ CHR - Extension: Quick Note = C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ O1 HOSTS File: ([2012/12/16 14:30:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.) O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll () O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\Toolbar\WebBrowser: (no name) - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - No CLSID value found. O3 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.) O4 - HKLM..\Run: [RMAlert] C:\Program Files\PC Tools Registry Mechanic\Alert.exe (PC Tools) O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools) O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1003..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1004..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.) O4 - HKU\S-1-5-21-293651391-2175594108-1919989058-1004..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - Startup: C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_91616670.lnk = C:\Users\Mario\AppData\Local\temp\_uninst_91616670.bat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-293651391-2175594108-1919989058-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-293651391-2175594108-1919989058-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll File not found O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files\Evernote\Evernote3.5\enbar.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..Trusted Domains: msn.com ([moneycentral] https in Trusted sites) O15 - HKU\S-1-5-21-293651391-2175594108-1919989058-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {3DC2E31C-371A-4BD3-9A27-CDF57CE604CF} http://download.microsoft.com/download/7/1/D/71D9F11F-0C02-4707-9D60-D56EA8951020/pmupd806.exe (Reg Error: Key error.) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/AutoCAD%202002/AcDcToday.ocx (AcDcToday Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.10.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/AutoCAD%202002/AcPreview.ocx (AcPreview Control) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95BD10A2-992E-4E20-AAAE-45F7BB90EB14}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock) O24 - Desktop WallPaper: C:\Users\Mario\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Mario\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/05 15:57:05 | 000,000,073 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013/01/02 18:44:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mario\Desktop\OTL.exe [2012/12/31 14:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012/12/31 13:51:28 | 000,000,000 | ---D | C] -- C:\Users\Mario\Desktop\JavaRa [2012/12/25 23:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012/12/17 20:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012/12/16 14:34:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/12/16 14:34:00 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/12/16 14:34:00 | 000,000,000 | ---D | C] -- C:\Users\Mario\AppData\Local\temp [2012/12/16 14:08:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/12/16 14:08:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/12/16 14:08:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/12/16 14:07:47 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/12/16 14:07:11 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/12/16 13:54:32 | 005,010,912 | R--- | C] (Swearware) -- C:\Users\Mario\Desktop\ComboFix.exe [2012/12/15 12:23:22 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mario\Desktop\tdsskiller.exe [2012/12/14 15:07:02 | 000,000,000 | ---D | C] -- C:\Users\Mario\Desktop\DDS logs - 1st run [2012/12/14 14:07:31 | 000,000,000 | ---D | C] -- C:\Users\Mario\Desktop\mbar-1.01.0.1011 [2012/12/13 02:04:19 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012/12/13 02:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012/12/12 23:33:44 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Mario\Desktop\dds.com [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/02 18:45:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mario\Desktop\OTL.exe [2013/01/02 18:30:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/01/02 18:27:11 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000UA.job [2013/01/02 18:19:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/02 18:17:56 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/02 18:17:56 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/02 18:17:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/02 00:08:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/01/01 20:49:56 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000Core.job [2012/12/31 13:47:22 | 000,135,237 | ---- | M] () -- C:\Users\Mario\Desktop\JavaRa-2.0.zip [2012/12/28 01:58:35 | 000,086,528 | ---- | M] () -- C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/12/28 01:08:43 | 000,001,356 | ---- | M] () -- C:\Users\Mario\AppData\Local\d3d9caps.dat [2012/12/25 23:06:36 | 000,000,847 | ---- | M] () -- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_91616670.lnk [2012/12/25 21:58:22 | 149,564,568 | ---- | M] () -- C:\Users\Mario\Desktop\setup_11.0.0.1245.x01_2012_12_26_05_15.exe [2012/12/21 18:13:41 | 001,845,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/12/19 01:12:45 | 000,001,441 | ---- | M] () -- C:\scu.dat [2012/12/17 20:28:23 | 000,002,048 | ---- | M] () -- C:\Users\Mario\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/12/16 14:30:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012/12/16 13:55:04 | 005,010,912 | R--- | M] (Swearware) -- C:\Users\Mario\Desktop\ComboFix.exe [2012/12/15 12:23:40 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mario\Desktop\tdsskiller.exe [2012/12/14 14:52:53 | 000,615,496 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/12/14 14:52:53 | 000,108,498 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/12/14 14:14:56 | 000,029,882 | ---- | M] () -- C:\Users\Mario\Desktop\mbar message.jpg [2012/12/14 13:16:26 | 013,485,902 | ---- | M] () -- C:\Users\Mario\Desktop\mbar-1.01.0.1011.zip [2012/12/12 23:49:53 | 000,415,948 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012/12/12 23:49:52 | 000,415,948 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012/12/12 23:35:06 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Mario\Desktop\dds.com [2012/12/12 22:52:36 | 000,022,494 | ---- | M] () -- C:\Users\Mario\Desktop\startup error.jpg [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/12/31 13:47:18 | 000,135,237 | ---- | C] () -- C:\Users\Mario\Desktop\JavaRa-2.0.zip [2012/12/25 23:06:36 | 000,000,847 | ---- | C] () -- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_91616670.lnk [2012/12/25 21:56:16 | 149,564,568 | ---- | C] () -- C:\Users\Mario\Desktop\setup_11.0.0.1245.x01_2012_12_26_05_15.exe [2012/12/17 23:37:48 | 000,001,441 | ---- | C] () -- C:\scu.dat [2012/12/16 14:08:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/12/16 14:08:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/12/16 14:08:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/12/16 14:08:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/12/16 14:08:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/12/14 14:14:56 | 000,029,882 | ---- | C] () -- C:\Users\Mario\Desktop\mbar message.jpg [2012/12/14 13:15:53 | 013,485,902 | ---- | C] () -- C:\Users\Mario\Desktop\mbar-1.01.0.1011.zip [2012/12/13 01:58:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012/12/13 01:58:04 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012/12/12 22:52:35 | 000,022,494 | ---- | C] () -- C:\Users\Mario\Desktop\startup error.jpg [2012/10/27 22:37:36 | 005,664,546 | ---- | C] () -- C:\Users\Mario\firefox bookmarks1.html [2012/04/05 23:20:43 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe [2011/03/16 19:09:20 | 000,012,020 | -HS- | C] () -- C:\Users\Mario\AppData\Local\3130882944 [2010/04/13 16:04:40 | 000,005,083 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf [2010/02/16 11:04:52 | 000,386,560 | ---- | C] () -- C:\Users\Mario\RCH_Stock_Market_Functions.xla [2009/12/11 22:17:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/10/09 14:48:30 | 000,415,948 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/10/09 14:48:30 | 000,415,948 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/09/22 21:25:14 | 000,001,356 | ---- | C] () -- C:\Users\Mario\AppData\Local\d3d9caps.dat [2009/07/10 12:15:34 | 000,004,924 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda [2009/03/24 10:30:57 | 000,004,096 | -H-- | C] () -- C:\Users\Mario\AppData\Local\keyfile3.drm [2007/11/05 15:16:13 | 000,000,093 | ---- | C] () -- C:\Users\Mario\AppData\Local\fusioncache.dat [2007/09/25 19:13:05 | 000,003,737 | ---- | C] () -- C:\Users\Mario\Desktop(2) [2007/04/22 21:59:07 | 000,000,000 | ---- | C] () -- C:\Users\Mario\AppData\Roaming\wklnhst.dat [2007/04/22 20:57:20 | 000,086,528 | ---- | C] () -- C:\Users\Mario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009/05/05 16:50:08 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\.purple [2012/11/14 08:09:01 | 000,000,000 | -HSD | M] -- C:\Users\Mario\AppData\Roaming\8A1713 [2010/11/08 22:56:37 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\AnvSoft [2010/04/18 21:33:06 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Autodesk [2007/11/05 16:30:59 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Bentley [2009/05/15 16:33:11 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\DMCache [2008/09/02 13:20:27 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\DNA [2012/10/22 18:31:00 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Dropbox [2012/11/14 20:07:23 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Fuoda [2009/11/22 13:18:52 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Leadertech [2012/11/13 19:27:35 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Luagod [2012/11/13 19:25:39 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Papa [2008/01/08 04:27:20 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\pdf995 [2009/02/11 13:45:34 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Pokerazor [2011/12/28 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Stardock [2009/04/30 13:40:21 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\TeamViewer [2007/04/22 21:59:10 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Template [2012/12/14 14:07:24 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\uTorrent [2009/11/19 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Mario\AppData\Roaming\Western Digital ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 209 bytes -> C:\ProgramData\TEMP:B0A96209 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:8CEFE51A @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C05A8628 @Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report >
  6. Maniac, I've run JavaRe to uninstall and then reinstall Java. I rebooted and still encounter the same popup message. Any thoughts on how to proceed? Thanks!
  7. Upon a restart of my computer, a black box window popped up with the application name of "_uninst_91616670", and an error prompt for this application appeared with the following text: "Windows cannot find '215900.exe'. Make sure you typed the name correctly, and then try again" What does this mean? Thanks!
  8. Here is the Kapersky log: Status: Deleted (events: 191) 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/Glorussstmz.class High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/a.class High 12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN High 12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ High 12/25/2012 11:35:39 PM Deleted Trojan program Trojan-Downloader.Java.Agent.es C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/AppletPanel.class High 12/25/2012 11:35:39 PM Deleted Trojan program Exploit.Java.Agent.v C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500000.VBN//CryptZ/Main.class High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.bu C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/a.class High 12/25/2012 11:35:43 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500002.VBN//CryptZ/bpac/KAVS.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.k C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/Glorussstmz.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/CusBen.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/padle.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/hubert.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/ClassPol.class High 12/25/2012 11:35:47 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500003.VBN//CryptZ/BlogRoner.class High 12/25/2012 11:35:49 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500005.VBN//CryptZ/bpac/KAVS.class High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ High 12/25/2012 11:35:57 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500008.VBN//CryptZ/quote/Mailvue.class High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/Email.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.j C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/CusBen.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.m C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/padle.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.l C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/hubert.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.i C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/ClassPol.class High 12/25/2012 11:35:53 PM Deleted Trojan program Exploit.Java.CVE-2010-0094.h C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500006.VBN//CryptZ/BlogRoner.class High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateApplication.class High 12/25/2012 11:35:58 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000A.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fx C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Emailer.class High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/Email.class High 12/25/2012 11:35:59 PM Deleted Trojan program Exploit.Java.Agent.dy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000C.VBN//CryptZ/JavaUpdateManager.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ab C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Is.class High 12/25/2012 11:36:02 PM Deleted Trojan program Exploit.Java.Agent.f C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/Familie.class High 12/25/2012 11:36:02 PM Deleted Trojan program Trojan-Downloader.Java.Agent.fy C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000D.VBN//CryptZ/gogol/PhonBook.class High 12/25/2012 11:36:07 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0750000F.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.aa C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/MyName.class High 12/25/2012 11:36:07 PM Deleted Trojan program Trojan.Java.Agent.ac C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500013.VBN//CryptZ/Phone.class High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.ar C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/Email.class High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ High 12/25/2012 11:36:14 PM Deleted Trojan program Exploit.Java.CVE-2010-0842.d C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300000.VBN//CryptZ/SiteAudioHelper.class High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/encode/Unicode.class High 12/25/2012 11:36:12 PM Deleted Trojan program Exploit.Java.Agent.as C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\07500017.VBN//CryptZ/ExecService.class High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main$1.class High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ High 12/25/2012 11:36:22 PM Deleted Trojan program Trojan-Downloader.Java.Agent.ja C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300006.VBN//CryptZ/RequiredJavaComponent.class High 12/25/2012 11:36:18 PM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300002.VBN//CryptZ/setup/lang.class High 12/25/2012 11:36:20 PM Deleted Trojan program Trojan-Downloader.Java.Agent.jj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\08300004.VBN//CryptZ/Main.class High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ High 12/25/2012 11:36:26 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\09F80000.VBN//CryptZ//UPX High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ High 12/25/2012 11:36:29 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0A0C0000.VBN//CryptZ//UPX High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ High 12/25/2012 11:36:33 PM Deleted Trojan program Trojan-Downloader.Java.OpenStream.bq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00000.VBN//CryptZ/glass/boing.class High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ High 12/25/2012 11:36:34 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00001.VBN//CryptZ/setup/lang.class High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ High 12/25/2012 11:36:58 PM Deleted Trojan program Exploit.Java.CVE-2010-0840.b C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00002.VBN//CryptZ/setup/lang.class High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ High 12/25/2012 11:39:14 PM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0AB00003.VBN//CryptZ/bpac/b.class High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ High 12/25/2012 11:39:27 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B8C0000.VBN//CryptZ//UPX High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ High 12/25/2012 11:39:37 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BBC0000.VBN//CryptZ//UPX High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ High 12/25/2012 11:39:44 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BC40000.VBN//CryptZ//UPX High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ High 12/25/2012 11:39:53 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BFC0000.VBN//CryptZ//UPX High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ High 12/25/2012 11:40:06 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C000000.VBN//CryptZ//UPX High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ High 12/25/2012 11:56:23 PM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C0C0000.VBN//CryptZ//UPX High 12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN Medium 12/25/2012 11:58:58 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140002.VBN//CryptZ Medium 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN High 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ High 12/25/2012 11:59:10 PM Deleted Trojan program Trojan.Win32.Buzus.agcj C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0B100000.VBN//CryptZ//Bangbros.com password geneator by Sev7n.exe High 12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN Medium 12/25/2012 11:58:59 PM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140003.VBN//CryptZ Medium 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN High 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ High 12/26/2012 12:01:00 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EA00000.VBN//CryptZ//UPX High 12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN Medium 12/26/2012 12:01:03 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140004.VBN//CryptZ Medium 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN High 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ High 12/26/2012 12:01:06 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0EDC0000.VBN//CryptZ//UPX High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ High 12/26/2012 12:01:08 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00002.VBN//CryptZ/bpac/KAVS.class High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ High 12/26/2012 12:01:10 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00003.VBN//CryptZ/bpac/KAVS.class High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ High 12/26/2012 12:01:13 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00004.VBN//CryptZ/prev/monoid.class High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/a.class High 12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN High 12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN//CryptZ High 12/26/2012 12:01:17 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\117C0000.VBN//CryptZ//UPX High 12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN High 12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN//CryptZ High 12/26/2012 12:01:20 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11880000.VBN//CryptZ//UPX High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan.Java.Agent.am C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/b.class High 12/26/2012 12:01:15 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.cg C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\10F00005.VBN//CryptZ/bpac/KAVS.class High 12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN High 12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN//CryptZ High 12/26/2012 12:01:22 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\11B80000.VBN//CryptZ//UPX High 12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN High 12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ High 12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/AServers.class High 12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN High 12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ High 12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/AServers.class High 12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN High 12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ High 12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/AServers.class High 12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/Server1.class High 12/26/2012 12:01:24 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0000.VBN//CryptZ/javax/Server2.class High 12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/Server1.class High 12/26/2012 12:01:36 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0001.VBN//CryptZ/javax/Server2.class High 12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN High 12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN//CryptZ High 12/26/2012 12:01:43 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\13800000.VBN//CryptZ//UPX High 12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/Server1.class High 12/26/2012 12:01:39 AM Deleted Trojan program Trojan-Downloader.Java.Agent.fe C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\12CC0002.VBN//CryptZ/javax/Server2.class High 12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.fs C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN High 12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.eq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ High 12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.eq C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ/json/Parser.class High 12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN High 12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN//CryptZ High 12/26/2012 12:01:57 AM Deleted Trojan program Trojan.Win32.BHO.eow C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0BF40000\4BF4846E.VBN//CryptZ//UPX High 12/26/2012 12:01:55 AM Deleted Trojan program Exploit.Java.CVE-2010-0840.fs C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\16B4000D.VBN//CryptZ/json/XML.class High 12/26/2012 12:02:31 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140001\4DFE4545.VBN Medium 12/26/2012 12:02:31 AM Deleted malware Hoax.HTML.FakeAntivirus.a C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C140001\4DFE4545.VBN//CryptZ Medium 12/26/2012 12:03:26 AM Deleted virus Worm.Win32.AutoRun.gmf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C580000\4CFA7E15.VBN High 12/26/2012 12:03:26 AM Deleted virus Worm.Win32.AutoRun.gmf C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0C580000\4CFA7E15.VBN//CryptZ High 12/26/2012 12:03:23 AM Deleted Trojan program Trojan.Win32.FraudPack.awms C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D3C0001\4D3F3322.VBN High 12/26/2012 12:03:23 AM Deleted Trojan program Trojan.Win32.FraudPack.awms C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0D3C0001\4D3F3322.VBN//CryptZ High 12/26/2012 12:03:25 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00000\4DB53FE8.VBN High 12/26/2012 12:03:25 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00000\4DB53FE8.VBN//CryptZ High 12/26/2012 12:03:30 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00001\4DB54000.VBN High 12/26/2012 12:03:30 AM Deleted virus P2P-Worm.Win32.Palevo.fuc C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DB00001\4DB54000.VBN//CryptZ High 12/26/2012 12:03:35 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN High 12/26/2012 12:03:35 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN//CryptZ High 12/26/2012 12:03:35 AM Deleted Trojan program Exploit.Java.CVE-2012-0507.mr C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0DC80000\5DCDEFB1.VBN//CryptZ/sIda/sIdb.class High 12/26/2012 12:03:40 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN High 12/26/2012 12:03:40 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-1723.gen C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN//CryptZ High 12/26/2012 12:03:40 AM Deleted Trojan program Exploit.Java.CVE-2012-0507.mr C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E300000\5E7D0904.VBN//CryptZ/sIda/sIdb.class High 12/26/2012 12:03:44 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN High 12/26/2012 12:03:44 AM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ High 12/26/2012 12:03:44 AM Deleted Trojan program Trojan.Java.Agent.ak C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ/chrome/Unicode.class High 12/26/2012 12:03:44 AM Deleted Trojan program Trojan-Downloader.Java.OpenConnection.dd C:\Documents and Settings\All Users\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\14880000\5FB80C9C.VBN//CryptZ/direct/bear.class High 12/26/2012 12:14:24 AM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-4681.gen C:\Documents and Settings\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\2b8f6efc-10bd4d82 High Thanks
  9. I reran Malwarebytes, and this time no items were found. So it looks like the malware I originally posted about is gone. Is there any other diagnostic tool I should run to confirm this? Thanks for all your help! -maa
  10. I have run JavaRa and installed a fresh version of Java. Thanks for your help so far. What is the next step?
  11. I reran ESET Online Scanner because the log file did not populate with data other than the two lines posted in my last reply. This time, again the log shows the same thing, but prior to exiting the ESET Online Scanner, I exported the items found to a text file, which I am posting below. This time it found more items; perhaps this is because I selected for the program to scan archives this time as well. Please let me know what you find in these logs and what the next step is. Thank you! C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\5510090f-6f0d5a83 multiple threats deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\12a29e1f-6659172f multiple threats deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\5185f621-7e5391c9 probably a variant of Java/Exploit.CVE-2012-1723.DH trojan deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\12b52ba2-27f5dd03 a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\43362130-78e1c13e a variant of Java/Exploit.CVE-2011-3544.B trojan deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3ecea2f2-574b8882 multiple threats deleted - quarantined C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\45815038-505ee3a6 multiple threats deleted - quarantined
  12. Here is the log file after I ran the ESET Online Scanner. It doesn't look right to me. The process did find 2 items that it quarantined, but the log is only two lines long total: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK
  13. Maniac, here is the ComboFix log: ComboFix 12-12-14.01 - Mario 12/16/2012 14:12:03.1.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3069.1451 [GMT -5:00] Running from: c:\users\Mario\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\3130882944 c:\programdata\xml1120.tmp c:\programdata\xml12A7.tmp c:\programdata\xmlE04.tmp c:\windows\Downloaded Program Files\Temp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . ((((((((((((((((((((((((( Files Created from 2012-11-16 to 2012-12-16 ))))))))))))))))))))))))))))))) . . 2012-12-13 07:06 . 2012-12-13 07:06 -------- d-----w- c:\users\UpdatusUser 2012-12-13 07:05 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-12-13 07:04 . 2012-10-11 02:14 52584 ----a-w- c:\windows\system32\OpenCL.dll 2012-12-13 07:03 . 2012-12-13 07:03 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-12-13 06:57 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll 2012-12-13 06:57 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2012-12-13 06:57 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2012-12-13 06:57 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll 2012-12-13 06:57 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2012-12-13 06:57 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2012-12-13 06:57 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys 2012-12-13 06:57 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys 2012-12-13 06:57 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2012-12-13 06:57 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll 2012-12-13 06:57 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2012-12-13 05:29 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDC6C61F-1D0B-46D7-879A-6E57FCB8C5DC}\mpengine.dll 2012-12-13 05:28 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys 2012-12-13 05:28 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll 2012-12-13 05:28 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll 2012-12-13 05:28 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe 2012-12-13 05:28 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys 2012-12-13 05:28 . 2012-11-08 03:46 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-13 05:28 . 2012-11-08 01:36 293376 ----a-w- c:\windows\system32\atmfd.dll 2012-12-13 05:28 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-13 04:31 . 2012-04-06 04:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-13 04:31 . 2011-05-28 16:32 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-11 02:15 . 2012-10-11 02:15 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-10-11 02:15 . 2012-10-11 02:15 2574696 ----a-w- c:\windows\system32\nvcuvid.dll 2012-10-11 02:14 . 2012-10-11 02:14 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-10-11 02:14 . 2012-10-11 02:14 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-10-11 02:14 . 2012-10-11 02:14 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-10-11 02:14 . 2012-10-11 02:14 2428776 ----a-w- c:\windows\system32\nvapi.dll 2012-10-11 02:14 . 2012-10-11 02:14 7697768 ----a-w- c:\windows\system32\nvcuda.dll 2012-10-11 02:14 . 2012-10-11 02:14 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-10-11 02:14 . 2012-10-11 02:14 19906920 ----a-w- c:\windows\system32\nvoglv32.dll 2012-10-11 02:14 . 2012-10-11 02:14 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-10-11 02:14 . 2012-10-11 02:14 6127464 ----a-w- c:\windows\system32\nvopencl.dll 2012-10-11 02:14 . 2012-10-11 02:14 15309160 ----a-w- c:\windows\system32\nvd3dum.dll 2012-10-02 19:29 . 2009-09-27 21:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-10-02 19:29 . 2009-09-27 21:47 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-10-02 19:29 . 2009-09-27 21:47 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-10-02 19:29 . 2009-09-27 21:47 2853224 ----a-w- c:\windows\system32\nvsvc.dll 2012-10-02 19:28 . 2009-09-27 21:46 3965288 ----a-w- c:\windows\system32\nvcpl.dll 2012-10-02 18:15 . 2012-10-02 18:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe 2012-09-29 23:54 . 2008-07-02 19:29 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-27 18:06 . 2012-10-27 18:06 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2010-07-08 13:42 . 2012-10-27 18:06 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-11-08 21:58 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-22 107112] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-11-28 134808] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "SigmatelSysTrayApp"="sttray.exe" [2007-02-08 303104] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888] "iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2011-10-09 421736] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2012-02-03 103896] "RMAlert"="c:\program files\PC Tools Registry Mechanic\Alert.exe" [2012-02-03 1018328] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Evernote Clipper.lnk - c:\windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico [2011-5-1 293950] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528] VPN Client.lnk - c:\windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico [2010-12-26 6144] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-8-17 2043904] WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-8-17 8919040] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2007-05-11 03:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] 2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-10-09 22:06 421736 ----a-w- f:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2012-09-29 23:54 981656 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] 2009-11-09 03:17 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2012-12-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 04:31] . 2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03] . 2012-12-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2012-09-19 04:03] . 2012-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000Core.job - c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49] . 2012-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-293651391-2175594108-1919989058-1000UA.job - c:\users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-24 13:49] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204 IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: msn.com\moneycentral TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 FF - ProfilePath - c:\users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\5xwdjfww.New Profile1\ FF - prefs.js: browser.startup.homepage - google.com FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . HKCU-Run-UltimateHistory - c:\users\Mario\AppData\Roaming\8A1713\8A1713.exe HKLM-Run-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe SafeBoot-26095635.sys SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-BitTorrent DNA - c:\program files\DNA\btdna.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-12-16 14:30 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . Completion time: 2012-12-16 14:33:58 ComboFix-quarantined-files.txt 2012-12-16 19:33 . Pre-Run: 505,360,384 bytes free Post-Run: 3,435,683,840 bytes free . - - End Of File - - 31966A1CA52539FB3FE3BC932B10BDF6
  14. 12:39:44.0559 5844 [ EC9759527C5CF7737CEE852F02E7B44F ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll 12:39:44.0559 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll - ok 12:39:44.0574 5844 [ D044057F830E44F2761EB6EAD555D6F3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll 12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll - ok 12:39:44.0574 5844 [ 175A9C7F4695C289A719EBE73DACE28D ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll 12:39:44.0574 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll - ok 12:39:44.0590 5844 [ 6CF6E9A539CBB5D855FFA7C5B057B4A2 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll 12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll - ok 12:39:44.0590 5844 [ C39654B3BFFABC6B60D1BE622C2DF891 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll 12:39:44.0590 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll - ok 12:39:44.0606 5844 [ B2FFF046E2FCBF005235840A056A3560 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll 12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll - ok 12:39:44.0606 5844 [ 22439D1A72ED0293CD4ED6C4D8B0D7FD ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll 12:39:44.0606 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll - ok 12:39:44.0621 5844 [ 0ACC49E7FE0EBF8D0886B6E435F51E45 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll 12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll - ok 12:39:44.0621 5844 [ 9B00BCEAC0FC22E1ED9EADF14EF070F9 ] C:\Program Files\Common Files\Symantec Shared\ccScan.dll 12:39:44.0621 5844 C:\Program Files\Common Files\Symantec Shared\ccScan.dll - ok 12:39:44.0637 5844 [ 25D7A040A493AB91052F9170D4DB80D4 ] C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL 12:39:44.0637 5844 C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL - ok 12:39:44.0637 5844 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe 12:39:44.0637 5844 C:\Windows\System32\ie4uinit.exe - ok 12:39:44.0652 5844 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll 12:39:44.0652 5844 C:\Windows\System32\iedkcs32.dll - ok 12:39:44.0652 5844 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl 12:39:44.0652 5844 C:\Windows\System32\timedate.cpl - ok 12:39:44.0668 5844 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll 12:39:44.0668 5844 C:\Windows\System32\actxprxy.dll - ok 12:39:44.0668 5844 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll 12:39:44.0668 5844 C:\Windows\System32\msshsq.dll - ok 12:39:44.0668 5844 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\99924713.sys 12:39:44.0668 5844 C:\Windows\System32\drivers\99924713.sys - ok 12:39:44.0684 5844 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll 12:39:44.0699 5844 C:\Windows\System32\NaturalLanguage6.dll - ok 12:39:44.0699 5844 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll 12:39:44.0699 5844 C:\Windows\System32\NlsData0009.dll - ok 12:39:44.0715 5844 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll 12:39:44.0715 5844 C:\Windows\System32\NlsLexicons0009.dll - ok 12:39:44.0715 5844 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll 12:39:44.0715 5844 C:\Windows\System32\linkinfo.dll - ok 12:39:44.0730 5844 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll 12:39:44.0730 5844 C:\Windows\System32\riched20.dll - ok 12:39:44.0730 5844 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll 12:39:44.0730 5844 C:\Windows\System32\networkexplorer.dll - ok 12:39:44.0746 5844 [ 8B407DA061D8E81974F8D071BE02D78A ] F:\Program Files\iTunes\iTunes.exe 12:39:44.0746 5844 F:\Program Files\iTunes\iTunes.exe - ok 12:39:44.0746 5844 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll 12:39:44.0746 5844 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok 12:39:44.0762 5844 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll 12:39:44.0762 5844 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok 12:39:44.0762 5844 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe 12:39:44.0762 5844 C:\Program Files\Windows Defender\MSASCui.exe - ok 12:39:44.0777 5844 [ D2CA35A3F711E613D9399845CE9302FA ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 12:39:44.0777 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok 12:39:44.0777 5844 [ 59A7A606B158D4B9A2F966FA179ED0C4 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL 12:39:44.0777 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\CCERASER.DLL - ok 12:39:44.0824 5844 [ 85B8B4032A895A746D46A288A9B30DED ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS 12:39:44.0824 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\EECTRL.SYS - ok 12:39:44.0840 5844 [ FF3BF05021BFECC92DB81B8257EEB026 ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe 12:39:44.0840 5844 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok 12:39:44.0840 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Symantec AntiVirus\DefUtDCD.dll 12:39:44.0840 5844 C:\Program Files\Symantec AntiVirus\DefUtDCD.dll - ok 12:39:44.0855 5844 [ 9EC8510AB428F079BFCC96A7B2F8709C ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL 12:39:44.0855 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\ECMSVR32.DLL - ok 12:39:44.0855 5844 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll 12:39:44.0855 5844 C:\Windows\System32\ExplorerFrame.dll - ok 12:39:44.0871 5844 [ BF67A8F7CC0E83D226FED8B4E27F8C33 ] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe 12:39:44.0871 5844 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe - ok 12:39:44.0871 5844 [ 69F88751C739AE79908B5BFCE8D9915B ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL 12:39:44.0871 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVEX32A.DLL - ok 12:39:44.0886 5844 [ C84A5C60883395B875F01140F48BB887 ] C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL 12:39:44.0886 5844 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121212.006\NAVENG32.DLL - ok 12:39:44.0886 5844 [ 9ABF687071C649609BF7E177062A9008 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe 12:39:44.0886 5844 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok 12:39:44.0902 5844 [ 7AFDC3C713253451CD1F3C809903018B ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe 12:39:44.0902 5844 C:\Program Files\Common Files\Symantec Shared\ccApp.exe - ok 12:39:44.0902 5844 [ 62F305095A75FB319D1D91DA9D4083E6 ] C:\Program Files\Symantec AntiVirus\VPTray.exe 12:39:44.0902 5844 C:\Program Files\Symantec AntiVirus\VPTray.exe - ok 12:39:44.0902 5844 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe 12:39:44.0902 5844 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok 12:39:44.0918 5844 [ 00D1FB0073B4A8BD2989EA8FF4CC792B ] C:\Program Files\Dell Support Center\bin\sprtcmd.exe 12:39:44.0918 5844 C:\Program Files\Dell Support Center\bin\sprtcmd.exe - ok 12:39:44.0918 5844 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe 12:39:44.0918 5844 C:\Windows\System32\control.exe - ok 12:39:44.0933 5844 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll 12:39:44.0933 5844 C:\Windows\System32\thumbcache.dll - ok 12:39:44.0933 5844 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll 12:39:44.0933 5844 C:\Windows\System32\stobject.dll - ok 12:39:44.0949 5844 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll 12:39:44.0949 5844 C:\Windows\System32\batmeter.dll - ok 12:39:44.0949 5844 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll 12:39:44.0949 5844 C:\Windows\System32\SndVolSSO.dll - ok 12:39:44.0949 5844 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll 12:39:44.0949 5844 C:\Windows\System32\netshell.dll - ok 12:39:44.0964 5844 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll 12:39:44.0964 5844 C:\Windows\System32\pnidui.dll - ok 12:39:44.0964 5844 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll 12:39:44.0964 5844 C:\Windows\System32\wlanutil.dll - ok 12:39:44.0980 5844 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll 12:39:44.0980 5844 C:\Windows\System32\rasdlg.dll - ok 12:39:44.0980 5844 [ 398A8EC90F058C61F6DDC0E5440A8F27 ] C:\Program Files\Stardock\Fences\FencesMenu.dll 12:39:44.0980 5844 C:\Program Files\Stardock\Fences\FencesMenu.dll - ok 12:39:44.0996 5844 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll 12:39:44.0996 5844 C:\Windows\System32\wlanapi.dll - ok 12:39:44.0996 5844 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll 12:39:44.0996 5844 C:\Windows\System32\onex.dll - ok 12:39:44.0996 5844 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll 12:39:44.0996 5844 C:\Windows\System32\eappprxy.dll - ok 12:39:45.0011 5844 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll 12:39:45.0011 5844 C:\Windows\System32\eappcfg.dll - ok 12:39:45.0011 5844 [ 0BE08F4B69EF75C6EEE4330C4F389614 ] C:\Program Files\Stardock\Fences\DesktopDock.dll 12:39:45.0011 5844 C:\Program Files\Stardock\Fences\DesktopDock.dll - ok 12:39:45.0011 5844 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll 12:39:45.0011 5844 C:\Windows\System32\AltTab.dll - ok 12:39:45.0027 5844 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll 12:39:45.0027 5844 C:\Windows\System32\WPDShServiceObj.dll - ok 12:39:45.0042 5844 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll 12:39:45.0042 5844 C:\Windows\System32\PortableDeviceTypes.dll - ok 12:39:45.0058 5844 [ 9E6DC845DED46CCBE085DD24503750C0 ] C:\Program Files\Stardock\Fences\Fences.exe 12:39:45.0058 5844 C:\Program Files\Stardock\Fences\Fences.exe - ok 12:39:45.0058 5844 [ 7855EA6ACBAD155EFFE6F0BA94790F50 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll 12:39:45.0058 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok 12:39:45.0074 5844 [ 733DA847D5C3E32C40BA831BEAA8DC93 ] C:\Windows\sttray.exe 12:39:45.0074 5844 C:\Windows\sttray.exe - ok 12:39:45.0074 5844 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE 12:39:45.0074 5844 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok 12:39:45.0089 5844 [ 76FF9F849B0B56A73082DA8294821460 ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll 12:39:45.0089 5844 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok 12:39:45.0089 5844 [ C1873D880786B6B03AF781E23835D925 ] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe 12:39:45.0089 5844 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe - ok 12:39:45.0105 5844 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 12:39:45.0105 5844 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok 12:39:45.0105 5844 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe 12:39:45.0105 5844 C:\Program Files\Microsoft Works\MSWorks.exe - ok 12:39:45.0120 5844 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe 12:39:45.0120 5844 C:\Program Files\Microsoft Works\wksdb.exe - ok 12:39:45.0120 5844 [ 42CDFB2273EEC623B903C311B19FB484 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe 12:39:45.0120 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok 12:39:45.0136 5844 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe 12:39:45.0136 5844 C:\Program Files\Windows Calendar\WinCal.exe - ok 12:39:45.0136 5844 [ F7DD2D785280DB73DC9060F80361BEFB ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe 12:39:45.0136 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok 12:39:45.0152 5844 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe 12:39:45.0152 5844 C:\Program Files\Windows Mail\wab.exe - ok 12:39:45.0152 5844 [ 73430E79D6DF4DE9055E2A7742B881D3 ] C:\Program Files\QuickTime\QTTask.exe 12:39:45.0152 5844 C:\Program Files\QuickTime\QTTask.exe - ok 12:39:45.0152 5844 [ 1DA3649A396560D207489150F4FA25DF ] C:\Program Files\Common Files\Symantec Shared\ccProd.dll 12:39:45.0152 5844 C:\Program Files\Common Files\Symantec Shared\ccProd.dll - ok 12:39:45.0167 5844 [ D743372A621ED03A274539A88EEB3450 ] F:\Program Files\iTunes\iTunesHelper.exe 12:39:45.0167 5844 F:\Program Files\iTunes\iTunesHelper.exe - ok 12:39:45.0167 5844 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe 12:39:45.0167 5844 C:\Program Files\Windows Collaboration\WinCollab.exe - ok 12:39:45.0183 5844 [ 392845E8D49B5F0E81AAC4D795000A8C ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe 12:39:45.0183 5844 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok 12:39:45.0183 5844 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe 12:39:45.0183 5844 C:\Program Files\Movie Maker\MOVIEMK.exe - ok 12:39:45.0183 5844 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe 12:39:45.0183 5844 C:\Program Files\DivX\DivX Update\DivXUpdate.exe - ok 12:39:45.0198 5844 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe 12:39:45.0198 5844 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok 12:39:45.0198 5844 [ C10997CADE9231395002707B8FB23AF4 ] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe 12:39:45.0198 5844 C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe - ok 12:39:45.0214 5844 [ E3A9BCC3BAF5909361963AF8D49E1EC9 ] C:\Program Files\PC Tools Registry Mechanic\Alert.exe 12:39:45.0214 5844 C:\Program Files\PC Tools Registry Mechanic\Alert.exe - ok 12:39:45.0214 5844 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe 12:39:45.0214 5844 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok 12:39:45.0230 5844 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe 12:39:45.0230 5844 C:\Windows\System32\wuapp.exe - ok 12:39:45.0230 5844 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe 12:39:45.0230 5844 C:\Program Files\Windows Sidebar\sidebar.exe - ok 12:39:45.0245 5844 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe 12:39:45.0245 5844 C:\Windows\System32\verclsid.exe - ok 12:39:45.0245 5844 [ 7001ED498AFE9921DB7231878DE1CE12 ] F:\Program Files\iTunes\iTunesHelper.dll 12:39:45.0245 5844 F:\Program Files\iTunes\iTunesHelper.dll - ok 12:39:45.0261 5844 [ 9C94183A22256C35B025A900AF4B5372 ] F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll 12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok 12:39:45.0261 5844 [ 3AF147EDC68CB34CB91B606DB6304F11 ] F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll 12:39:45.0261 5844 F:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok 12:39:45.0276 5844 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll 12:39:45.0276 5844 C:\Windows\System32\dciman32.dll - ok 12:39:45.0276 5844 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll 12:39:45.0276 5844 C:\Windows\System32\ntshrui.dll - ok 12:39:45.0292 5844 [ D7675F963BE522060140ECD15607BCB8 ] C:\Windows\System32\DLAAPI_W.DLL 12:39:45.0292 5844 C:\Windows\System32\DLAAPI_W.DLL - ok 12:39:45.0292 5844 [ D299BE72FB0554016F69C3CF04274D7C ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL 12:39:45.0292 5844 C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok 12:39:45.0292 5844 [ B1CD1BCD8DB4351FDB026EC750F1F806 ] C:\Program Files\WinZip\WINZIP32.EXE 12:39:45.0292 5844 C:\Program Files\WinZip\WINZIP32.EXE - ok 12:39:45.0308 5844 [ CC4413981C4F1234E6E884DFF8B99C03 ] C:\Program Files\DellSupport\DSAgnt.exe 12:39:45.0308 5844 C:\Program Files\DellSupport\DSAgnt.exe - ok 12:39:45.0323 5844 [ 7F317D4826FDA6682B63942D248AF96E ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll 12:39:45.0323 5844 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok 12:39:45.0339 5844 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll 12:39:45.0339 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok 12:39:45.0339 5844 [ 5A8EE90789295C5A6A867580FB4D955E ] C:\Program Files\WinZip\WZ32.DLL 12:39:45.0339 5844 C:\Program Files\WinZip\WZ32.DLL - ok 12:39:45.0354 5844 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe 12:39:45.0354 5844 C:\Users\Mario\AppData\Local\Google\Update\GoogleUpdate.exe - ok 12:39:45.0354 5844 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe 12:39:45.0354 5844 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok 12:39:45.0354 5844 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862 ] C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll 12:39:45.0354 5844 C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll - ok 12:39:45.0370 5844 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll 12:39:45.0370 5844 C:\Windows\System32\ddraw.dll - ok 12:39:45.0370 5844 [ 21C0D7CF8FF91A6ED206CD327FA1CE4B ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll 12:39:45.0370 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok 12:39:45.0386 5844 [ ED3F7B4548A13561278BF6018D1364A0 ] C:\Windows\System32\stlang.dll 12:39:45.0386 5844 C:\Windows\System32\stlang.dll - ok 12:39:45.0386 5844 [ 894AC58BD04D4CFEFB92E458EBEB99F7 ] C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll 12:39:45.0386 5844 C:\Program Files\Stardock\Fences\VistaBridgeLibrary.dll - ok 12:39:45.0401 5844 [ 3EDD138C17FAB3703DE80A8F9B70C00E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe 12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Fences\7986e4f0d8fd3a3fe572131f9027566a\Fences.ni.exe - ok 12:39:45.0401 5844 [ 9BF6EFFF98EB48F96AE02F3E1EF4AAD3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll 12:39:45.0401 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll - ok 12:39:45.0417 5844 [ 358025079D90D14C518FD6AF71DF59AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll 12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\69b17f1655da13d2cf4b8ca6e54e47d3\VistaBridgeLibrary.ni.dll - ok 12:39:45.0417 5844 [ C2CA4CB1650AE3DEF41C948FF9D37B86 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll 12:39:45.0417 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll - ok 12:39:45.0417 5844 [ 530ED4B00397C2E65DDFDDFAC60744D2 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll 12:39:45.0417 5844 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok 12:39:45.0432 5844 [ 22BFD03DF51065A9ED8D17F8FB72296B ] C:\Windows\System32\ctfmon.exe 12:39:45.0432 5844 C:\Windows\System32\ctfmon.exe - ok 12:39:45.0432 5844 [ 6912D02CC912B980C8C12F9CDADB8763 ] C:\Program Files\Evernote\Evernote\EvernoteClipper.exe 12:39:45.0432 5844 C:\Program Files\Evernote\Evernote\EvernoteClipper.exe - ok 12:39:45.0448 5844 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll 12:39:45.0448 5844 C:\Windows\System32\wpdshext.dll - ok 12:39:45.0448 5844 [ 8AC44F0E443974442B574E1DE77C8877 ] C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe 12:39:45.0448 5844 C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe - ok 12:39:45.0448 5844 [ 8FB193CA7E2E6617913A45E783712F6D ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll 12:39:45.0448 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok 12:39:45.0464 5844 [ F7950E8FBB9B26E1A347F00E11EA42B5 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll 12:39:45.0464 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok 12:39:45.0464 5844 [ 33642C17C232AA272C68E446A2619899 ] C:\Program Files\iPod\bin\iPodService.exe 12:39:45.0464 5844 C:\Program Files\iPod\bin\iPodService.exe - ok 12:39:45.0479 5844 [ C4B5D43704B407C9B0D19AB19BB5303D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll 12:39:45.0479 5844 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok 12:39:45.0495 5844 [ 2C542B82121066EA97B864F0F02A035C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll 12:39:45.0495 5844 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok 12:39:45.0495 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll 12:39:45.0495 5844 C:\Program Files\CyberLink\PowerDVD DX\MFC71.dll - ok 12:39:45.0526 5844 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll 12:39:45.0526 5844 C:\Windows\System32\olepro32.dll - ok 12:39:45.0526 5844 [ 9490ABBFEF7A38AADE248D73A83ECD2A ] C:\Program Files\Cisco Systems\VPN Client\vpngui.exe 12:39:45.0526 5844 C:\Program Files\Cisco Systems\VPN Client\vpngui.exe - ok 12:39:45.0526 5844 [ 3CC2A27927FE746D5946599821C5F8B7 ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe 12:39:45.0526 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe - ok 12:39:45.0542 5844 [ 38A06338E10BC8C636FC20E8ADFE6BCA ] C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll 12:39:45.0542 5844 C:\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll - ok 12:39:45.0542 5844 [ FE56C0DA05F4C3B8BEAB297C486FF737 ] C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll 12:39:45.0542 5844 C:\Program Files\Cisco Systems\VPN Client\qt-mt335.dll - ok 12:39:45.0557 5844 [ 7145783529EC02A6B78F851EF97A12FE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe 12:39:45.0557 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe - ok 12:39:45.0557 5844 [ 9138E5C7FB95A70030324EDB430BF4B3 ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe 12:39:45.0557 5844 C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok 12:39:45.0573 5844 [ 416ACCE24888703A2ECCB5DE31B51CF7 ] C:\Program Files\Common Files\Symantec Shared\ccAlert.dll 12:39:45.0573 5844 C:\Program Files\Common Files\Symantec Shared\ccAlert.dll - ok 12:39:45.0573 5844 [ 4D7603D34FAD7C1226B7C2302556584A ] C:\Program Files\Symantec AntiVirus\Cliproxy.dll 12:39:45.0573 5844 C:\Program Files\Symantec AntiVirus\Cliproxy.dll - ok 12:39:45.0588 5844 [ 059A79C3ECB5133247F671A6CAB84FBA ] C:\Program Files\Evernote\Evernote\encrashrep.dll 12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\encrashrep.dll - ok 12:39:45.0588 5844 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files\Evernote\Evernote\libxml2.dll 12:39:45.0588 5844 C:\Program Files\Evernote\Evernote\libxml2.dll - ok 12:39:45.0604 5844 [ 7F3602ED34BE9131D7088EB37B62AA08 ] C:\Program Files\Evernote\Evernote\libpcre.dll 12:39:45.0604 5844 C:\Program Files\Evernote\Evernote\libpcre.dll - ok 12:39:45.0604 5844 [ ADC90EBBE2823C23A0406ACD3D6E9312 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL 12:39:45.0604 5844 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok 12:39:45.0620 5844 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files\Evernote\Evernote\libtidy.dll 12:39:45.0620 5844 C:\Program Files\Evernote\Evernote\libtidy.dll - ok 12:39:45.0620 5844 [ 76543EEBCC6DC4D0063BE2C75CE86733 ] C:\Windows\System32\icacls.exe 12:39:45.0620 5844 C:\Windows\System32\icacls.exe - ok 12:39:45.0620 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll 12:39:45.0620 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcr71.dll - ok 12:39:45.0635 5844 [ 034D3C1185B789B4B8F13C259BAC2C6E ] C:\Windows\System32\tracerpt.exe 12:39:45.0635 5844 C:\Windows\System32\tracerpt.exe - ok 12:39:45.0635 5844 [ E8A91A9F78F69E17B52C0F732CF87941 ] C:\Program Files\Symantec AntiVirus\DoScan.exe 12:39:45.0635 5844 C:\Program Files\Symantec AntiVirus\DoScan.exe - ok 12:39:45.0651 5844 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll 12:39:45.0651 5844 C:\Windows\System32\mfc42u.dll - ok 12:39:45.0651 5844 [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll 12:39:45.0651 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok 12:39:45.0666 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll 12:39:45.0666 5844 C:\Program Files\CyberLink\PowerDVD DX\msvcp71.dll - ok 12:39:45.0666 5844 [ D87F1FD34AF36E24C4C37C8CFCA9FE80 ] C:\Program Files\DellSupport\gtagnt.dll 12:39:45.0666 5844 C:\Program Files\DellSupport\gtagnt.dll - ok 12:39:45.0682 5844 [ B7D321DB3D2F223FF5010D491AB6BD4B ] C:\Program Files\DellSupport\cfgdata.dll 12:39:45.0682 5844 C:\Program Files\DellSupport\cfgdata.dll - ok 12:39:45.0682 5844 [ 57602070F70951FA322F54B6574928E9 ] C:\Windows\System32\net.exe 12:39:45.0682 5844 C:\Windows\System32\net.exe - ok 12:39:45.0682 5844 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll 12:39:45.0682 5844 C:\Windows\System32\pdh.dll - ok 12:39:45.0698 5844 [ DF1F51D2938A403BFE671B13A12FA434 ] C:\Windows\System32\vdmdbg.dll 12:39:45.0713 5844 C:\Windows\System32\vdmdbg.dll - ok 12:39:45.0729 5844 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll 12:39:45.0729 5844 C:\Windows\System32\wbem\wmiprov.dll - ok 12:39:45.0729 5844 [ 4235107CAA0BCE7E872C4355329FC06E ] C:\Program Files\DellSupport\actmgr.dll 12:39:45.0729 5844 C:\Program Files\DellSupport\actmgr.dll - ok 12:39:45.0729 5844 [ 6B2574E3DC0FD35AB79676A36ED27F74 ] C:\Program Files\Symantec AntiVirus\SavUI.exe 12:39:45.0729 5844 C:\Program Files\Symantec AntiVirus\SavUI.exe - ok 12:39:45.0744 5844 [ 89D91075333013FF359213028787D4EE ] C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll 12:39:45.0744 5844 C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll - ok 12:39:45.0744 5844 [ 0486B27A7A31EDFA9F92A7F6BBC964E5 ] C:\Windows\System32\stapi32.dll 12:39:45.0744 5844 C:\Windows\System32\stapi32.dll - ok 12:39:45.0760 5844 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll 12:39:45.0760 5844 C:\Program Files\Windows Media Player\wmpnssci.dll - ok 12:39:45.0760 5844 [ 205A365BD0D26637189AF931DC37B79A ] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll 12:39:45.0760 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\ccEmlPxy.dll - ok 12:39:45.0760 5844 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll 12:39:45.0760 5844 C:\Windows\System32\wmpmde.dll - ok 12:39:45.0776 5844 [ BA812B7A161385730E44450FBA07316F ] C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll 12:39:45.0776 5844 C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll - ok 12:39:45.0791 5844 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll 12:39:45.0791 5844 C:\Windows\System32\mf.dll - ok 12:39:45.0791 5844 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll 12:39:45.0791 5844 C:\Windows\System32\evr.dll - ok 12:39:45.0791 5844 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll 12:39:45.0791 5844 C:\Windows\System32\ntlanman.dll - ok 12:39:45.0807 5844 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll 12:39:45.0807 5844 C:\Windows\System32\drprov.dll - ok 12:39:45.0807 5844 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll 12:39:45.0807 5844 C:\Windows\System32\wmdrmsdk.dll - ok 12:39:45.0822 5844 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll 12:39:45.0822 5844 C:\Windows\System32\davclnt.dll - ok 12:39:45.0822 5844 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll 12:39:45.0822 5844 C:\Windows\System32\dxva2.dll - ok 12:39:45.0822 5844 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll 12:39:45.0822 5844 C:\Windows\System32\wmp.dll - ok 12:39:45.0838 5844 [ 38000D312118CD654A569FFF93A91442 ] C:\Program Files\Symantec AntiVirus\SAVCProd.dll 12:39:45.0838 5844 C:\Program Files\Symantec AntiVirus\SAVCProd.dll - ok 12:39:45.0838 5844 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll 12:39:45.0838 5844 C:\Windows\System32\srchadmin.dll - ok 12:39:45.0854 5844 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll 12:39:45.0854 5844 C:\Windows\System32\webcheck.dll - ok 12:39:45.0854 5844 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll 12:39:45.0854 5844 C:\Windows\System32\mlang.dll - ok 12:39:45.0869 5844 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll 12:39:45.0869 5844 C:\Windows\System32\SyncCenter.dll - ok 12:39:45.0869 5844 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll 12:39:45.0869 5844 C:\Windows\System32\wscntfy.dll - ok 12:39:45.0869 5844 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys 12:39:45.0869 5844 C:\Windows\System32\drivers\cdfs.sys - ok 12:39:45.0885 5844 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll 12:39:45.0885 5844 C:\Windows\System32\imapi2.dll - ok 12:39:45.0885 5844 [ 1409EB2C3CB92D612E124D52ED766359 ] C:\Program Files\Dell Support Center\bin\sprtmessage.dll 12:39:45.0885 5844 C:\Program Files\Dell Support Center\bin\sprtmessage.dll - ok 12:39:45.0900 5844 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl 12:39:45.0900 5844 C:\Windows\System32\bthprops.cpl - ok 12:39:45.0900 5844 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll 12:39:45.0900 5844 C:\Windows\System32\msvfw32.dll - ok 12:39:45.0900 5844 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL 12:39:45.0900 5844 C:\Windows\System32\wmploc.DLL - ok 12:39:45.0916 5844 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll 12:39:45.0916 5844 C:\Windows\System32\wmpps.dll - ok 12:39:45.0916 5844 [ A7C5909466BE1F685596AE0AE9939A2C ] C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll 12:39:45.0916 5844 C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll - ok 12:39:45.0916 5844 [ 3CC5076730CF551242EB8182998A4E85 ] C:\Program Files\Common Files\Symantec Shared\SymRedir.dll 12:39:45.0916 5844 C:\Program Files\Common Files\Symantec Shared\SymRedir.dll - ok 12:39:45.0932 5844 [ 10685A9A922E971B2B4D811A374A01E1 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll 12:39:45.0932 5844 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok 12:39:45.0932 5844 [ 7F4011A719BF30E3DBD84D3A0A45C91C ] C:\Windows\System32\drivers\symredrv.sys 12:39:45.0932 5844 C:\Windows\System32\drivers\symredrv.sys - ok 12:39:45.0947 5844 [ 00FF924142D90A147BCEE8975E39D9C0 ] C:\Program Files\Symantec AntiVirus\SavEmail.dll 12:39:45.0947 5844 C:\Program Files\Symantec AntiVirus\SavEmail.dll - ok 12:39:45.0947 5844 [ BF0CFC7156E22D24184CC53BC5A8A50A ] C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll 12:39:45.0947 5844 C:\Program Files\CyberLink\PowerDVD DX\Kernel\common\CLRCEngine3.dll - ok 12:39:45.0963 5844 [ 0547AF400AE6B4F8646148739E0F24FA ] C:\Program Files\Dell Support Center\bin\sprtevent.dll 12:39:45.0963 5844 C:\Program Files\Dell Support Center\bin\sprtevent.dll - ok 12:39:45.0963 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll 12:39:45.0963 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok 12:39:45.0978 5844 [ A395ABC175604A4F863A0ECF9EE794CA ] C:\Program Files\Dell Support Center\bin\sprtui.dll 12:39:45.0978 5844 C:\Program Files\Dell Support Center\bin\sprtui.dll - ok 12:39:45.0978 5844 [ 7AC23E98BEC7A2E9C9F5754506C50C14 ] C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll 12:39:45.0978 5844 C:\Windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll - ok 12:39:45.0994 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe 12:39:45.0994 5844 C:\Users\Mario\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok 12:39:45.0994 5844 [ 2EA4F4471281EF0E7295D12253F01DF3 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll 12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\brkrsvch.dll - ok 12:39:45.0994 5844 [ 896F1DAE48558CE96AF012C7E594CCC6 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll 12:39:45.0994 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\grouph.dll - ok 12:39:46.0010 5844 [ D2C8BE14BCC8A49F9411557DB6028CAB ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll 12:39:46.0010 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\pnph.dll - ok 12:39:46.0010 5844 [ F08F525453D3AD31EC20AF779AE27040 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll 12:39:46.0010 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll - ok 12:39:46.0025 5844 [ A8A5453F6DAA4BCACD02FBF2EF3F7C1F ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll 12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\qdiagh.dll - ok 12:39:46.0025 5844 [ 755AD13D0042329925E2FAF3D070326D ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll 12:39:46.0025 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgloadh.dll - ok 12:39:46.0041 5844 [ 6472D141970830F856778DE71EB93319 ] C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll 12:39:46.0041 5844 C:\PROGRA~1\DELLSU~1\GTAction\handlers\trgregh.dll - ok 12:39:46.0041 5844 [ 7D1913E59C79AB565A73020F8BD13B40 ] C:\Program Files\DellSupport\trgmgr.dll 12:39:46.0041 5844 C:\Program Files\DellSupport\trgmgr.dll - ok 12:39:46.0041 5844 [ 7C5393905B52C3DC56A810C823DA4211 ] C:\Program Files\DellSupport\qdiagd.ocx 12:39:46.0041 5844 C:\Program Files\DellSupport\qdiagd.ocx - ok 12:39:46.0056 5844 [ 8F4757511BA745A81378CB93EB6C430D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll 12:39:46.0056 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll - ok 12:39:46.0056 5844 [ 1BBC044533A77BE2519497966354B763 ] C:\Program Files\DellSupport\gdql_d.dll 12:39:46.0056 5844 C:\Program Files\DellSupport\gdql_d.dll - ok 12:39:46.0072 5844 [ 995A1C3E7B9B5E2AA4568B667627B4AE ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll 12:39:46.0072 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a92b3267\System.Windows.Forms.dll - ok 12:39:46.0072 5844 [ A03D9D6408A723F264F1FB77298EC63B ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll 12:39:46.0072 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll - ok 12:39:46.0088 5844 [ 65062D18283065799715EA6001C07709 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll 12:39:46.0088 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll - ok 12:39:46.0088 5844 [ E75963624A3F55C90AC8A7C2E65072FF ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll 12:39:46.0088 5844 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok 12:39:46.0103 5844 [ 6E787792EDD9039B02D8244C02E57DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll 12:39:46.0103 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\d1cdb687ca296d0e95ff3abe946cb3c7\Microsoft.VisualBasic.ni.dll - ok 12:39:46.0103 5844 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll 12:39:46.0103 5844 C:\Windows\System32\mshtml.dll - ok 12:39:46.0103 5844 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll 12:39:46.0103 5844 C:\Windows\System32\msimtf.dll - ok 12:39:46.0119 5844 [ 02EF2C66653D28D964B03EF44A942BF0 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll 12:39:46.0119 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\timert.dll - ok 12:39:46.0119 5844 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll 12:39:46.0119 5844 C:\Windows\System32\avicap32.dll - ok 12:39:46.0119 5844 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll 12:39:46.0119 5844 C:\Windows\System32\jscript9.dll - ok 12:39:46.0134 5844 [ 96BA82BF1F1968E44FE80E5B6DE21E13 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll 12:39:46.0134 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\regt.dll - ok 12:39:46.0134 5844 [ 8992F45DED6B63B919BDEB6D270FF9C8 ] C:\Windows\System32\wshom.ocx 12:39:46.0134 5844 C:\Windows\System32\wshom.ocx - ok 12:39:46.0134 5844 [ 3DB1530CDD7AEF2BCFA6FB77D097CDDA ] C:\Windows\System32\scrrun.dll 12:39:46.0134 5844 C:\Windows\System32\scrrun.dll - ok 12:39:46.0150 5844 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll 12:39:46.0150 5844 C:\Windows\System32\d2d1.dll - ok 12:39:46.0150 5844 [ 7BC0410ADF51083C2694AC19FF3C6847 ] C:\Program Files\Windows Defender\MpRtMon.dll 12:39:46.0150 5844 C:\Program Files\Windows Defender\MpRtMon.dll - ok 12:39:46.0166 5844 [ 01B46BEECE252636A678E9312E6031FD ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll 12:39:46.0166 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll - ok 12:39:46.0166 5844 [ A61ACA63218EB5C9439CE06E30021B6C ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll 12:39:46.0166 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll - ok 12:39:46.0181 5844 [ 5FB486DB877DFBB52828D77F110EBA9D ] C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll 12:39:46.0181 5844 C:\Program Files\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll - ok 12:39:46.0181 5844 [ BD7A81CFBA3ACFB5D82D180F6AD8635B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll 12:39:46.0181 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ee724aeea5f1b9d8a01fa6047fd2ef99\System.Data.ni.dll - ok 12:39:46.0197 5844 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll 12:39:46.0197 5844 C:\Windows\System32\DWrite.dll - ok 12:39:46.0197 5844 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll 12:39:46.0197 5844 C:\Windows\System32\msftedit.dll - ok 12:39:46.0197 5844 [ EE8E76761A4AEE5685D92A770A3B4B1F ] C:\Program Files\Dell Support Center\gs_agent\dsc.exe 12:39:46.0197 5844 C:\Program Files\Dell Support Center\gs_agent\dsc.exe - ok 12:39:46.0212 5844 [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll 12:39:46.0212 5844 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok 12:39:46.0212 5844 [ 215AA9D65DABCF3CFB149B8D60F40346 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll 12:39:46.0212 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\d08cb6b1c4052e6f5a4e2452870d67d7\System.Management.ni.dll - ok 12:39:46.0228 5844 [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll 12:39:46.0228 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok 12:39:46.0228 5844 [ 448452164AF599409FFB40139873E5F9 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll 12:39:46.0228 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSproct.dll - ok 12:39:46.0244 5844 [ 413F2D5F9D802688242C23B38F767ECB ] C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys 12:39:46.0244 5844 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - ok 12:39:46.0244 5844 [ 3D293E0DFDFD4C17AB7E5D4E6065C0E7 ] C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll 12:39:46.0244 5844 C:\PROGRA~1\DELLSU~1\GTAction\triggers\DSWnHnt.dll - ok 12:39:46.0259 5844 [ 4A2A016491F169B5EC954D948565E251 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll 12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll - ok 12:39:46.0259 5844 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll 12:39:46.0259 5844 C:\Windows\System32\d3d10_1.dll - ok 12:39:46.0259 5844 [ B496B5322FC36979DDCA98B2BF43B150 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll 12:39:46.0259 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll - ok 12:39:46.0275 5844 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll 12:39:46.0275 5844 C:\Windows\System32\d3d10_1core.dll - ok 12:39:46.0275 5844 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll 12:39:46.0275 5844 C:\Windows\System32\d3d10warp.dll - ok 12:39:46.0290 5844 [ A5D073E47008E57CAE3BF51838DA0F93 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll 12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll - ok 12:39:46.0290 5844 [ F3455E60B905D95D22F7AB8A6B49ACCE ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll 12:39:46.0290 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll - ok 12:39:46.0306 5844 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll 12:39:46.0306 5844 C:\Windows\System32\msls31.dll - ok 12:39:46.0306 5844 [ 16BEF6B679947E4B3C113B3798F746DB ] C:\Program Files\DellSupport\AUInst.dll 12:39:46.0306 5844 C:\Program Files\DellSupport\AUInst.dll - ok 12:39:46.0306 5844 [ 631289583481C45C7342EFD57442B738 ] C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll 12:39:46.0306 5844 C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll - ok 12:39:46.0322 5844 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll 12:39:46.0322 5844 C:\Windows\System32\d3d10.dll - ok 12:39:46.0322 5844 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll 12:39:46.0322 5844 C:\Windows\System32\d3d10core.dll - ok 12:39:46.0337 5844 [ 76A341458F3DCBD0B869690BE8CFA6E3 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll 12:39:46.0337 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.HardDiskBackupProvider.dll - ok 12:39:46.0353 5844 [ 3DF8BDD8A7203239ABABA6241F91B757 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll 12:39:46.0353 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\providers\Tanagra.BMU.Providers.FileCopyBackupProvider.dll - ok 12:39:46.0353 5844 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:39:46.0353 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok 12:39:46.0353 5844 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll 12:39:46.0353 5844 C:\Windows\System32\msvcr100_clr0400.dll - ok 12:39:46.0368 5844 [ D466680EE8965924052C62B39E591155 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll 12:39:46.0368 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Tanagra.Third-party.Security.dll - ok 12:39:46.0368 5844 [ A9154A572DB92D409131B333DAF66C0C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll 12:39:46.0368 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll - ok 12:39:46.0384 5844 [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe 12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok 12:39:46.0384 5844 [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll 12:39:46.0384 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok 12:39:46.0400 5844 [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll 12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok 12:39:46.0400 5844 [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll 12:39:46.0400 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok 12:39:46.0415 5844 [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe 12:39:46.0415 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok 12:39:46.0415 5844 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll 12:39:46.0415 5844 C:\Windows\System32\fdWSD.dll - ok 12:39:46.0415 5844 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe 12:39:46.0415 5844 C:\Windows\System32\SearchProtocolHost.exe - ok 12:39:46.0431 5844 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll 12:39:46.0431 5844 C:\Windows\System32\msshooks.dll - ok 12:39:46.0431 5844 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll 12:39:46.0431 5844 C:\Windows\System32\mssvp.dll - ok 12:39:46.0431 5844 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll 12:39:46.0431 5844 C:\Windows\System32\mapi32.dll - ok 12:39:46.0446 5844 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll 12:39:46.0446 5844 C:\Windows\System32\mssph.dll - ok 12:39:46.0446 5844 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll 12:39:46.0446 5844 C:\Windows\System32\msfeeds.dll - ok 12:39:46.0462 5844 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL 12:39:46.0462 5844 C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL - ok 12:39:46.0462 5844 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe 12:39:46.0462 5844 C:\Windows\System32\SearchFilterHost.exe - ok 12:39:46.0462 5844 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll 12:39:46.0462 5844 C:\Windows\System32\fdSSDP.dll - ok 12:39:46.0478 5844 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe 12:39:46.0478 5844 C:\Windows\System32\mobsync.exe - ok 12:39:46.0478 5844 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll 12:39:46.0478 5844 C:\Windows\System32\fdProxy.dll - ok 12:39:46.0493 5844 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll 12:39:46.0493 5844 C:\Windows\System32\msdtckrm.dll - ok 12:39:46.0493 5844 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll 12:39:46.0493 5844 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok 12:39:46.0493 5844 [ 0629259E3AF6BB0534FCECA208973404 ] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 12:39:46.0493 5844 C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok 12:39:46.0509 5844 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll 12:39:46.0509 5844 C:\Windows\AppPatch\AcGenral.dll - ok 12:39:46.0509 5844 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll 12:39:46.0509 5844 C:\Windows\System32\wuapi.dll - ok 12:39:46.0524 5844 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll 12:39:46.0524 5844 C:\Windows\System32\mspatcha.dll - ok 12:39:46.0524 5844 ============================================================ 12:39:46.0524 5844 Scan finished 12:39:46.0524 5844 ============================================================ 12:39:46.0540 5836 Detected object count: 20 12:39:46.0540 5836 Actual detected object count: 20 12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0509 5836 ADVService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 Bentley SELECT Server Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 CVPNDRVA ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0525 5836 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 pgsql-8.3 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 SRTSPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0540 5836 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0556 5836 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user 12:42:42.0556 5836 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip 12:44:36.0359 2120 Deinitialize success
  15. 12:39:42.0640 5844 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe 12:39:42.0640 5844 C:\Windows\explorer.exe - ok 12:39:42.0640 5844 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll 12:39:42.0640 5844 C:\Windows\System32\localspl.dll - ok 12:39:42.0656 5844 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll 12:39:42.0656 5844 C:\Windows\System32\sfc.dll - ok 12:39:42.0656 5844 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll 12:39:42.0656 5844 C:\Windows\System32\TSChannel.dll - ok 12:39:42.0656 5844 [ 22DC912B075F4D335EEF042F50FE4855 ] C:\Windows\System32\AdobePDF.dll 12:39:42.0656 5844 C:\Windows\System32\AdobePDF.dll - ok 12:39:42.0671 5844 [ 9CBE089DAD91F83843CFCA7E019927EF ] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll 12:39:42.0671 5844 C:\Program Files\Adobe\Acrobat 8.0\Acrobat\adistres.dll - ok 12:39:42.0671 5844 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe 12:39:42.0671 5844 C:\Program Files\Google\Update\GoogleUpdate.exe - ok 12:39:42.0687 5844 [ 322FD75A97DBA67FC8F97A9957F857F1 ] C:\Windows\System32\mdimon.dll 12:39:42.0687 5844 C:\Windows\System32\mdimon.dll - ok 12:39:42.0687 5844 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll 12:39:42.0687 5844 C:\Windows\System32\shdocvw.dll - ok 12:39:42.0702 5844 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll 12:39:42.0702 5844 C:\Windows\System32\HotStartUserAgent.dll - ok 12:39:42.0702 5844 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll 12:39:42.0702 5844 C:\Windows\System32\mscoree.dll - ok 12:39:42.0718 5844 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 12:39:42.0718 5844 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok 12:39:42.0718 5844 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll 12:39:42.0718 5844 C:\Windows\System32\PlaySndSrv.dll - ok 12:39:42.0718 5844 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll 12:39:42.0718 5844 C:\Windows\System32\MsCtfMonitor.dll - ok 12:39:42.0734 5844 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll 12:39:42.0734 5844 C:\Windows\System32\msi.dll - ok 12:39:42.0734 5844 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll 12:39:42.0734 5844 C:\Windows\System32\browseui.dll - ok 12:39:42.0749 5844 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll 12:39:42.0749 5844 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok 12:39:42.0749 5844 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll 12:39:42.0749 5844 C:\Windows\System32\msutb.dll - ok 12:39:42.0749 5844 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll 12:39:42.0749 5844 C:\Windows\System32\TMM.dll - ok 12:39:42.0765 5844 [ F28ADCF2E9B3574F25089A69B03DC756 ] C:\Windows\System32\AcSignIcon.dll 12:39:42.0765 5844 C:\Windows\System32\AcSignIcon.dll - ok 12:39:42.0765 5844 [ 7C87A5FB95777E4132B11FC3D92CAAF5 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll 12:39:42.0765 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll - ok 12:39:42.0780 5844 [ 773E0B3E52D00AAE61AAAD1DD87FEBEF ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll 12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - ok 12:39:42.0780 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll 12:39:42.0780 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll - ok 12:39:42.0780 5844 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll 12:39:42.0780 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok 12:39:42.0796 5844 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll 12:39:42.0796 5844 C:\Windows\System32\d3d9.dll - ok 12:39:42.0796 5844 [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll 12:39:42.0796 5844 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll - ok 12:39:42.0812 5844 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll 12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok 12:39:42.0812 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll 12:39:42.0812 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok 12:39:42.0827 5844 [ D3B05D063A0929BFCA6C6D7FE2F3129C ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll 12:39:42.0827 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - ok 12:39:42.0827 5844 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll 12:39:42.0827 5844 C:\Windows\System32\cscapi.dll - ok 12:39:42.0827 5844 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll 12:39:42.0827 5844 C:\Windows\System32\dwmredir.dll - ok 12:39:42.0843 5844 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll 12:39:42.0843 5844 C:\Windows\System32\milcore.dll - ok 12:39:42.0843 5844 [ 6FE5C4B61EC85D746ADFA9FFF8C2AC58 ] C:\Windows\System32\HPZ3LLHN.DLL 12:39:42.0843 5844 C:\Windows\System32\HPZ3LLHN.DLL - ok 12:39:42.0858 5844 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll 12:39:42.0858 5844 C:\Windows\System32\d3d8thk.dll - ok 12:39:42.0858 5844 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL 12:39:42.0858 5844 C:\Windows\System32\QAGENT.DLL - ok 12:39:42.0858 5844 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL 12:39:42.0858 5844 C:\Windows\System32\QUTIL.DLL - ok 12:39:42.0874 5844 [ AF238673651EFC0226EA74239B502A6F ] C:\Windows\System32\pdf995mon.dll 12:39:42.0874 5844 C:\Windows\System32\pdf995mon.dll - ok 12:39:42.0874 5844 [ 82FC59A500AA685F833E61E3A1BB7DAF ] C:\Windows\System32\nvd3dum.dll 12:39:42.0874 5844 C:\Windows\System32\nvd3dum.dll - ok 12:39:42.0890 5844 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll 12:39:42.0890 5844 C:\Windows\System32\msonpmon.dll - ok 12:39:42.0890 5844 [ 0483F6206AF4D038DC0DA776B1E22070 ] C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll 12:39:42.0890 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b6dfd059\mscorlib.dll - ok 12:39:42.0905 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll 12:39:42.0905 5844 C:\Users\Mario\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok 12:39:42.0905 5844 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll 12:39:42.0905 5844 C:\Windows\System32\tcpmon.dll - ok 12:39:42.0905 5844 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll 12:39:42.0905 5844 C:\Windows\System32\EhStorShell.dll - ok 12:39:42.0921 5844 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll 12:39:42.0921 5844 C:\Windows\System32\snmpapi.dll - ok 12:39:42.0921 5844 [ 91BE165519A0A0523A98B9E1F5031CAC ] C:\Program Files\Google\Drive\googledrivesync32.dll 12:39:42.0921 5844 C:\Program Files\Google\Drive\googledrivesync32.dll - ok 12:39:42.0936 5844 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll 12:39:42.0936 5844 C:\Windows\System32\wsnmp32.dll - ok 12:39:42.0936 5844 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll 12:39:42.0936 5844 C:\Windows\System32\msxml6.dll - ok 12:39:42.0936 5844 [ 515383A387685564CA99542739D48E55 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll 12:39:42.0936 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - ok 12:39:42.0952 5844 [ 0716C52D0A75F8A3CDB120875F523A43 ] C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll 12:39:42.0952 5844 C:\Windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok 12:39:42.0952 5844 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll 12:39:42.0952 5844 C:\Windows\System32\tcpmib.dll - ok 12:39:42.0968 5844 [ 2F1C8714F66F3F0DDCB6D5A16F8CB32E ] C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll 12:39:42.0968 5844 C:\Windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - ok 12:39:42.0968 5844 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll 12:39:42.0968 5844 C:\Windows\System32\mgmtapi.dll - ok 12:39:42.0968 5844 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll 12:39:42.0968 5844 C:\Windows\System32\uDWM.dll - ok 12:39:42.0983 5844 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll 12:39:42.0983 5844 C:\Windows\System32\usbmon.dll - ok 12:39:42.0983 5844 [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll 12:39:42.0983 5844 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok 12:39:42.0999 5844 [ 6DE5C66E434A9C1729575763D891C6C2 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll 12:39:42.0999 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcp90.dll - ok 12:39:42.0999 5844 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll 12:39:42.0999 5844 C:\Windows\System32\WSDMon.dll - ok 12:39:42.0999 5844 [ 5AFAB23E1A41B7B361B9FE20A5AC5C6F ] C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll 12:39:42.0999 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e0084a03\System.dll - ok 12:39:43.0014 5844 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll 12:39:43.0014 5844 C:\Windows\System32\WSDApi.dll - ok 12:39:43.0014 5844 [ D9011D2091C6B037A5075C27A470188C ] C:\Windows\System32\httpapi.dll 12:39:43.0014 5844 C:\Windows\System32\httpapi.dll - ok 12:39:43.0030 5844 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll 12:39:43.0030 5844 C:\Windows\System32\cfgmgr32.dll - ok 12:39:43.0030 5844 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll 12:39:43.0030 5844 C:\Windows\System32\dxgi.dll - ok 12:39:43.0030 5844 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll 12:39:43.0030 5844 C:\Windows\System32\fundisc.dll - ok 12:39:43.0046 5844 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll 12:39:43.0046 5844 C:\Windows\System32\msxml3.dll - ok 12:39:43.0046 5844 [ E7D91D008FE76423962B91C43C88E4EB ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll 12:39:43.0046 5844 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91\msvcr90.dll - ok 12:39:43.0061 5844 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL 12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok 12:39:43.0061 5844 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll 12:39:43.0061 5844 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok 12:39:43.0061 5844 [ EA8647A21BCB56C5F15712D4B7407501 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll 12:39:43.0061 5844 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok 12:39:43.0077 5844 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll 12:39:43.0077 5844 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok 12:39:43.0077 5844 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll 12:39:43.0077 5844 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok 12:39:43.0092 5844 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll 12:39:43.0092 5844 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok 12:39:43.0092 5844 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll 12:39:43.0092 5844 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok 12:39:43.0108 5844 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll 12:39:43.0108 5844 C:\Windows\System32\imageres.dll - ok 12:39:43.0108 5844 [ 28BD81378C1D1B267E66827B628114DD ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll 12:39:43.0108 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - ok 12:39:43.0108 5844 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll 12:39:43.0108 5844 C:\Windows\System32\win32spl.dll - ok 12:39:43.0124 5844 [ 8EF51657459A18090C95C04ACD5D83B2 ] C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll 12:39:43.0124 5844 C:\Windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - ok 12:39:43.0124 5844 [ 33128A1A1E0AB2F17EBD19A03BECE04C ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll 12:39:43.0124 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Common.dll - ok 12:39:43.0139 5844 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe 12:39:43.0139 5844 C:\Program Files\Bonjour\mDNSResponder.exe - ok 12:39:43.0139 5844 [ E4C96FF933C3AFE0C355F0382A99D752 ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll 12:39:43.0139 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.dll - ok 12:39:43.0155 5844 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll 12:39:43.0155 5844 C:\Windows\System32\netrap.dll - ok 12:39:43.0155 5844 [ 7AB63B775A5F61A3E5FF0A84FCBB2025 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll 12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.Database.Shared.dll - ok 12:39:43.0155 5844 [ 1896E7F1F4B41BDD08C6A90058026BBC ] C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll 12:39:43.0155 5844 C:\Program Files\Bentley\SELECTserver\Bentley.SelectServer.Configuration.dll - ok 12:39:43.0170 5844 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll 12:39:43.0170 5844 C:\Windows\System32\printcom.dll - ok 12:39:43.0170 5844 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll 12:39:43.0170 5844 C:\Windows\System32\SensApi.dll - ok 12:39:43.0186 5844 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll 12:39:43.0186 5844 C:\Windows\System32\vssapi.dll - ok 12:39:43.0186 5844 [ A713CA5E01700C06B7E0BB21D57AED9D ] C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll 12:39:43.0186 5844 C:\Program Files\Bentley\SELECTserver\Bentley.logging.log4net.dll - ok 12:39:43.0202 5844 [ F432260E59AAE3284ED7E795264C16D0 ] C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe 12:39:43.0202 5844 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe - ok 12:39:43.0202 5844 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll 12:39:43.0202 5844 C:\Windows\System32\inetpp.dll - ok 12:39:43.0217 5844 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll 12:39:43.0217 5844 C:\Windows\System32\vsstrace.dll - ok 12:39:43.0233 5844 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll 12:39:43.0233 5844 C:\Windows\System32\cryptnet.dll - ok 12:39:43.0233 5844 [ 1A60302F6153B4A11B0510642333239C ] C:\Windows\System32\vpnapi.dll 12:39:43.0233 5844 C:\Windows\System32\vpnapi.dll - ok 12:39:43.0248 5844 [ 992B1994668D8FB07EEBF610F41FEB0B ] C:\Windows\System32\msvcirt.dll 12:39:43.0248 5844 C:\Windows\System32\msvcirt.dll - ok 12:39:43.0248 5844 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll 12:39:43.0248 5844 C:\Windows\System32\msvcp60.dll - ok 12:39:43.0248 5844 [ C1561312448395907CBFC0A2D9B98C62 ] C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll 12:39:43.0248 5844 C:\Windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - ok 12:39:43.0264 5844 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll 12:39:43.0264 5844 C:\Windows\System32\mfc42.dll - ok 12:39:43.0264 5844 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll 12:39:43.0264 5844 C:\Windows\System32\odbc32.dll - ok 12:39:43.0280 5844 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll 12:39:43.0280 5844 C:\Windows\System32\odbcint.dll - ok 12:39:43.0280 5844 [ A5205B3AF85B1477AB2C2A1E12201598 ] C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll 12:39:43.0280 5844 C:\Windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll - ok 12:39:43.0295 5844 [ 8A15D7BD4CF1A8CCD7C65F7349F22E35 ] C:\Windows\System32\drivers\CVPNDRVA.sys 12:39:43.0295 5844 C:\Windows\System32\drivers\CVPNDRVA.sys - ok 12:39:43.0295 5844 [ FB937277E87F8468603F4E2D8CF9DB4A ] C:\Program Files\Symantec AntiVirus\DefWatch.exe 12:39:43.0295 5844 C:\Program Files\Symantec AntiVirus\DefWatch.exe - ok 12:39:43.0311 5844 [ C65A4DCA1B69D95407D77C86A32CC7C9 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll 12:39:43.0311 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_379cfb60\System.Xml.dll - ok 12:39:43.0311 5844 [ 7DF281B808B9EEE4761B2BABEA0D9995 ] C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll 12:39:43.0311 5844 C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll - ok 12:39:43.0326 5844 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll 12:39:43.0326 5844 C:\Windows\System32\taskschd.dll - ok 12:39:43.0326 5844 [ 64FA28C15DD71A80BEF3527E1EF07DF6 ] C:\Program Files\DellSupport\Drivers\dsunidrv.sys 12:39:43.0326 5844 C:\Program Files\DellSupport\Drivers\dsunidrv.sys - ok 12:39:43.0326 5844 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll 12:39:43.0326 5844 C:\Windows\System32\wdscore.dll - ok 12:39:43.0342 5844 [ 0BCEE844A02747DD7F1E30352E619F2E ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe 12:39:43.0342 5844 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok 12:39:43.0342 5844 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll 12:39:43.0342 5844 C:\Windows\System32\ncsi.dll - ok 12:39:43.0358 5844 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll 12:39:43.0358 5844 C:\Windows\System32\ssdpapi.dll - ok 12:39:43.0358 5844 [ 1171C834C5E6515765684C6938B609A1 ] C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 12:39:43.0358 5844 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe - ok 12:39:43.0373 5844 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys 12:39:43.0373 5844 C:\Windows\System32\drivers\PEAuth.sys - ok 12:39:43.0373 5844 [ 6F640DC052CF77161A23E29261593793 ] C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll 12:39:43.0373 5844 C:\Windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll - ok 12:39:43.0373 5844 [ F6204F0756157E47DAAA68BA1FBC7586 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll 12:39:43.0373 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll - ok 12:39:43.0389 5844 [ 51DB25324454E812195A5D1E4454BA9E ] C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll 12:39:43.0389 5844 C:\Program Files\Bentley\SELECTserver\Bentley.License.Library.NET.dll - ok 12:39:43.0389 5844 [ 236B31C60D401F1AB428CA14D808DC95 ] C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll 12:39:43.0389 5844 C:\Windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll - ok 12:39:43.0404 5844 [ D35233B57EA2E6AE67F65E114A967389 ] C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll 12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\Bentley.liclib.dll - ok 12:39:43.0404 5844 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Bentley\SELECTserver\msvcp71.dll 12:39:43.0404 5844 C:\Program Files\Bentley\SELECTserver\msvcp71.dll - ok 12:39:43.0420 5844 [ 99EB84256BFA43C3A2A32341EDB8189E ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe 12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\csc.exe - ok 12:39:43.0420 5844 [ 0AF6AAA54F74F48049C8D042D67600C0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll 12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll - ok 12:39:43.0420 5844 [ 24BB2810506502DAF47E956103A2FCE0 ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll 12:39:43.0420 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\alink.dll - ok 12:39:43.0436 5844 [ 5C9D79CCBD4B1869EE331B35157EAB9F ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll 12:39:43.0436 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll - ok 12:39:43.0436 5844 [ DF695E9850F66CCCC70659975184DF2A ] C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll 12:39:43.0436 5844 C:\Windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll - ok 12:39:43.0451 5844 [ 3AF693F9315CEA0AB54BD0D3B23D3027 ] C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll 12:39:43.0451 5844 C:\Windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cf894e71\System.Drawing.dll - ok 12:39:43.0451 5844 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll 12:39:43.0451 5844 C:\Windows\System32\IconCodecService.dll - ok 12:39:43.0467 5844 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll 12:39:43.0467 5844 C:\Windows\System32\esent.dll - ok 12:39:43.0467 5844 [ 4B32BF2B3DCC76AB97DF96B33302F0F5 ] C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll 12:39:43.0467 5844 C:\Windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - ok 12:39:43.0482 5844 [ AD91F75D7387043986DF5E5CA39C4266 ] C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll 12:39:43.0482 5844 C:\Windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll - ok 12:39:43.0482 5844 [ 4CCC82B2EE8ED6D744CC635325B18EDA ] C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe 12:39:43.0482 5844 C:\Windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe - ok 12:39:43.0498 5844 [ E43FBF47A18621AA0B6FB350E3026060 ] C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll 12:39:43.0498 5844 C:\Program Files\Bentley\SELECTserver\Bin\Bentley.SelectServer.LicenseManager.dll - ok 12:39:43.0498 5844 [ 2D981B8CBD48D9E76C9CE58DF0D17DA2 ] C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll 12:39:43.0498 5844 C:\Windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll - ok 12:39:43.0514 5844 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe 12:39:43.0514 5844 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok 12:39:43.0514 5844 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys 12:39:43.0514 5844 C:\Windows\System32\drivers\fastfat.sys - ok 12:39:43.0514 5844 [ 4E87EF38A053F02E454935C8440EC91A ] C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe 12:39:43.0514 5844 C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe - ok 12:39:43.0529 5844 [ D202BAA425176287017FFE1FB5D1B77C ] C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll 12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libintl3.dll - ok 12:39:43.0529 5844 [ 331F570AA7C20BC93DEB7B237B21CC9C ] C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll 12:39:43.0529 5844 C:\Program Files\PostgreSQL\8.3\bin\libiconv2.dll - ok 12:39:43.0545 5844 [ 4DAF88FE7A8CC7C8B0A8E4CF9355237B ] C:\Program Files\PostgreSQL\8.3\bin\libpq.dll 12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\libpq.dll - ok 12:39:43.0545 5844 [ 19174858C208FABFA5C79013D0E406CD ] C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll 12:39:43.0545 5844 C:\Program Files\PostgreSQL\8.3\bin\ssleay32.dll - ok 12:39:43.0560 5844 [ 29B0D8A99C2BD0B6D5093FACE4E5F52C ] C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll 12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\libeay32.dll - ok 12:39:43.0560 5844 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll 12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\msvcr71.dll - ok 12:39:43.0560 5844 [ 249C1B8608B8C73DAC8E6AD7912B1271 ] C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll 12:39:43.0560 5844 C:\Program Files\PostgreSQL\8.3\bin\krb5_32.dll - ok 12:39:43.0576 5844 [ D2B96B34A34A9D2E3903C3A978F26857 ] C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll 12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\comerr32.dll - ok 12:39:43.0576 5844 [ E8F42B0DC3CA94EED0E87E29FC788D21 ] C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll 12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\k5sprt32.dll - ok 12:39:43.0576 5844 [ A1C71790ABF6B7EF920138C5942316AF ] C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll 12:39:43.0576 5844 C:\Program Files\PostgreSQL\8.3\bin\gssapi32.dll - ok 12:39:43.0592 5844 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL 12:39:43.0654 5844 C:\Windows\System32\IPSECSVC.DLL - ok 12:39:43.0670 5844 [ B0F7B0AE267A27747596F8E23465C938 ] C:\Program Files\PostgreSQL\8.3\bin\postgres.exe 12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\postgres.exe - ok 12:39:43.0670 5844 [ 096D5E5683819F0D3B3F93428597A29C ] C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll 12:39:43.0670 5844 C:\Program Files\PostgreSQL\8.3\bin\libxml2.dll - ok 12:39:43.0685 5844 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe 12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok 12:39:43.0685 5844 [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll 12:39:43.0685 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok 12:39:43.0701 5844 [ 73AF5773BF5627FE771BF6809EC839F9 ] C:\Program Files\PostgreSQL\8.3\bin\iconv.dll 12:39:43.0701 5844 C:\Program Files\PostgreSQL\8.3\bin\iconv.dll - ok 12:39:43.0701 5844 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll 12:39:43.0701 5844 C:\Windows\System32\FwRemoteSvr.dll - ok 12:39:43.0716 5844 [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll 12:39:43.0716 5844 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok 12:39:43.0716 5844 [ 80E41408F6D641DC1C0F5353A0CC8125 ] C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll 12:39:43.0716 5844 C:\Program Files\PostgreSQL\8.3\bin\zlib1.dll - ok 12:39:43.0732 5844 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\Windows\System32\mstask.dll 12:39:43.0732 5844 C:\Windows\System32\mstask.dll - ok 12:39:43.0732 5844 [ 7609C14BB34922001C005668BB306A43 ] C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll 12:39:43.0732 5844 C:\Program Files\PostgreSQL\8.3\lib\plugins\plugin_debugger.dll - ok 12:39:43.0748 5844 [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll 12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok 12:39:43.0748 5844 [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll 12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok 12:39:43.0748 5844 [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll 12:39:43.0748 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok 12:39:43.0763 5844 [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll 12:39:43.0763 5844 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok 12:39:43.0763 5844 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll 12:39:43.0763 5844 C:\Windows\System32\msxml4.dll - ok 12:39:43.0779 5844 [ D610CDEDF1F702EB0A86B0FBD9BB49E5 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 12:39:43.0779 5844 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok 12:39:43.0779 5844 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys 12:39:43.0779 5844 C:\Windows\System32\drivers\secdrv.sys - ok 12:39:43.0794 5844 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files\Skype\Updater\Updater.exe 12:39:43.0794 5844 C:\Program Files\Skype\Updater\Updater.exe - ok 12:39:43.0794 5844 [ 777115C9CC675BD98127660712D2F784 ] C:\Program Files\Dell Support Center\bin\sprtsvc.exe 12:39:43.0794 5844 C:\Program Files\Dell Support Center\bin\sprtsvc.exe - ok 12:39:43.0794 5844 [ 07B74B353CEDA9629092AE2AA3C53F90 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll 12:39:43.0794 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok 12:39:43.0810 5844 [ 8E8D1251C52DE0256C076CAAA79AF327 ] C:\Program Files\Dell Support Center\bin\sprtsched.dll 12:39:43.0810 5844 C:\Program Files\Dell Support Center\bin\sprtsched.dll - ok 12:39:43.0810 5844 [ AA21CF891D0D8248ECA1E9BA201ACBEF ] C:\Program Files\Spyware Terminator\sp_rsser.exe 12:39:43.0810 5844 C:\Program Files\Spyware Terminator\sp_rsser.exe - ok 12:39:43.0826 5844 [ 0AB6629467D8F073B762FCA1D416BF2D ] C:\Program Files\Dell Support Center\bin\sprtfod.dll 12:39:43.0826 5844 C:\Program Files\Dell Support Center\bin\sprtfod.dll - ok 12:39:43.0826 5844 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll 12:39:43.0826 5844 C:\Windows\System32\shfolder.dll - ok 12:39:43.0826 5844 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll 12:39:43.0826 5844 C:\Windows\System32\wiatrace.dll - ok 12:39:43.0841 5844 [ 27DF2E313052DB2270972AD7CB15C8DB ] C:\Program Files\Dell Support Center\bin\sprtsync.dll 12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtsync.dll - ok 12:39:43.0841 5844 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll 12:39:43.0841 5844 C:\Windows\System32\wsdchngr.dll - ok 12:39:43.0841 5844 [ E4D3F600CFF1E76950ABB0D790F2A1EF ] C:\Program Files\Dell Support Center\bin\sprtupdate.dll 12:39:43.0841 5844 C:\Program Files\Dell Support Center\bin\sprtupdate.dll - ok 12:39:43.0857 5844 [ 716CCAD4089663248F1D98B1FE3BB234 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll 12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok 12:39:43.0857 5844 [ F5F08BF486998EFA8171CB09065B15D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll 12:39:43.0857 5844 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok 12:39:43.0872 5844 [ 5C5209B04B1942A534259C2AB7BB1EEA ] C:\Program Files\Dell Support Center\bin\libeay32.dll 12:39:43.0872 5844 C:\Program Files\Dell Support Center\bin\libeay32.dll - ok 12:39:43.0872 5844 [ A548ACF535D81A96E1B38F76A2DE658F ] C:\Program Files\Symantec AntiVirus\Rtvscan.exe 12:39:43.0872 5844 C:\Program Files\Symantec AntiVirus\Rtvscan.exe - ok 12:39:43.0888 5844 [ AAB386DA22268B3F4B1B98B77D324126 ] C:\Windows\System32\cba.dll 12:39:43.0888 5844 C:\Windows\System32\cba.dll - ok 12:39:43.0904 5844 [ E045C58E45895065CC2763239460ECDB ] C:\Windows\System32\msgsys.dll 12:39:43.0904 5844 C:\Windows\System32\msgsys.dll - ok 12:39:43.0904 5844 [ 2E7B56837CDE8B1A875DF870E5200A2F ] C:\Windows\System32\nts.dll 12:39:43.0904 5844 C:\Windows\System32\nts.dll - ok 12:39:43.0904 5844 [ 1A58834E9C2AECCB3BD2A5801A9CDFE9 ] C:\Windows\System32\pds.dll 12:39:43.0904 5844 C:\Windows\System32\pds.dll - ok 12:39:43.0919 5844 [ 94B9215E224B555AC47839C9BCD39137 ] C:\Program Files\Symantec AntiVirus\NAVLU.dll 12:39:43.0919 5844 C:\Program Files\Symantec AntiVirus\NAVLU.dll - ok 12:39:43.0919 5844 [ 900A9D261859EC999C9C7243410C3203 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll 12:39:43.0919 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok 12:39:43.0935 5844 [ 743E556A998074ED7EEB99CA495B2E5D ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll 12:39:43.0935 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok 12:39:43.0935 5844 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\System32\mfc71.dll 12:39:43.0935 5844 C:\Windows\System32\mfc71.dll - ok 12:39:43.0950 5844 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL 12:39:43.0950 5844 C:\Windows\System32\MFC71ENU.DLL - ok 12:39:43.0950 5844 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys 12:39:43.0950 5844 C:\Windows\System32\drivers\tcpipreg.sys - ok 12:39:43.0950 5844 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll 12:39:43.0950 5844 C:\Windows\System32\msiltcfg.dll - ok 12:39:43.0966 5844 [ 300B4847E1157BDD7A306B18ED65A97E ] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - ok 12:39:43.0966 5844 [ 138AB06ADBBF300AA804D7974A5AEC82 ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 12:39:43.0966 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe - ok 12:39:43.0982 5844 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll 12:39:43.0982 5844 C:\Windows\System32\icaapi.dll - ok 12:39:43.0982 5844 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll 12:39:43.0982 5844 C:\Windows\System32\sfc_os.dll - ok 12:39:43.0997 5844 [ 38FEAF71F0DACC4DBE3DF9EF347BEA60 ] C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL 12:39:43.0997 5844 C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL - ok 12:39:43.0997 5844 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll 12:39:43.0997 5844 C:\Windows\System32\wbem\wbemprox.dll - ok 12:39:43.0997 5844 [ 3C84FCA13C4EB607478A45F2D7E16DB3 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll 12:39:43.0997 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok 12:39:44.0013 5844 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll 12:39:44.0013 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok 12:39:44.0013 5844 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll 12:39:44.0013 5844 C:\Windows\System32\wbemcomn.dll - ok 12:39:44.0028 5844 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll 12:39:44.0028 5844 C:\Windows\System32\icmp.dll - ok 12:39:44.0028 5844 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll 12:39:44.0028 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok 12:39:44.0044 5844 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll 12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok 12:39:44.0044 5844 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll 12:39:44.0044 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok 12:39:44.0044 5844 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll 12:39:44.0044 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok 12:39:44.0075 5844 [ E74AEDF39F5C7FA9F6C1FDCCBD7C648D ] C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll 12:39:44.0075 5844 C:\Program Files\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll - ok 12:39:44.0075 5844 [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll 12:39:44.0075 5844 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok 12:39:44.0091 5844 [ 9E248A8415937ED62DBDE943E6373049 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll 12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll - ok 12:39:44.0091 5844 [ A3A77A46B71724DDB609E289F430F38C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll 12:39:44.0091 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll - ok 12:39:44.0106 5844 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll 12:39:44.0106 5844 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok 12:39:44.0106 5844 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll 12:39:44.0106 5844 C:\Windows\System32\wbem\WinMgmtR.dll - ok 12:39:44.0106 5844 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll 12:39:44.0106 5844 C:\Windows\System32\PortableDeviceApi.dll - ok 12:39:44.0122 5844 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll 12:39:44.0122 5844 C:\Windows\System32\PortableDeviceConnectApi.dll - ok 12:39:44.0122 5844 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll 12:39:44.0122 5844 C:\Windows\System32\tquery.dll - ok 12:39:44.0138 5844 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll 12:39:44.0138 5844 C:\Windows\System32\mssrch.dll - ok 12:39:44.0138 5844 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll 12:39:44.0138 5844 C:\Windows\System32\msidle.dll - ok 12:39:44.0153 5844 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll 12:39:44.0153 5844 C:\Windows\System32\netprofm.dll - ok 12:39:44.0153 5844 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll 12:39:44.0153 5844 C:\Windows\System32\Query.dll - ok 12:39:44.0169 5844 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll 12:39:44.0169 5844 C:\Windows\System32\npmproxy.dll - ok 12:39:44.0169 5844 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll 12:39:44.0169 5844 C:\Windows\System32\sqmapi.dll - ok 12:39:44.0169 5844 [ BF2156D8D9866983B55D95382131DC4A ] C:\Windows\System32\lsmproxy.dll 12:39:44.0169 5844 C:\Windows\System32\lsmproxy.dll - ok 12:39:44.0184 5844 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\Windows\System32\bitsperf.dll 12:39:44.0184 5844 C:\Windows\System32\bitsperf.dll - ok 12:39:44.0184 5844 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll 12:39:44.0184 5844 C:\Windows\System32\pcadm.dll - ok 12:39:44.0200 5844 [ 632557F2495931D952161465AA177B3B ] C:\Windows\System32\bitsigd.dll 12:39:44.0200 5844 C:\Windows\System32\bitsigd.dll - ok 12:39:44.0200 5844 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll 12:39:44.0200 5844 C:\Windows\System32\diagperf.dll - ok 12:39:44.0216 5844 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll 12:39:44.0216 5844 C:\Windows\System32\mssprxy.dll - ok 12:39:44.0216 5844 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui 12:39:44.0216 5844 C:\Windows\System32\en-US\tquery.dll.mui - ok 12:39:44.0231 5844 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll 12:39:44.0231 5844 C:\Windows\System32\msscb.dll - ok 12:39:44.0231 5844 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll 12:39:44.0231 5844 C:\Windows\System32\netcfgx.dll - ok 12:39:44.0231 5844 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll 12:39:44.0231 5844 C:\Windows\System32\rastapi.dll - ok 12:39:44.0247 5844 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll 12:39:44.0247 5844 C:\Windows\System32\upnp.dll - ok 12:39:44.0247 5844 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll 12:39:44.0247 5844 C:\Windows\System32\hnetcfg.dll - ok 12:39:44.0247 5844 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll 12:39:44.0247 5844 C:\Windows\System32\pnpts.dll - ok 12:39:44.0262 5844 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp 12:39:44.0262 5844 C:\Windows\System32\unimdm.tsp - ok 12:39:44.0262 5844 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll 12:39:44.0262 5844 C:\Windows\System32\wbem\wbemcore.dll - ok 12:39:44.0278 5844 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll 12:39:44.0278 5844 C:\Windows\System32\uniplat.dll - ok 12:39:44.0278 5844 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll 12:39:44.0278 5844 C:\Windows\System32\wbem\esscli.dll - ok 12:39:44.0294 5844 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp 12:39:44.0294 5844 C:\Windows\System32\kmddsp.tsp - ok 12:39:44.0294 5844 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll 12:39:44.0294 5844 C:\Windows\System32\wbem\fastprox.dll - ok 12:39:44.0309 5844 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp 12:39:44.0309 5844 C:\Windows\System32\ndptsp.tsp - ok 12:39:44.0325 5844 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp 12:39:44.0325 5844 C:\Windows\System32\hidphone.tsp - ok 12:39:44.0325 5844 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll 12:39:44.0325 5844 C:\Windows\System32\wbem\wbemsvc.dll - ok 12:39:44.0325 5844 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll 12:39:44.0325 5844 C:\Windows\System32\wbem\wmiutils.dll - ok 12:39:44.0340 5844 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll 12:39:44.0340 5844 C:\Windows\System32\wbem\repdrvfs.dll - ok 12:39:44.0340 5844 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll 12:39:44.0340 5844 C:\Windows\System32\rasppp.dll - ok 12:39:44.0356 5844 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll 12:39:44.0356 5844 C:\Windows\System32\mprapi.dll - ok 12:39:44.0356 5844 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe 12:39:44.0356 5844 C:\Windows\System32\runonce.exe - ok 12:39:44.0356 5844 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll 12:39:44.0356 5844 C:\Windows\System32\rasqec.dll - ok 12:39:44.0372 5844 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll 12:39:44.0372 5844 C:\Windows\System32\raschap.dll - ok 12:39:44.0372 5844 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll 12:39:44.0372 5844 C:\Windows\System32\rastls.dll - ok 12:39:44.0372 5844 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll 12:39:44.0372 5844 C:\Windows\System32\cryptui.dll - ok 12:39:44.0387 5844 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll 12:39:44.0387 5844 C:\Windows\System32\wbem\WmiPrvSD.dll - ok 12:39:44.0387 5844 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe 12:39:44.0387 5844 C:\Windows\System32\cmd.exe - ok 12:39:44.0403 5844 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll 12:39:44.0403 5844 C:\Windows\System32\wbem\wbemess.dll - ok 12:39:44.0403 5844 [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\System32\qmgrprxy.dll 12:39:44.0403 5844 C:\Windows\System32\qmgrprxy.dll - ok 12:39:44.0418 5844 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll 12:39:44.0418 5844 C:\Windows\System32\ieframe.dll - ok 12:39:44.0418 5844 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll 12:39:44.0418 5844 C:\Windows\System32\wbem\NCProv.dll - ok 12:39:44.0434 5844 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe 12:39:44.0434 5844 C:\Windows\System32\wbem\WmiPrvSE.exe - ok 12:39:44.0434 5844 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll 12:39:44.0434 5844 C:\Windows\System32\wbem\wbemcons.dll - ok 12:39:44.0450 5844 [ A9206960C92F5377E453EA4F32AB3346 ] C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll 12:39:44.0450 5844 C:\Program Files\Common Files\Symantec Shared\SSC\ScsComms.dll - ok 12:39:44.0450 5844 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll 12:39:44.0450 5844 C:\Windows\System32\wbem\cimwin32.dll - ok 12:39:44.0465 5844 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll 12:39:44.0465 5844 C:\Windows\System32\framedynos.dll - ok 12:39:44.0465 5844 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll 12:39:44.0465 5844 C:\Windows\System32\wmi.dll - ok 12:39:44.0465 5844 [ 24422E879BAEA2B69C9B131548D16888 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll 12:39:44.0465 5844 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok 12:39:44.0481 5844 [ 4386CD92BA73C860AB0F8CC62434B2EA ] C:\Program Files\Symantec AntiVirus\I2ldvp3.dll 12:39:44.0481 5844 C:\Program Files\Symantec AntiVirus\I2ldvp3.dll - ok 12:39:44.0481 5844 [ ABAC02B5FE10D703251374C6FB187B83 ] C:\Program Files\Common Files\Symantec Shared\ccDec.dll 12:39:44.0481 5844 C:\Program Files\Common Files\Symantec Shared\ccDec.dll - ok 12:39:44.0496 5844 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe 12:39:44.0496 5844 C:\Users\Mario\AppData\Local\Temp\DC1FF712-4F29-4892-BE9C-4EA429F07EB4.exe - ok 12:39:44.0496 5844 [ AB2F99FC684EEB007CF048666C4CD7D8 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll 12:39:44.0496 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\DecSDK.dll - ok 12:39:44.0512 5844 [ 545446BA4583B471739AFFE9625F7D39 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll 12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll - ok 12:39:44.0512 5844 [ DCFD4B0B4654F6A070873C8C75A458DF ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll 12:39:44.0512 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll - ok 12:39:44.0528 5844 [ A0E10B03C91DA932C85875E0587F30C7 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll 12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll - ok 12:39:44.0528 5844 [ 33B3051F2A2BEF1474DCBD8879F62AAB ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll 12:39:44.0528 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll - ok 12:39:44.0543 5844 [ E58C5C07812E99FFCE7A9A88495C39CA ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll 12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll - ok 12:39:44.0543 5844 [ B1C720D4D4FE004625808915F8D85377 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll 12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll - ok 12:39:44.0543 5844 [ AADAF917CB38A78CFADBED3855EC00A3 ] C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll 12:39:44.0543 5844 C:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll - ok
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.