Jump to content


Photo
- - - - -

Almost everything freezes or crashes


  • This topic is locked This topic is locked
25 replies to this topic

#1 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 05 May 2012 - 09:48 AM

Malwarebytes froze before the log showed up, but it eventually came up after 5 ish minutes.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.04.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Spencer :: COMPAQ-PC [administrator]

5/4/2012 7:00:54 PM
mbam-log-2012-05-04 (19-00-54).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 512284
Time elapsed: 3 hour(s), 17 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\Cheat Engine 6.1\ceregreset.exe (Spyware.Password) -> Quarantined and deleted successfully.

(end)

A little about the problem here: http://forums.malwar...ndpost&p=547953

dds.scr or dds.com wont run. see below:

[Window Title]
C:\Users\Spencer\Desktop\dds.com

[Content]
This file does not have a program associated with it for performing this action. Please install a program or, if one is already installed, create an association in the Default Programs control panel.

[OK]

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#2 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 06 May 2012 - 03:23 AM

Hello and :welcome:

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#3 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 06 May 2012 - 09:29 AM

Hello and :welcome:

We need to see some information about what is happening in your machine. Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



When I tried to download dds.pif it was the same as dds.scr.

[Window Title]
C:\Users\Spencer\Desktop\dds.scr

[Content]
This file does not have a program associated with it for performing this action. Please install a program or, if one is already installed, create an association in the Default Programs control panel.

[OK]

I got that when trying to run it.

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#4 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 06 May 2012 - 09:31 AM

Please try this instead:

OTL
-----
Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#5 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 06 May 2012 - 10:43 AM

OTL logfile created on: 5/6/2012 10:54:42 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Spencer\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 28.57% Memory free
6.75 Gb Paging File | 3.02 Gb Available in Paging File | 44.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.71 Gb Total Space | 185.55 Gb Free Space | 64.72% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.48 Gb Free Space | 13.15% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 114.23 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: COMPAQ-PC | User Name: Spencer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/06 10:53:28 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Spencer\Desktop\OTL.exe
PRC - [2012/04/27 16:44:31 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/03/19 07:38:47 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/03/19 07:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012/03/18 22:05:00 | 000,108,136 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2012/03/16 01:06:50 | 000,537,600 | ---- | M] () -- C:\Program Files\XChat-WDK\xchat.exe
PRC - [2012/02/14 19:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Spencer\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/02/07 19:11:44 | 000,451,856 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2012/02/07 19:11:42 | 000,074,512 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/16 17:24:22 | 000,274,712 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2011/11/22 18:54:03 | 000,034,728 | ---- | M] (Arainia Solutions) -- C:\Program Files\Gizmo\gservice.exe
PRC - [2011/10/05 15:46:52 | 003,578,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2011/10/05 15:45:56 | 000,130,976 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHookSvc.exe
PRC - [2011/10/05 15:45:42 | 000,169,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2011/10/05 15:45:40 | 000,955,816 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2011/10/05 15:45:38 | 000,892,336 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2011/09/10 05:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe
PRC - [2011/09/10 05:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2011/09/09 13:46:10 | 008,158,720 | ---- | M] () -- c:\xampp\mysql\bin\mysqld.exe
PRC - [2011/06/24 00:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.2.1.3\ccsvchst.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/01/07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/11/20 08:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/05/21 01:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
PRC - [2010/05/21 01:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2010/05/21 01:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
PRC - [2010/05/21 01:56:12 | 000,129,584 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2010/05/21 01:55:54 | 000,178,736 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-unity-helper.exe
PRC - [2010/05/21 01:55:50 | 002,751,024 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware.exe
PRC - [2010/05/21 01:55:20 | 014,535,216 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-vmx.exe
PRC - [2010/05/21 00:44:22 | 000,010,240 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vprintproxy.exe
PRC - [2010/05/21 00:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2008/10/17 05:39:50 | 002,810,880 | ---- | M] (mIRC Co. Ltd.) -- C:\Invision\mirc.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/29 11:08:40 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/04/27 16:44:31 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/04/11 03:41:09 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll
MOD - [2012/03/16 01:07:06 | 000,009,728 | ---- | M] () -- C:\Program Files\XChat-WDK\plugins\xcupd.dll
MOD - [2012/03/16 01:06:50 | 000,537,600 | ---- | M] () -- C:\Program Files\XChat-WDK\xchat.exe
MOD - [2012/02/15 04:52:14 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012/02/15 04:46:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/15 04:46:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/15 04:46:19 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/02/01 09:23:40 | 000,324,950 | ---- | M] () -- C:\Program Files\Git\git-cheetah\git_shell_ext.dll
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/12/16 17:24:04 | 000,070,424 | ---- | M] () -- C:\Program Files\TortoiseSVN\bin\libsasl32.dll
MOD - [2011/12/03 21:17:11 | 000,008,704 | ---- | M] () -- C:\Users\Spencer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
MOD - [2011/12/03 21:17:11 | 000,007,680 | ---- | M] () -- C:\Users\Spencer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
MOD - [2011/12/03 21:17:11 | 000,006,144 | ---- | M] () -- C:\Users\Spencer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
MOD - [2011/11/15 04:02:19 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/10/30 13:40:53 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/10/28 12:43:35 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2011/10/05 13:53:06 | 000,576,000 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2011/08/07 08:56:50 | 001,025,536 | ---- | M] () -- C:\Program Files\XChat-WDK\libxml2.dll
MOD - [2011/07/07 17:21:44 | 000,082,555 | ---- | M] () -- C:\Program Files\XChat-WDK\zlib1.dll
MOD - [2011/04/20 12:39:12 | 000,565,827 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
MOD - [2011/01/07 20:48:38 | 000,235,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2010/12/27 17:46:54 | 001,182,444 | ---- | M] () -- C:\Program Files\XChat-WDK\libcairo-2.dll
MOD - [2010/12/27 14:12:52 | 000,538,324 | ---- | M] () -- C:\Program Files\XChat-WDK\freetype6.dll
MOD - [2010/10/29 16:00:32 | 000,255,488 | ---- | M] () -- C:\Program Files\XChat-WDK\lib\enchant\libenchant_myspell.dll
MOD - [2010/09/29 22:10:54 | 000,103,139 | ---- | M] () -- C:\Program Files\XChat-WDK\libpangocairo-1.0-0.dll
MOD - [2010/09/12 08:57:08 | 000,097,820 | ---- | M] () -- C:\Program Files\XChat-WDK\lib\gtk-2.0\2.10.0\engines\libwimp.dll
MOD - [2010/08/17 15:38:28 | 000,230,529 | ---- | M] () -- C:\Program Files\XChat-WDK\libpng14-14.dll
MOD - [2010/05/21 01:56:38 | 000,068,656 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\zlib1.dll
MOD - [2010/05/21 01:56:28 | 000,141,872 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\liblber.dll
MOD - [2010/05/21 01:56:00 | 000,109,104 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libcds.dll
MOD - [2010/05/21 01:55:54 | 000,346,672 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libcurl.dll
MOD - [2010/05/21 01:55:50 | 000,970,288 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libxml2.dll
MOD - [2010/05/21 01:55:44 | 000,563,760 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\glibmm-2.4.dll
MOD - [2010/05/21 01:55:42 | 000,056,368 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\sigc-2.0.dll
MOD - [2010/05/21 01:55:36 | 000,260,656 | ---- | M] () -- C:\Program Files\VMware\VMware Workstation\libldap_r.dll
MOD - [2010/02/05 21:55:06 | 000,279,059 | ---- | M] () -- C:\Program Files\XChat-WDK\libfontconfig-1.dll
MOD - [2009/01/31 22:42:36 | 000,143,096 | ---- | M] () -- C:\Program Files\XChat-WDK\libexpat-1.dll
MOD - [2000/04/06 22:51:10 | 000,044,032 | ---- | M] () -- C:\Invision\Invision\WinAmp\Amp_in.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDHookService)
SRV - [2012/05/04 18:57:28 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/27 16:44:32 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/05 11:37:38 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/19 07:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/02/07 19:11:42 | 000,074,512 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/22 18:54:03 | 000,034,728 | ---- | M] (Arainia Solutions) [Auto | Running] -- C:\Program Files\Gizmo\gservice.exe -- (Gizmo Central)
SRV - [2011/10/31 03:05:55 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/10/30 14:27:11 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/09/10 05:43:18 | 000,018,432 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2011/09/09 13:46:10 | 008,158,720 | ---- | M] () [Auto | Running] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql)
SRV - [2011/06/07 15:29:16 | 000,630,272 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- c:\xampp\FileZillaFTP\FileZillaServer.exe -- (FileZilla Server)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe -- (N360)
SRV - [2011/04/01 21:17:08 | 000,067,400 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV - [2011/01/07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/06/25 13:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/05/21 01:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/05/21 01:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/05/21 01:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/05/21 00:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/04/27 17:42:04 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Running] -- C:\Program Files\Spybot -- (SDHookDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\CDriver.sys -- (MSICDSetup)
DRV - [2012/05/05 10:46:08 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/05/04 22:49:16 | 000,054,016 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\ubwlxglg.sys -- (stupru)
DRV - [2012/04/27 20:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120505.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/04/02 19:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/02/07 19:11:42 | 000,133,392 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/02/06 09:42:06 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/02/06 09:42:06 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/01/18 04:00:41 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2012/01/09 22:52:44 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120505.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/09 22:52:44 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120505.016\NAVENG.SYS -- (NAVENG)
DRV - [2011/12/19 15:12:00 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011/12/19 15:11:58 | 000,158,512 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011/12/19 15:11:58 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2011/12/19 15:11:58 | 000,091,440 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011/12/07 17:05:54 | 000,004,096 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bbcap.sys -- (bbcap)
DRV - [2011/11/22 18:54:24 | 000,025,488 | ---- | M] (Arainia Solutions LLC) [Kernel | System | Running] -- C:\Windows\System32\drivers\gizmodrv.sys -- (GizmoDrv)
DRV - [2011/10/28 20:22:14 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/09/09 15:45:20 | 001,265,216 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2011/07/29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/04/20 21:37:49 | 000,299,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symnets.sys -- (SymNetS)
DRV - [2011/03/30 23:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/30 23:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 22:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 02:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0502010.003\symds.sys -- (SymDS)
DRV - [2011/01/07 23:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/15 21:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0502010.003\ironx86.sys -- (SymIRON)
DRV - [2010/11/11 19:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2010/06/25 13:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/05/21 01:56:56 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/05/21 01:56:56 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2010/05/21 01:55:04 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/05/21 01:53:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/05/21 00:40:08 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/05/20 22:19:20 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/05/20 22:19:20 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2010/05/20 22:19:20 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/04/27 17:41:40 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2009/07/13 20:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AGERESoftModem)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/22 15:34:38 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/02/05 02:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 AC 4D 22 D7 27 CD 01 [binary data]
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...il&geo=US&ver=5
IE - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.4: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/01/31 21:32:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_7_5 [2012/05/03 16:37:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2012/03/18 22:06:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/27 16:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/10/28 19:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spencer\AppData\Roaming\Mozilla\Extensions
[2012/05/01 22:13:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spencer\AppData\Roaming\Mozilla\Firefox\Profiles\1jji5kqh.default\extensions
[2011/11/14 18:42:04 | 000,000,000 | ---D | M] (Hyperionics DB Toolbar) -- C:\Users\Spencer\AppData\Roaming\Mozilla\Firefox\Profiles\1jji5kqh.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/11/05 18:08:37 | 000,002,469 | ---- | M] () -- C:\Users\Spencer\AppData\Roaming\Mozilla\Firefox\Profiles\1jji5kqh.default\searchplugins\safesearch.xml
[2012/04/27 16:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/27 16:44:32 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/09 10:14:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/05/03 10:30:35 | 000,442,706 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15209 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\..\Toolbar\WebBrowser: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001..\Run: [GizmoDriveDelegate] C:\Program Files\Gizmo\gizmo.exe (Arainia Solutions)
O4 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001..\Run: [ISUSPM] -scheduler File not found
O4 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2309691462-207129498-3248361963-1001..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\Windows\is-E181S.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Spencer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Spencer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Spencer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09A64821-6BF4-42D4-857A-66B9A310CC16}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{914E754E-3C2A-43C3-A03B-77DD412683A7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{914E754E-3C2A-43C3-A03B-77DD412683A7}: NameServer = 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0830805-1F03-4D7E-8761-621B549C499B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A47C34A4-5646-456A-8634-096416A4FD39}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/12/01 22:32:56 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2008/02/25 10:30:42 | 000,000,054 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{088f2bbf-4276-11e1-8288-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{088f2bbf-4276-11e1-8288-005056c00008}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/06 10:53:25 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Spencer\Desktop\OTL.exe
[2012/05/06 10:24:47 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Spencer\Desktop\dds.scr
[2012/05/05 16:15:53 | 000,000,000 | ---D | C] -- C:\Users\Spencer\Documents\LDW
[2012/05/05 10:46:08 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/05/04 16:10:56 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\Spencer\Desktop\dds.com
[2012/05/02 17:32:03 | 000,000,000 | ---D | C] -- C:\Users\Spencer\AppData\Roaming\TeamViewer
[2012/05/01 18:06:34 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2012/04/29 11:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/04/29 11:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/04/27 16:45:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/27 16:45:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/04/25 16:51:17 | 000,000,000 | ---D | C] -- C:\Users\Spencer\Desktop\Backyard Improvement Plans
[2012/04/22 10:39:10 | 000,000,000 | ---D | C] -- C:\Users\Spencer\Documents\Upload
[2012/04/20 17:01:51 | 000,000,000 | ---D | C] -- C:\Users\Spencer\Desktop\HQPlants
[2012/04/17 16:09:55 | 000,000,000 | ---D | C] -- C:\Users\Spencer\AppData\Local\{086E6A7A-531E-45FD-96C4-4191E663E804}
[2012/04/11 16:03:51 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/04/11 03:09:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/04/11 03:09:16 | 001,799,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/04/11 03:09:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/04/11 03:09:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/04/11 03:09:14 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/04/11 03:09:13 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/04/11 03:00:50 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/11 03:00:49 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/04/10 08:14:21 | 000,000,000 | ---D | C] -- C:\Users\Spencer\Desktop\Peach Canker
[2012/04/09 23:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/04/09 23:35:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/04/09 23:35:39 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/04/09 23:35:39 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/04/09 23:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java

========== Files - Modified Within 30 Days ==========

[2012/05/06 10:56:57 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/06 10:53:28 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Spencer\Desktop\OTL.exe
[2012/05/06 10:25:00 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Spencer\Desktop\dds.scr
[2012/05/05 10:46:08 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/05/04 22:49:16 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\ubwlxglg.sys
[2012/05/04 18:57:27 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/05/04 18:57:26 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/05/04 18:56:38 | 000,711,240 | ---- | M] () -- C:\Windows\is-E181S.exe
[2012/05/04 18:56:38 | 000,010,498 | ---- | M] () -- C:\Windows\is-E181S.msg
[2012/05/04 18:56:38 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 18:56:38 | 000,000,441 | ---- | M] () -- C:\Windows\is-E181S.lst
[2012/05/04 16:11:00 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\Spencer\Desktop\dds.com
[2012/05/03 18:14:53 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 18:14:53 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/03 16:37:47 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2012/05/03 16:37:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/03 16:37:20 | 000,000,031 | ---- | M] () -- C:\Windows\System32\bbcap.err
[2012/05/03 16:37:03 | 2716,721,152 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/03 10:30:36 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2012/05/03 10:30:35 | 000,442,706 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/01 20:16:03 | 000,001,205 | ---- | M] () -- C:\Users\Spencer\Desktop\cmd.exe.lnk
[2012/05/01 18:07:11 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/01 11:00:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2012/05/01 08:27:39 | 000,348,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/04/29 12:15:27 | 000,002,042 | -H-- | M] () -- C:\Users\Spencer\Documents\Default.rdp
[2012/04/29 11:45:56 | 000,001,110 | ---- | M] () -- C:\Users\Spencer\Documents\cc_20120429_114554.reg
[2012/04/29 11:45:45 | 000,052,854 | ---- | M] () -- C:\Users\Spencer\Documents\cc_20120429_114540.reg
[2012/04/29 11:41:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/04/29 10:43:24 | 000,001,827 | ---- | M] () -- C:\Users\Spencer\AppData\Roaming\simplemoneymanager.ini
[2012/04/29 10:41:15 | 000,306,290 | ---- | M] () -- C:\Users\Spencer\Documents\hqplants.amj
[2012/04/26 10:30:37 | 000,442,706 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120503-103035.backup
[2012/04/19 10:30:32 | 000,442,706 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120426-103037.backup
[2012/04/13 23:02:49 | 000,075,766 | ---- | M] () -- C:\Users\Spencer\Documents\epach.odt
[2012/04/12 10:30:42 | 000,442,706 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20120419-103032.backup
[2012/04/11 22:41:50 | 000,081,874 | ---- | M] () -- C:\Users\Spencer\Documents\Doss Faimly.odt
[2012/04/11 22:34:26 | 000,073,870 | ---- | M] () -- C:\Users\Spencer\Documents\HQPlants Documents.odt
[2012/04/11 03:30:48 | 000,002,311 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/04/11 03:30:14 | 001,400,698 | ---- | M] () -- C:\Windows\System32\drivers\N360\0502010.003\Cat.DB
[2012/04/11 03:25:09 | 000,001,656 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/04/11 03:05:43 | 000,739,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/11 03:05:43 | 000,151,906 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/09 23:35:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/04/09 23:35:26 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/04/09 23:35:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/04/09 23:35:26 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

========== Files Created - No Company Name ==========

[2012/05/04 22:49:16 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\ubwlxglg.sys
[2012/05/04 18:56:38 | 000,711,240 | ---- | C] () -- C:\Windows\is-E181S.exe
[2012/05/04 18:56:38 | 000,010,498 | ---- | C] () -- C:\Windows\is-E181S.msg
[2012/05/04 18:56:38 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 18:56:38 | 000,000,441 | ---- | C] () -- C:\Windows\is-E181S.lst
[2012/05/01 20:15:58 | 000,001,205 | ---- | C] () -- C:\Users\Spencer\Desktop\cmd.exe.lnk
[2012/05/01 18:07:11 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012/05/01 18:07:10 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012/05/01 08:27:30 | 000,348,872 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/04/29 11:45:55 | 000,001,110 | ---- | C] () -- C:\Users\Spencer\Documents\cc_20120429_114554.reg
[2012/04/29 11:45:42 | 000,052,854 | ---- | C] () -- C:\Users\Spencer\Documents\cc_20120429_114540.reg
[2012/04/29 11:41:42 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/04/13 23:02:47 | 000,075,766 | ---- | C] () -- C:\Users\Spencer\Documents\epach.odt
[2012/04/11 22:34:42 | 000,081,874 | ---- | C] () -- C:\Users\Spencer\Documents\Doss Faimly.odt
[2012/04/11 22:34:24 | 000,073,870 | ---- | C] () -- C:\Users\Spencer\Documents\HQPlants Documents.odt
[2012/04/11 16:03:55 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/11 03:30:48 | 000,002,311 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012/03/18 21:45:32 | 000,001,656 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/02/18 19:05:55 | 000,001,827 | ---- | C] () -- C:\Users\Spencer\AppData\Roaming\simplemoneymanager.ini
[2012/02/12 12:04:44 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012/02/12 12:04:44 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2040.DAT
[2012/02/01 18:01:51 | 000,014,119 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012/01/22 09:15:01 | 000,000,600 | ---- | C] () -- C:\Users\Spencer\AppData\Local\PUTTY.RND
[2012/01/16 22:12:53 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012/01/16 22:12:53 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012/01/16 22:12:52 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012/01/16 22:12:52 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012/01/16 22:12:52 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/12/19 21:33:49 | 000,000,095 | ---- | C] () -- C:\Users\Spencer\AppData\Local\fusioncache.dat
[2011/11/30 22:36:17 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2011/11/23 00:06:51 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/11/23 00:06:51 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/11/14 19:07:42 | 000,016,384 | ---- | C] () -- C:\Users\Spencer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/05 16:01:12 | 000,136,448 | ---- | C] () -- C:\Windows\RMTOOLS.DLL
[2011/11/05 08:51:00 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/10/30 17:58:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011/10/30 17:58:16 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2011/10/30 17:58:12 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM10A.DAT
[2011/10/14 22:15:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\phpc.exe
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

< End of report >

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#6 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 06 May 2012 - 10:43 AM

OTL Extras logfile created on: 5/6/2012 10:54:42 AM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Spencer\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 28.57% Memory free
6.75 Gb Paging File | 3.02 Gb Available in Paging File | 44.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.71 Gb Total Space | 185.55 Gb Free Space | 64.72% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.48 Gb Free Space | 13.15% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 114.23 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: COMPAQ-PC | User Name: Spencer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2309691462-207129498-3248361963-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B78A2B-6750-4864-B887-5D0A7691B4C0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{070BAB16-136C-4E3A-9019-2CBBF05AE53F}" = lport=139 | protocol=6 | dir=in | app=system |
"{16433C9A-4797-47E9-8C99-DA57323DE65B}" = lport=445 | protocol=6 | dir=in | app=system |
"{1E66EA7D-AB59-4A95-9730-6903A3EC0D84}" = lport=137 | protocol=17 | dir=in | app=system |
"{2EB2EB01-4BAD-402D-896E-9235502110D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3FB47F8A-7F3D-48C8-AC3B-4E8D7FCF0A75}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{447C8479-6798-4A17-8E4B-A56CA65194B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{46650DBF-7973-4955-905F-18BF52D792E1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4714518F-2EF5-47D8-811D-09FF679CE3B7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A3055C7-77E1-4828-AB9B-B90D716D1A70}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A709EDE-EDAA-4FCA-82D4-A1691CB601BA}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{6249C688-92B5-44E7-B5FB-F9A5D9BE518C}" = rport=138 | protocol=17 | dir=out | app=system |
"{77686C1C-92C7-43DE-81F5-C4E2AD1828F4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7F26C02C-D95D-4AE3-BF25-0CFB943A8582}" = lport=138 | protocol=17 | dir=in | app=system |
"{81230C68-C49A-4CB7-A778-3219FBCDBAC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{839F5130-BB4E-4016-9349-B4B596D189E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{9047FB1F-D2D2-4356-839D-762886FCD967}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{95FCE36E-A072-4E8D-8641-8C1B96CBC015}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A4C07174-33AA-48CF-AC32-B2D350F89400}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{ACE60D0D-DF42-4A17-8D0E-96F8D47E0964}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C930928F-6B5C-410E-A422-917F35FF483D}" = rport=137 | protocol=17 | dir=out | app=system |
"{D3360DDE-808D-4F4C-98B3-D9C5EBF848EC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D600AFF2-E01F-4EBD-9045-94692AFD342A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EC5B24BB-7C3F-4C2E-BA98-A7673D7CB047}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE6BA617-0BE6-43B9-8B7B-43A3E831DC98}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F59D0ADA-A475-4C05-987B-2D5A08480A94}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C2E9EA-01E7-4DE3-A05F-49D055B6588E}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{0C6E88F8-80EC-4CCE-86B8-E863BF22B988}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{211D376B-3F15-48AB-87CD-0E1514605D22}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{2F2C5FEF-EBA0-4843-820D-0A6A1A852CFE}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\install\data\disk1\setup.exe |
"{3809B2F6-F457-4586-AD70-27EF6D70ABD6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AF5EA17-E555-41B4-9D61-33070F4C42DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B1C067C-7621-4392-9DA7-9ACE411DD860}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3F58E7A7-08EC-486A-9315-110DF6577BAB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{4B7ECB67-03B0-441D-A60C-487FC776BD8E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4E4012EA-B533-4295-9F3E-4EAF59EEE81F}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{4FE090A0-755C-40EE-A7EA-B6ED6F683AFB}" = dir=in | app=c:\program files\microsoft xna\xna game studio\v4.0\bin\xnaliveproxy.exe |
"{66C1A355-BBC0-4DD4-B52E-B0A746695CCA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7D7B858C-6BDE-4082-8568-ED1A1F5DCB4D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{80B0FFA5-3E60-4566-915F-AB015D776054}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{85F23A58-B4D3-47E1-8BC0-C4E70EC3CC54}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{8A11EB3C-1B52-46B5-B0AD-E384C2567B26}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{92B083AD-5A25-4AEB-8441-DBF520E0284F}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{9CC61EE7-4953-4962-B9A5-3DD65CE8A789}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{9E4773CC-E72A-4503-AA58-2F217662B238}" = dir=in | app=c:\program files\microsoft xna\xna game studio\v3.1\bin\xnaliveproxy.exe |
"{A14723CD-BEB5-4748-9FB4-2FDF3258F636}" = protocol=17 | dir=in | app=c:\users\spencer\appdata\roaming\dropbox\bin\dropbox.exe |
"{A5970757-CAA4-46B1-8FAF-3B10F65F3724}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A7368DD1-C2ED-47A7-98C6-1C9A0009CCC9}" = protocol=6 | dir=in | app=c:\users\spencer\appdata\roaming\dropbox\bin\dropbox.exe |
"{B26E0519-BDF5-425D-805B-C32519126D30}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B66F857D-7BD4-4EE2-98F8-A0573F46A52B}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{B6BAD3C6-4B76-4CF5-B6BA-603984D067E7}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{B742EF41-4829-419C-81D0-5CCD2B2C5E4C}" = dir=in | app=c:\program files\common files\microsoft shared\xna\xnatrans\v3.0\xnatransx.exe |
"{B860C31E-DD35-4FF7-937F-DB55A0FC9D89}" = protocol=6 | dir=out | app=system |
"{E6E73279-EF0D-4594-BC42-8F4C2A110CE8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8B795AE-2615-494A-9929-FC41D951910E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECABEE9B-59E4-4174-938D-358FC900D388}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF7262E6-7C8C-489B-9F9D-8A0336CEEDFB}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware workstation\vmware-authd.exe |
"{F2BAE63A-6150-45D0-911A-9FA8620B6FAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F88552DB-4299-42D7-88A6-A279313752DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB38D306-EE2E-48A5-AE09-E67BED1F6BD3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FDE35096-DAB8-4926-BB87-91CEDBCE15C7}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\install\data\disk1\setup.exe |
"TCP Query User{3F2247E6-23A3-4864-947A-71B4111A951F}C:\program files\xchat-wdk\xchat.exe" = protocol=6 | dir=in | app=c:\program files\xchat-wdk\xchat.exe |
"TCP Query User{8CB13CF6-DEB7-4756-99A0-9D0A25D75DE8}C:\mircbot\mirc.exe" = protocol=6 | dir=in | app=c:\mircbot\mirc.exe |
"TCP Query User{B10A534A-75A7-4892-8B33-6CE563A6040E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{CD801980-5517-4A45-9790-4BC0C3AEF3BD}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{0449FDE1-DAA3-4CA7-BD46-B396C5D4BA91}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{3EA2D4B8-B533-4089-B754-891339144D16}C:\program files\xchat-wdk\xchat.exe" = protocol=17 | dir=in | app=c:\program files\xchat-wdk\xchat.exe |
"UDP Query User{697067B2-249D-4C95-821A-125548A00B3A}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{C506B4B0-00F9-420D-9473-7714596A6595}C:\mircbot\mirc.exe" = protocol=17 | dir=in | app=c:\mircbot\mirc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.1 (Platformer)
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.1 (Redists)
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1235083F-52F9-44CC-9DF5-F9B7802BB9B7}" = ISO Recorder
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{185292F7-7C0A-4F72-B2CC-CBEBD40B050E}" = Microsoft SQL Server 2008 R2 Native Client
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{21E7A706-31FF-46AA-A294-FA4A8917B59F}" = Microsoft ASP.NET MVC 3 - VWD Express 2010 Tools Update
"{22025051-1991-48EB-8BE8-7A3329DAE7ED}" = IIS 7.5 Express
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2E295B5B-1AD4-4d36-97C2-A316084722CF}" = Python 2.7.2
"{2F141715-E144-48C0-8562-D193B7AB85BC}" = Microsoft SQL Server Compact 4.0 ENU
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++ Compilers 2010 Standard - enu - x86
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3A504FB1-9593-48B4-81AE-D39F37EF7139}" = TortoiseSVN 1.7.3.22386 (32 bit)
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BA37E38-B53D-4520-B8DA-1DD62AD3A74E}" = Microsoft XNA Game Studio 3.1 (VCSExpress)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CFFC382-6C23-42CB-8B1E-625F9F84E362}" = Microsoft ASP.NET Web Pages - VWD Express 2010 Tools
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{41A01180-D9FD-3428-9FD6-749F4C637CBF}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{46F8CF66-AB83-38A7-99B2-A5BE507EE472}" = Microsoft Visual C++ 2010 Express - ENU
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C5D15D2-5351-4F05-A96E-56C20554F977}" = RollerCoaster Tycoon 2 Triple Thrill Pack
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{4E3E9F50-0068-440B-BCD1-DB28AA667BA3}" = PHP 5.3.8
"{5134B35A-B559-4762-94A4-FD4918977953}" = Microsoft Web Deploy 2.0
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{53A29530-55DF-4B19-8C70-066ED22046BD}" = InstallShield 2010 Expansion Pack for Visual Studio 2010
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5BDFAB82-060E-438B-AB4F-A2331B2294C0}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{611E3800-CE31-4953-8AD4-5657B6EE7ACF}" = Oracle VM VirtualBox 4.1.8
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7E00A9F0-BBCC-4CD2-9310-ECF29D116D01}" = Phalanger 2.1 (October 2011) for .NET 4.0
"{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.1 Documentation
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{85076DFF-7A17-3566-9CC0-488E6E6D4494}" = Microsoft Visual Web Developer 2010 Express - ENU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CE57049-ECC4-4B93-9DCD-74B117592637}" = InstallShield 2010 SP1
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A5630CB0-6D3C-4C93-9A51-03BEB835A982}" = NuGet
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AF86B015-1024-4C7A-9A79-34624A754E91}" = IntelliStar Emulator
"{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.1 (Shared Components)
"{B2C4F577-F756-4897-9B59-60DFBE074F75}" = Simple Money Manager Standard
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}" = Microsoft ASP.NET MVC 3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.1 (XnaLiveProxy)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.1 (ARP entry)
"{EC40F18F-1105-4B30-ABBD-6895393F037F}" = WeatherSTAR 4000 emulator
"{ED780CA9-0687-3C12-B439-3369F224941F}" = Microsoft Visual Studio 2010 Service Pack 1
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"7-Zip" = 7-Zip 9.20
"AceMoney Lite_is1" = AceMoney Lite
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AI RoboForm" = RoboForm 7-7-4 (All Users)
"Any Video Converter_is1" = Any Video Converter 3.3.1
"BB FlashBack Express" = BB FlashBack Express
"Bejeweled 31.0" = Bejeweled 3
"CCleaner" = CCleaner
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"FileZilla Client" = FileZilla Client 3.5.3
"Free PDF Tablet" = Free PDF Tablet 0.1
"Git_is1" = Git version 1.7.9-preview20120201
"Gizmo Central" = Gizmo Central
"GR2Analyst_is1" = GR2Analyst Version 1.71
"HyperCam 2" = HyperCam 2
"Hyperionics DB Toolbar" = Hyperionics DB Toolbar
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual C++ 2010 Express - ENU" = Microsoft Visual C++ 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Web Developer 2010 Express - ENU" = Microsoft Visual Web Developer 2010 Express - ENU
"mIRC" = mIRC
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Splitter & Joiner_is1" = MP3 Splitter & Joiner 3.41
"N360" = Norton 360
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PerformanceTest 7_is1" = PerformanceTest v7.0
"Plants vs. Zombies" = Plants vs. Zombies
"Roadsend Compiler_is1" = Roadsend Compiler 2.0.0
"Roadsend PHP_is1" = Roadsend PHP 2.9.0 beta
"Sandboxie" = Sandboxie 3.64 (32-bit)
"Supermarket Mania 2 1.00" = Supermarket Mania 2 1.00
"TeamViewer 7" = TeamViewer 7
"VMware_Workstation" = VMware Workstation
"WebSite Downloader" = WebSite Downloader 1.1
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR 4.10 beta 2 (32-bit)
"Wireshark" = Wireshark 1.6.4
"xampp" = XAMPP 1.7.7
"XChat-WDK (x86)_is1" = XChat-WDK (x86)
"XChat-WDK Spelling Dictionaries_is1" = XChat-WDK Spelling Dictionaries
"XNA Game Studio 3.1" = Microsoft XNA Game Studio 3.1
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2309691462-207129498-3248361963-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/29/2012 11:46:17 AM | Computer Name = Compaq-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 448 Start
Time: 01cd261b31dd2f20 Termination Time: 30 Application Path: C:\Windows\explorer.exe

Report
Id: 6f7097b1-9212-11e1-85d6-005056c00008

Error - 4/30/2012 5:03:41 PM | Computer Name = Compaq-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: e2c Start
Time: 01cd2618fd304ca0 Termination Time: 120 Application Path: C:\Windows\Explorer.EXE

Report
Id: f3c5a501-9307-11e1-85d6-005056c00008

Error - 4/30/2012 6:44:16 PM | Computer Name = Compaq-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Gizmo\glauncher-x64.exe".
Dependent
Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 4/30/2012 6:44:38 PM | Computer Name = Compaq-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files\Microsoft
Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe". Dependent Assembly
Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/1/2012 5:33:21 PM | Computer Name = Compaq-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 11f0 Start
Time: 01cd27e080198c80 Termination Time: 0 Application Path: C:\Windows\Explorer.EXE

Report
Id: 42486f51-93d5-11e1-8c2e-005056c00008

Error - 5/1/2012 6:12:03 PM | Computer Name = Compaq-PC | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: SHELL32.dll, version: 6.1.7601.17755,
time stamp: 0x4f0412de Exception code: 0xc0000005 Fault offset: 0x000b4b21 Faulting
process id: 0x2fd8 Faulting application start time: 0x01cd27e20813c550 Faulting application
path: C:\Windows\explorer.exe Faulting module path: C:\Windows\system32\SHELL32.dll
Report
Id: adbf2b70-93da-11e1-8c2e-005056c00008

Error - 5/3/2012 6:09:53 PM | Computer Name = Compaq-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Gizmo\glauncher-x64.exe".
Dependent
Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/3/2012 6:10:14 PM | Computer Name = Compaq-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\Program Files\Microsoft
Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe". Dependent Assembly
Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 5/4/2012 4:10:03 PM | Computer Name = Compaq-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b2c Start
Time: 01cd296ca55f37a0 Termination Time: 42 Application Path: C:\Windows\Explorer.EXE

Report
Id: 1e3e4fb1-9625-11e1-85e7-005056c00008

Error - 5/5/2012 10:46:32 AM | Computer Name = Compaq-PC | Source = Application Hang | ID = 1002
Description = The program mbam.exe version 1.60.0.80 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 4054 Start Time:
01cd2acda98ae1f0 Termination Time: 14 Application Path: C:\Program Files\Malwarebytes'
Anti-Malware\mbam.exe Report Id: 14c8d491-96c1-11e1-85e7-005056c00008

[ System Events ]
Error - 5/1/2012 8:29:28 AM | Computer Name = Compaq-PC | Source = DCOM | ID = 10016
Description =

Error - 5/1/2012 5:15:22 PM | Computer Name = Compaq-PC | Source = Service Control Manager | ID = 7024
Description = The Apache2.2 service terminated with service-specific error %%1.

Error - 5/1/2012 5:16:41 PM | Computer Name = Compaq-PC | Source = HTTP | ID = 15005
Description =

Error - 5/1/2012 5:16:42 PM | Computer Name = Compaq-PC | Source = Service Control Manager | ID = 7023
Description = The Web Deployment Agent Service service terminated with the following
error: %%-2146233088

Error - 5/1/2012 5:18:05 PM | Computer Name = Compaq-PC | Source = DCOM | ID = 10016
Description =

Error - 5/3/2012 4:37:21 PM | Computer Name = Compaq-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:35:33 PM on ?5/?3/?2012 was unexpected.

Error - 5/3/2012 4:37:41 PM | Computer Name = Compaq-PC | Source = HTTP | ID = 15005
Description =

Error - 5/3/2012 4:37:41 PM | Computer Name = Compaq-PC | Source = Service Control Manager | ID = 7023
Description = The Web Deployment Agent Service service terminated with the following
error: %%-2146233088

Error - 5/3/2012 4:38:42 PM | Computer Name = Compaq-PC | Source = DCOM | ID = 10016
Description =

Error - 5/5/2012 3:02:49 AM | Computer Name = Compaq-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.


< End of report >

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#7 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 06 May 2012 - 10:50 AM

There is indeed some malware running here.

COMBOFIX
---------------
Please download ComboFix from one of these locations:
Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#8 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 07 May 2012 - 01:33 PM

Question: Why did it remove my IntelliStar Emulator Project files?

ComboFix 12-05-07.02 - Spencer 05/07/2012 13:32:38.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3454.2083 [GMT -4:00]
Running from: c:\users\Spencer\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Spybot - Search & Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Hyperionics DB Toolbar\tbHElper.dll
c:\users\Spencer\111
c:\users\Spencer\111\21321\_UpgradeReport_Files\UpgradeReport.css
c:\users\Spencer\111\21321\_UpgradeReport_Files\UpgradeReport.xslt
c:\users\Spencer\111\21321\_UpgradeReport_Files\UpgradeReport_Minus.gif
c:\users\Spencer\111\21321\_UpgradeReport_Files\UpgradeReport_Plus.gif
c:\users\Spencer\111\21321\Backup\WindowsApplication2.sln
c:\users\Spencer\111\21321\Backup\WindowsApplication2\Form1.Designer.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\Form1.resx
c:\users\Spencer\111\21321\Backup\WindowsApplication2\Form1.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Application.Designer.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Application.myapp
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\AssemblyInfo.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Resources.Designer.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Resources.resx
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Settings.Designer.vb
c:\users\Spencer\111\21321\Backup\WindowsApplication2\My Project\Settings.settings
c:\users\Spencer\111\21321\Backup\WindowsApplication2\WindowsApplication2.vbproj
c:\users\Spencer\111\21321\Backup\WindowsApplication2\WindowsApplication2.vbproj.user
c:\users\Spencer\111\21321\UpgradeLog.XML
c:\users\Spencer\111\21321\WindowsApplication2.sln
c:\users\Spencer\111\21321\WindowsApplication2.suo
c:\users\Spencer\111\21321\WindowsApplication2\bin\Debug\1.wmv
c:\users\Spencer\111\21321\WindowsApplication2\bin\Debug\WindowsApplication2.pdb
c:\users\Spencer\111\21321\WindowsApplication2\bin\Debug\WindowsApplication2.vshost.exe
c:\users\Spencer\111\21321\WindowsApplication2\bin\Debug\WindowsApplication2.vshost.exe.manifest
c:\users\Spencer\111\21321\WindowsApplication2\bin\Debug\WindowsApplication2.xml
c:\users\Spencer\111\21321\WindowsApplication2\Form1.Designer.vb
c:\users\Spencer\111\21321\WindowsApplication2\Form1.resx
c:\users\Spencer\111\21321\WindowsApplication2\Form1.vb
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Application.Designer.vb
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Application.myapp
c:\users\Spencer\111\21321\WindowsApplication2\My Project\AssemblyInfo.vb
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Resources.Designer.vb
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Resources.resx
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Settings.Designer.vb
c:\users\Spencer\111\21321\WindowsApplication2\My Project\Settings.settings
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\DesignTimeResolveAssemblyReferencesInput.cache
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\GenerateResource.read.1.tlog
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\GenerateResource.write.1.tlog
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\TempPE\My Project.Resources.Designer.vb.dll
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\WindowsApplication2.Form1.resources
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\WindowsApplication2.pdb
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\WindowsApplication2.Resources.resources
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\WindowsApplication2.vbproj.FileListAbsolute.txt
c:\users\Spencer\111\21321\WindowsApplication2\obj\Debug\WindowsApplication2.xml
c:\users\Spencer\111\21321\WindowsApplication2\WindowsApplication2.vbproj
c:\users\Spencer\111\21321\WindowsApplication2\WindowsApplication2.vbproj.user
c:\users\Spencer\111\Intellistar Emulator.sln
c:\users\Spencer\111\Intellistar Emulator\app.config
c:\users\Spencer\111\Intellistar Emulator\ApplicationEvents.cs
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\0.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\0.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\0.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\0s.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\1.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\1.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\1.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\10.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\10.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\10.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\100.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\101.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\102.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\103.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\104.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\105.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\106.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\107.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\108.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\109.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\11.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\11.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\11.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\110.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\111.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\112.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\113.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\114.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\115.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\116.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\117.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\118.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\119.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\12.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\12.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\12.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\120.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\121.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\122.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\123.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\124.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\125.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\126.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\127.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\128.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\129.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\13.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\13.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\13.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\130.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\131.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\132.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\133.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\134.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\135.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\136.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\137.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\138.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\139.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\14.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\14.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\14.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\15.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\15.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\15.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\16.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\16.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\16.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\17.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\17.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\17.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\18.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\18.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\18.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\19.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\19.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\19.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\1L.JPG
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\1s.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\2.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\2.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\2.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\20.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\20.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\20.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\21.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\21.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\21.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\22.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\22.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\22.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\23.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\23.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\23.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\24.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\24.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\24.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\25.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\25.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\25.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\26.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\26.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\26.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\27.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\27.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\27.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\28.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\28.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\28.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\29.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\29.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\29.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\2L.JPG
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\3.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\3.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\3.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\30.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\30.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\30.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\31.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\31.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\31.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\32.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\32.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\32.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\3200.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\33.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\33.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\33.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\34.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\34.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\34.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\35.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\35.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\36.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\36.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\36.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\37.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\37.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\37.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\38.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\38.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\38.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\39.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\39.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\39.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\3L.JPG
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\4.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\4.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\4.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\40.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\40.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\40.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\41.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\41.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\41.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\42.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\42.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\42.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\43.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\43.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\43.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\44.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\44.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\44.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\45.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\45.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\45.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\46.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\46.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\46.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\47.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\47.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\47.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\48.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\49.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\4L.JPG
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\5.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\5.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\5.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\50.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\51.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\52.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\53.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\54.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\55.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\56.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\57.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\58.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\59.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\5L.JPG
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\6.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\6.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\6.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\60.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\61.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\62.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\63.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\64.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\65.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\66.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\67.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\68.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\69.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\7.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\7.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\7.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\70.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\71.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\72.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\73.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\74.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\75.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\76.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\77.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\78.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\79.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\7DAYFCST.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\8.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\8.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\8.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\80.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\81.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\82.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\83.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\84.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\85.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\86.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\87.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\88.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\89.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\9.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\9.gif
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\9.png
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\90.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\91.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\92.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\93.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\94.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\95.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\96.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\97.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\98.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\99.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\ALERTS.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\AxInterop.WMPLib.dll
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\beep.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blizzard.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Dust.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Sand in the Vicinity.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Sand Nearby.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Sand.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Snow 2.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Blowing Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\CC_INTRO1.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\CC_INTRO2.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\CCONDIT.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Clear and Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Clear.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Cloudy and Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Cloudy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\CONFIG.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Drifting Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Drizzle & Fog.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Drizzle.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Dust Storm.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\error.txt
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Fair & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Fair.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Foggy Conditions.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\FORECAST.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\forecastTranslation.xml
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Freezing Drizzle (1).dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Freezing Drizzle (2).dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Freezing Rain (1).dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Freezing Rain (2).dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Haze.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Rain & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Rain & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Sleet & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Sleet & Thunder.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Sleet.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Snow & Thunder.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Snow & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Heavy Thunderstorm.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Ice Crystals.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.exe
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.exe.config
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.pdb
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe.config
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe.manifest
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.xml
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\IntelliStar.7z
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Interop.WMPLib.dll
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Light Drizzle.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Light Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Light Snow & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Light Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\LOCAL_DOPPLER.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\LOCAL_DOPPLER_1.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M1.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M10.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M11.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M12.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M13.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M14.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M15.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M16.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M17.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M18.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M19.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M2.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M20.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M21.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M22.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M23.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M24.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M25.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M26.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M27.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M28.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M29.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M3.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M30.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M31.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M32.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M33.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M34.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M35.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M36.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M37.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M38.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M39.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M4.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M40.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M41.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M42.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M43.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M44.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M45.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M46.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M47.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M48.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M49.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M5.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M50.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M51.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M52.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M53.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M54.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M55.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M56.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M57.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M58.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M59.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M6.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M60.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M61.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M62.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M63.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M64.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M65.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M66.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M67.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M68.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M69.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M7.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M70.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M71.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M72.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M73.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M74.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M75.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M76.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M77.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M78.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M79.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M8.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M80.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M81.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M82.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M83.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M84.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M85.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M86.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M87.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M88.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M89.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M9.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M90.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M91.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M92.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M93.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M94.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M95.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M96.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M97.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M98.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\M99.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Microsoft.DirectX.AudioVideoPlayback.dll
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Mostly Cloudy & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Mostly Cloudy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Partly Cloudy & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Partly Cloudy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Rain & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Rain & Sleet.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Rain & Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Rain & Some Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\RCONDIT1.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\RCONDIT2.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\RCONDIT3.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\RCONDIT4.XML
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sand Storm in the Vicinity.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sand Storm.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers & Foggy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers in the Vicinity & Fog.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers in the Vicinity & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers in the Vicinity.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers Nearby.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Showers.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sleet & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sleet.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Smoke.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Snow & Freezing Rain.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Snow & Sleet.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Snow Flurries.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Snow Showers.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Snow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Strong Thunderstorm & Hail.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Strong Thunderstorm.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sunny & Windy.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Sunny.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Thunder.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Thundersleet.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Thundersnow.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Thunderstorm.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Windy Conditions.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Wintry Mix & Thunder.dat
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Wintry Mix.dat
c:\users\Spencer\111\Intellistar Emulator\Cleanup.cs
c:\users\Spencer\111\Intellistar Emulator\Cleanup.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog1.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog1.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog2.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog2.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog3.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog3.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog4.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog4.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog5.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog5.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog6.cs
c:\users\Spencer\111\Intellistar Emulator\Dialog6.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\extw.cs
c:\users\Spencer\111\Intellistar Emulator\extw.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\fcst.cs
c:\users\Spencer\111\Intellistar Emulator\Form1.cs
c:\users\Spencer\111\Intellistar Emulator\Form1.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form10.cs
c:\users\Spencer\111\Intellistar Emulator\Form10.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form11.cs
c:\users\Spencer\111\Intellistar Emulator\Form11.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form12.cs
c:\users\Spencer\111\Intellistar Emulator\Form12.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form13.cs
c:\users\Spencer\111\Intellistar Emulator\Form13.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form14.cs
c:\users\Spencer\111\Intellistar Emulator\Form14.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form15.cs
c:\users\Spencer\111\Intellistar Emulator\Form15.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form16.cs
c:\users\Spencer\111\Intellistar Emulator\Form16.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form17.cs
c:\users\Spencer\111\Intellistar Emulator\Form17.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form2.cs
c:\users\Spencer\111\Intellistar Emulator\Form2.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form3.cs
c:\users\Spencer\111\Intellistar Emulator\Form3.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form4.cs
c:\users\Spencer\111\Intellistar Emulator\Form4.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form5.cs
c:\users\Spencer\111\Intellistar Emulator\Form5.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form6.cs
c:\users\Spencer\111\Intellistar Emulator\Form6.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form7.cs
c:\users\Spencer\111\Intellistar Emulator\Form7.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form8.cs
c:\users\Spencer\111\Intellistar Emulator\Form8.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Form9.cs
c:\users\Spencer\111\Intellistar Emulator\Form9.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Intellistar Emulator.csproj
c:\users\Spencer\111\Intellistar Emulator\Intellistar Emulator.suo
c:\users\Spencer\111\Intellistar Emulator\Intellistar Emulator.vbproj.user
c:\users\Spencer\111\Intellistar Emulator\LDL.cs
c:\users\Spencer\111\Intellistar Emulator\LDL.Designer - Copy.cs
c:\users\Spencer\111\Intellistar Emulator\LDL.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Module1.cs
c:\users\Spencer\111\Intellistar Emulator\My Project\Application.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\My Project\AssemblyInfo.cs
c:\users\Spencer\111\Intellistar Emulator\My Project\Resources.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\My Project\Resources.resx
c:\users\Spencer\111\Intellistar Emulator\My Project\Settings.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\AxInterop.WMPLib.dll
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\DesignTimeResolveAssemblyReferencesInput.cache
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\GenerateResource.read.1.tlog
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\GenerateResource.write.1.tlog
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\Intellistar Emulator.csproj.FileListAbsolute.txt
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\Intellistar Emulator.csproj.ResolveComReference.cache
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\Intellistar_Emulator.Resources.resources
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\Interop.WMPLib.dll
c:\users\Spencer\111\Intellistar Emulator\obj\x86\Debug\ResolveAssemblyReference.cache
c:\users\Spencer\111\Intellistar Emulator\Parsing.cs
c:\users\Spencer\111\Intellistar Emulator\Properties\Resources.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Properties\Resources.resx
c:\users\Spencer\111\Intellistar Emulator\Resources\0.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\1.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\10.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\11.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\12.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\12.png
c:\users\Spencer\111\Intellistar Emulator\Resources\13.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\14.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\15.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\15.png
c:\users\Spencer\111\Intellistar Emulator\Resources\16.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\16.png
c:\users\Spencer\111\Intellistar Emulator\Resources\17.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\18.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\19.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\2.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\20.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\21.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\22.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\23.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\24.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\2405805-glassy-blue-exclamation-button.png
c:\users\Spencer\111\Intellistar Emulator\Resources\25.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\26.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\27.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\27355468_27011216_22e2415bcbb0.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\28.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\29.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\3.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\30.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\31.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\32.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\33.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\34.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\36.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\37.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\38.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\39.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\4.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\40.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\41.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\42.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\43.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\44.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\45.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\46.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\47.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\5.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\6.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\7.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\7_Day_Forecast.png
c:\users\Spencer\111\Intellistar Emulator\Resources\7DAYFCST.png
c:\users\Spencer\111\Intellistar Emulator\Resources\8.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\9.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\Alerts.png
c:\users\Spencer\111\Intellistar Emulator\Resources\animated_lightning.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\animated_lightning_left.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\BAKGROUNDA.BMP
c:\users\Spencer\111\Intellistar Emulator\Resources\blue-folder--exclamation.png
c:\users\Spencer\111\Intellistar Emulator\Resources\canstock2816877.png
c:\users\Spencer\111\Intellistar Emulator\Resources\CC.png
c:\users\Spencer\111\Intellistar Emulator\Resources\CC_REG-AL.png
c:\users\Spencer\111\Intellistar Emulator\Resources\CC_REG_ALL_NEW.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Clds.jpeg
c:\users\Spencer\111\Intellistar Emulator\Resources\clear.png
c:\users\Spencer\111\Intellistar Emulator\Resources\clouds.jpg
c:\users\Spencer\111\Intellistar Emulator\Resources\Copy (5) of New_TEMPLATE.png
c:\users\Spencer\111\Intellistar Emulator\Resources\cross-circle.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Current_Conditions.png
c:\users\Spencer\111\Intellistar Emulator\Resources\CurrentConditions_new.png
c:\users\Spencer\111\Intellistar Emulator\Resources\CurrentConditions_new1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\documents.png
c:\users\Spencer\111\Intellistar Emulator\Resources\EXT_FCST_NEW.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Extended Forecast.png
c:\users\Spencer\111\Intellistar Emulator\Resources\flag--exclamation.png
c:\users\Spencer\111\Intellistar Emulator\Resources\flag-gray.png
c:\users\Spencer\111\Intellistar Emulator\Resources\flag-green.png
c:\users\Spencer\111\Intellistar Emulator\Resources\flag-yellow.png
c:\users\Spencer\111\Intellistar Emulator\Resources\forecast.png
c:\users\Spencer\111\Intellistar Emulator\Resources\FORECAST_NEW.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Forecast1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Forecast2.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Getaway forecast.png
c:\users\Spencer\111\Intellistar Emulator\Resources\image_preview.jpeg
c:\users\Spencer\111\Intellistar Emulator\Resources\LDL.png
c:\users\Spencer\111\Intellistar Emulator\Resources\LDL1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\lot8snarration.wav
c:\users\Spencer\111\Intellistar Emulator\Resources\New_Final_CC.png
c:\users\Spencer\111\Intellistar Emulator\Resources\NEW_RAD.png
c:\users\Spencer\111\Intellistar Emulator\Resources\NewFCST.png
c:\users\Spencer\111\Intellistar Emulator\Resources\OrangeLDL1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\radarnarration.wav
c:\users\Spencer\111\Intellistar Emulator\Resources\RadarSat.png
c:\users\Spencer\111\Intellistar Emulator\Resources\RadarSat1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\RadarSat2007.png
c:\users\Spencer\111\Intellistar Emulator\Resources\RadarSat20071.png
c:\users\Spencer\111\Intellistar Emulator\Resources\RedLDL1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\REG_ALL.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Reg_All_CC.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Reg_All_CC1.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Regional_Conditions.png
c:\users\Spencer\111\Intellistar Emulator\Resources\RegRadar.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Satellite3-DayBlackFont.png
c:\users\Spencer\111\Intellistar Emulator\Resources\snow-animation2.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\snow-animation21.gif
c:\users\Spencer\111\Intellistar Emulator\Resources\SWA2007.png
c:\users\Spencer\111\Intellistar Emulator\Resources\TEMPLATE.png
c:\users\Spencer\111\Intellistar Emulator\Resources\TF2007.png
c:\users\Spencer\111\Intellistar Emulator\Resources\Thumbs.db
c:\users\Spencer\111\Intellistar Emulator\Resources\TWCBlackBar2.png
c:\users\Spencer\111\Intellistar Emulator\Resources\weekendrectangle.png
c:\users\Spencer\111\Intellistar Emulator\Resources\xl36.wav
c:\users\Spencer\111\Intellistar Emulator\Resources\xl7day.wav
c:\users\Spencer\111\Intellistar Emulator\Resources\xlcc.wav
c:\users\Spencer\111\Intellistar Emulator\Resources\YellowLDL1.png
c:\users\Spencer\111\Intellistar Emulator\Settings.cs
c:\users\Spencer\111\Intellistar Emulator\SplashScreen1.cs
c:\users\Spencer\111\Intellistar Emulator\SplashScreen1.Designer.cs
c:\users\Spencer\111\Intellistar Emulator\Visual Studio 2010\Backup Files\Intellistar Emulator\~AutoRecover.Dialog1.cs
c:\users\Spencer\111\Intellistar Emulator\Visual Studio 2010\Backup Files\Intellistar Emulator\~AutoRecover.Form3.cs
c:\users\Spencer\111\Intellistar Emulator\Visual Studio 2010\Backup Files\Intellistar Emulator\~AutoRecover.Intellistar Emulator.csproj
c:\users\Spencer\111\Intellistar Emulator\Visual Studio 2010\Visualizers\autoexp.cs
c:\users\Spencer\111\Intellistar Emulator\Visual Studio 2010\Visualizers\autoexpce.cs
c:\users\Spencer\AppData\Local\assembly\tmp
c:\users\Spencer\AppData\Local\Minibar
c:\users\Spencer\AppData\Local\Minibar\chrome\background.html
c:\users\Spencer\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Spencer\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Spencer\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Spencer\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Spencer\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Spencer\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Spencer\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Spencer\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Spencer\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Spencer\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Spencer\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Spencer\AppData\Local\Minibar\chrome\main.js
c:\users\Spencer\AppData\Local\Minibar\chrome\manifest.json
c:\users\Spencer\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Spencer\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Spencer\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Spencer\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Spencer\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Spencer\AppData\Local\Minibar\chrome\popup.html
c:\users\Spencer\AppData\Local\Minibar\chrome\popup.js
c:\users\Spencer\AppData\Local\Minibar\chrome\tab.html
c:\users\Spencer\AppData\Local\Minibar\chrome\tab.js
c:\users\Spencer\AppData\Local\Minibar\chrome_installer.js
c:\users\Spencer\AppData\Local\Minibar\common.js
c:\users\Spencer\AppData\Local\Minibar\install.json
c:\users\Spencer\AppData\Local\Minibar\minibar.crx
c:\users\Spencer\AppData\Local\Minibar\sqlite3.exe
c:\users\Spencer\AppData\Local\Minibar\Uninstall.exe
c:\users\Spencer\Spencer
c:\windows\isRS-000.tmp
F:\autorun.inf
F:\setup.exe
f:\ticket-tracker\Ticket-Tracker\bin\Debug\Ticket-Tracker.vshost.exe
.
----- File Replicators -----
.
c:\all emulator stuff\Emulator Project\Code - Copy\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
c:\all emulator stuff\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
c:\all emulator stuff\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debugg\Intellistar Emulator.vshost.exe
c:\installshield 2010 projects\My Project Name-2\Product Configuration 1\Release 1\DiskImages\DISK1\program files\IntelliStar Emulator\IntelliStar Emulator\Intellistar Emulator.vshost.exe
c:\installshield 2010 projects\My Project Name-2\Product Configuration 1\Release 1\DiskImages\DISK1\program files\IntelliStar Emulator\IntelliStar Emulator\IntelliStar Update.vshost.exe
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
c:\program files\Git\libexec\git-core\git-add.exe
c:\program files\Git\libexec\git-core\git-annotate.exe
c:\program files\Git\libexec\git-core\git-apply.exe
c:\program files\Git\libexec\git-core\git-archive.exe
c:\program files\Git\libexec\git-core\git-bisect--helper.exe
c:\program files\Git\libexec\git-core\git-blame.exe
c:\program files\Git\libexec\git-core\git-branch.exe
c:\program files\Git\libexec\git-core\git-bundle.exe
c:\program files\Git\libexec\git-core\git-cat-file.exe
c:\program files\Git\libexec\git-core\git-check-attr.exe
c:\program files\Git\libexec\git-core\git-check-ref-format.exe
c:\program files\Git\libexec\git-core\git-checkout-index.exe
c:\program files\Git\libexec\git-core\git-checkout.exe
c:\program files\Git\libexec\git-core\git-cherry-pick.exe
c:\program files\Git\libexec\git-core\git-cherry.exe
c:\program files\Git\libexec\git-core\git-clean.exe
c:\program files\Git\libexec\git-core\git-clone.exe
c:\program files\Git\libexec\git-core\git-commit-tree.exe
c:\program files\Git\libexec\git-core\git-commit.exe
c:\program files\Git\libexec\git-core\git-config.exe
c:\program files\Git\libexec\git-core\git-count-objects.exe
c:\program files\Git\libexec\git-core\git-describe.exe
c:\program files\Git\libexec\git-core\git-diff-files.exe
c:\program files\Git\libexec\git-core\git-diff-index.exe
c:\program files\Git\libexec\git-core\git-diff-tree.exe
c:\program files\Git\libexec\git-core\git-diff.exe
c:\program files\Git\libexec\git-core\git-fast-export.exe
c:\program files\Git\libexec\git-core\git-fetch-pack.exe
c:\program files\Git\libexec\git-core\git-fetch.exe
c:\program files\Git\libexec\git-core\git-fmt-merge-msg.exe
c:\program files\Git\libexec\git-core\git-for-each-ref.exe
c:\program files\Git\libexec\git-core\git-format-patch.exe
c:\program files\Git\libexec\git-core\git-fsck-objects.exe
c:\program files\Git\libexec\git-core\git-fsck.exe
c:\program files\Git\libexec\git-core\git-gc.exe
c:\program files\Git\libexec\git-core\git-get-tar-commit-id.exe
c:\program files\Git\libexec\git-core\git-grep.exe
c:\program files\Git\libexec\git-core\git-hash-object.exe
c:\program files\Git\libexec\git-core\git-help.exe
c:\program files\Git\libexec\git-core\git-index-pack.exe
c:\program files\Git\libexec\git-core\git-init-db.exe
c:\program files\Git\libexec\git-core\git-init.exe
c:\program files\Git\libexec\git-core\git-log.exe
c:\program files\Git\libexec\git-core\git-ls-files.exe
c:\program files\Git\libexec\git-core\git-ls-remote.exe
c:\program files\Git\libexec\git-core\git-ls-tree.exe
c:\program files\Git\libexec\git-core\git-mailinfo.exe
c:\program files\Git\libexec\git-core\git-mailsplit.exe
c:\program files\Git\libexec\git-core\git-merge-base.exe
c:\program files\Git\libexec\git-core\git-merge-file.exe
c:\program files\Git\libexec\git-core\git-merge-index.exe
c:\program files\Git\libexec\git-core\git-merge-ours.exe
c:\program files\Git\libexec\git-core\git-merge-recursive.exe
c:\program files\Git\libexec\git-core\git-merge-subtree.exe
c:\program files\Git\libexec\git-core\git-merge-tree.exe
c:\program files\Git\libexec\git-core\git-merge.exe
c:\program files\Git\libexec\git-core\git-mktag.exe
c:\program files\Git\libexec\git-core\git-mktree.exe
c:\program files\Git\libexec\git-core\git-mv.exe
c:\program files\Git\libexec\git-core\git-name-rev.exe
c:\program files\Git\libexec\git-core\git-notes.exe
c:\program files\Git\libexec\git-core\git-pack-objects.exe
c:\program files\Git\libexec\git-core\git-pack-redundant.exe
c:\program files\Git\libexec\git-core\git-pack-refs.exe
c:\program files\Git\libexec\git-core\git-patch-id.exe
c:\program files\Git\libexec\git-core\git-peek-remote.exe
c:\program files\Git\libexec\git-core\git-prune-packed.exe
c:\program files\Git\libexec\git-core\git-prune.exe
c:\program files\Git\libexec\git-core\git-push.exe
c:\program files\Git\libexec\git-core\git-read-tree.exe
c:\program files\Git\libexec\git-core\git-receive-pack.exe
c:\program files\Git\libexec\git-core\git-reflog.exe
c:\program files\Git\libexec\git-core\git-remote-ext.exe
c:\program files\Git\libexec\git-core\git-remote-fd.exe
c:\program files\Git\libexec\git-core\git-remote.exe
c:\program files\Git\libexec\git-core\git-replace.exe
c:\program files\Git\libexec\git-core\git-repo-config.exe
c:\program files\Git\libexec\git-core\git-rerere.exe
c:\program files\Git\libexec\git-core\git-reset.exe
c:\program files\Git\libexec\git-core\git-rev-list.exe
c:\program files\Git\libexec\git-core\git-rev-parse.exe
c:\program files\Git\libexec\git-core\git-revert.exe
c:\program files\Git\libexec\git-core\git-rm.exe
c:\program files\Git\libexec\git-core\git-send-pack.exe
c:\program files\Git\libexec\git-core\git-shortlog.exe
c:\program files\Git\libexec\git-core\git-show-branch.exe
c:\program files\Git\libexec\git-core\git-show-ref.exe
c:\program files\Git\libexec\git-core\git-show.exe
c:\program files\Git\libexec\git-core\git-stage.exe
c:\program files\Git\libexec\git-core\git-status.exe
c:\program files\Git\libexec\git-core\git-stripspace.exe
c:\program files\Git\libexec\git-core\git-symbolic-ref.exe
c:\program files\Git\libexec\git-core\git-tag.exe
c:\program files\Git\libexec\git-core\git-tar-tree.exe
c:\program files\Git\libexec\git-core\git-unpack-file.exe
c:\program files\Git\libexec\git-core\git-unpack-objects.exe
c:\program files\Git\libexec\git-core\git-update-index.exe
c:\program files\Git\libexec\git-core\git-update-ref.exe
c:\program files\Git\libexec\git-core\git-update-server-info.exe
c:\program files\Git\libexec\git-core\git-upload-archive.exe
c:\program files\Git\libexec\git-core\git-var.exe
c:\program files\Git\libexec\git-core\git-verify-pack.exe
c:\program files\Git\libexec\git-core\git-verify-tag.exe
c:\program files\Git\libexec\git-core\git-whatchanged.exe
c:\program files\Git\libexec\git-core\git-write-tree.exe
c:\program files\Git\libexec\git-core\git.exe
c:\program files\IntelliStar Emulator\IntelliStar Emulator\Intellistar Emulator.vshost.exe
c:\program files\IntelliStar Emulator\IntelliStar Emulator\IntelliStar Update.vshost.exe
c:\program files\Microsoft Visual Studio 10.0\Common7\IDE\vshost32.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\16707\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\16707\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\16707\ReaderUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\17407\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\17407\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\17407\ReaderUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\28313\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\28313\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\28313\ReaderUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\29690\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\29690\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\29690\ReaderUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\30973\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\30973\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\30973\ReaderUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\485\AcrobatUpdater.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\485\AdobeARMHelper.exe
c:\programdata\Adobe\ARM\Reader_10.1.1\485\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\16707\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\16707\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\16707\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\17407\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\17407\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\17407\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\28313\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\28313\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\28313\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\29690\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\29690\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\29690\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\30973\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\30973\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\30973\ReaderUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\485\AcrobatUpdater.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\485\AdobeARMHelper.exe
c:\users\All Users\Adobe\ARM\Reader_10.1.1\485\ReaderUpdater.exe
c:\users\Spencer\1\DirectX videoPlayer\bin\Debug\DirectX videoPlayer.vshost.exe
c:\users\Spencer\111\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\DirectX\21\bin\Debug\WindowsApplication3.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\Authentication\Authentication\bin\Debug\Authentication.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\DirectX Video\DirectX Video\bin\Debug\DirectX Video.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\Frost-Detector\Frost-Detector\bin\Debug\Frost-Detector.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\HelloWorld\HelloWorld\bin\Debug\HelloWorld.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\IntelliStar Update\IntelliStar Update\bin\Debug\IntelliStar Update.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\sdmgr.exe\sdmgr.exe\bin\Debug\sdmgr.exe.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\Ticket-Tracker\Ticket-Tracker\bin\Debug\Ticket-Tracker.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\track-it\track-it\bin\Debug\track-it.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\track-it\track-it\bin\Debug\WindowsApplication1.vshost.exe
c:\users\Spencer\Documents\Visual Studio 2010\Projects\WindowsApplication1\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe
c:\users\Spencer\Music\bin\Debug\Intellistar Emulator.vshost.exe
f:\all emulator stuff\Emulator Project\Code - Copy\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\all emulator stuff\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\backup of gateway\inc\Crapola soft\Crapolasoft Global Bussisness\Crapolasoft Global Bussisness\bin\Debug\Crapolasoft Global Bussisness.vshost.exe
f:\backup of gateway\inc\Emulator Backup\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\backup of gateway\inc\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\backup of gateway\inc\New Folder\Storage\Trakit\Trak-It! Advanced Tracking Software!.vshost.exe
f:\backup of gateway\inc\Projects\GEN\Generate\Generate\bin\Debug\Generate.vshost.exe
f:\backup of gateway\inc\Projects\WFA\WindowsApplication1\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe
f:\gifted\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\gifted\Code\Intellistar Emulator\Intellistar Emulator\bin\Debugg\Intellistar Emulator.vshost.exe
f:\gifted\Emulator Project\Code - Copy\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\gifted\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\intellistar emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\intellistar emulator\u\Intellistar Emulator.vshost.exe
f:\isrepo\VB\IntelliStar Emulator\Emulator Project\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\isrepo\VB\IntelliStar Emulator\Emulator Project\Intellistar Emulator\bin\Debug\IntelliStar Update.vshost.exe
f:\isrepo\VB\IntelliStar Emulator\Update Projects\IntelliStar Update\IntelliStar Update\bin\Debug\IntelliStar Update.vshost.exe
f:\ticket-tracker\Ticket-Tracker\bin\Debug\Ticket-Tracker.vshost.exe
f:\trip to ag\Emulator\Emulator Project\Code - Copy\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\trip to ag\Emulator\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debug\Intellistar Emulator.vshost.exe
f:\trip to ag\Emulator\Emulator Project\Code\Intellistar Emulator\Intellistar Emulator\bin\Debugg\Intellistar Emulator.vshost.exe
f:\vb\embedded_font\embedded_font\bin\Debug\embedded_font.vshost.exe
f:\vb\Test OS\Test OS\bin\Debug\Test OS.vshost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-04-07 to 2012-05-07 )))))))))))))))))))))))))))))))
.
.
2012-05-07 17:55 . 2012-05-07 17:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-06 23:44 . 2012-05-06 23:44 -------- d-----w- c:\program files\QuickTime
2012-05-06 23:44 . 2012-05-06 23:44 -------- d-----w- c:\programdata\Apple Computer
2012-05-06 23:42 . 2012-05-06 23:42 -------- d-----w- c:\users\Spencer\AppData\Local\Apple
2012-05-06 23:42 . 2012-05-06 23:42 -------- d-----w- c:\programdata\Apple
2012-05-06 23:42 . 2012-05-06 23:42 -------- d-----w- c:\program files\Apple Software Update
2012-05-02 21:32 . 2012-05-02 23:27 -------- d-----w- c:\users\Spencer\AppData\Roaming\TeamViewer
2012-05-01 22:06 . 2012-05-01 22:06 -------- d-----w- c:\program files\TeamViewer
2012-04-29 15:41 . 2012-04-29 15:41 -------- d-----w- c:\program files\CCleaner
2012-04-27 20:45 . 2012-04-27 20:45 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-04-27 20:44 . 2012-04-27 20:44 157352 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-04-27 20:44 . 2012-04-27 20:44 129976 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-04-11 20:03 . 2012-05-04 22:57 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-11 07:01 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 07:01 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 07:01 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 07:01 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 07:00 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 07:00 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-10 03:36 . 2012-04-10 03:36 -------- d-----w- c:\program files\Common Files\Java
2012-04-10 03:35 . 2012-04-10 03:35 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-04 22:57 . 2011-10-29 01:42 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-10 03:35 . 2011-10-30 17:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 19:56 . 2011-12-23 01:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-20 01:08 . 2011-03-28 23:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-17 05:34 . 2012-03-14 09:43 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-14 09:43 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-14 09:43 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38 . 2012-03-14 09:46 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-04-27 20:44 . 2011-10-28 23:38 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 15:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Spencer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Spencer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-10-31 21:02 94208 ----a-w- c:\users\Spencer\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="-scheduler" [X]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-04-05 17356424]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-02-07 451856]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-03-19 108136]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"GizmoDriveDelegate"="c:\program files\Gizmo\gizmo.exe" [2011-11-22 223640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2011-10-05 3578272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2010-05-21 129584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\Spencer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Spencer\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-04-02 67400]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-10-05 892336]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-04-05 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-27 129976]
R3 MSICDSetup;MSICDSetup;E:\CDriver.sys [x]
R3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2011-09-09 1265216]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-31 1343400]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502010.003\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0502010.003\SYMEFA.SYS [2011-03-15 744568]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx86.sys [2012-04-02 821880]
S1 GizmoDrv;Gizmo Device Driver; [x]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120505.001\IDSvix86.sys [2012-04-28 368248]
S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\program files\Spybot - Search & Destroy 2\SDHookDrv32.sys [2011-10-05 38504]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502010.003\Ironx86.SYS [2010-11-16 136312]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0502010.003\SYMNETS.SYS [2011-04-21 299640]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 Gizmo Central;Gizmo Central;c:\program files\Gizmo\gservice.exe [2011-11-22 34728]
S2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe [2011-04-17 130008]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
S2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files\Spybot - Search & Destroy 2\SDHookSvc.exe [2011-10-05 130976]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-10-05 955816]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-10-05 169624]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-08 378984]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-05-21 70704]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-21 539184]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2011-12-07 4096]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-06 106104]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - MBAMSwissArmy
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 22:57]
.
2012-05-06 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2011-10-28 19:46]
.
2012-05-03 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2011-10-28 19:46]
.
2012-05-01 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2011-10-28 19:46]
.
.
------- Supplementary Scan -------
.
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{914E754E-3C2A-43C3-A03B-77DD412683A7}: NameServer = 208.67.222.222
FF - ProfilePath - c:\users\Spencer\AppData\Roaming\Mozilla\Firefox\Profiles\1jji5kqh.default\
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\5.2.1.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.1.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2309691462-207129498-3248361963-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2309691462-207129498-3248361963-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-05-07 14:25:25
ComboFix-quarantined-files.txt 2012-05-07 18:25
.
Pre-Run: 194,769,002,496 bytes free
Post-Run: 194,418,552,832 bytes free
.
- - End Of File - - 38FD9EA25EF34A9CDDB07FFA60461AE3

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#9 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 07 May 2012 - 02:20 PM

Looks like a legit program might have been deleted. Is Intellistar emulator a program you use?
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#10 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 07 May 2012 - 09:57 PM

Looks like a legit program might have been deleted. Is Intellistar emulator a program you use?


Its a program im writing. If you need proof http://intellistaremulator.x10.mx

(Im The Weather Guy)

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#11 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 08 May 2012 - 01:06 AM

No proof needed. :) Do you need the deleted files dequarantined or will you be able to just reinstall the program?

How are things running at this point?
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#12 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 08 May 2012 - 09:49 PM

[Window Title]
explorer.exe

[Content]


The remote procedure call failed and did not execute.


[OK]

Explorer freezes ocasionally and I just got this error.

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#13 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 09 May 2012 - 12:34 AM

Did you get that error only once or on a regular basis. Can you reboot your computer in safe mode with networking and see if you have the same issues or if explorer runs normally there.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#14 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 12 May 2012 - 12:03 PM

Only once, but explorer is still freezing occasionally.

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#15 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 12 May 2012 - 12:21 PM

Please do a clean boot and let me know if explorer still freezes. If not, enable applications one at a time and see which one causes the freezes.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#16 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 12 May 2012 - 11:32 PM

one more thing- The right click freeze thing is back.

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#17 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 13 May 2012 - 01:35 AM

Please see my previous post and try that. Most likely both issues are related.
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#18 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 14 May 2012 - 04:27 PM

I have a question, will that process take a long time? If it will is it ok if I wait until the weekend?

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×


#19 Elise

Elise

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 8,721 posts
  • Gender:Female
  • Location:Romania

Posted 15 May 2012 - 01:03 AM

Setting your system to clean boot doesn't take long, it only takes as much as altering the settings as described and rebooting the computer. :)
regards, Elise

If I am helping you and I haven't replied within 24 hours, please feel free to send me a PM.

Posted Image


#20 Bobc11

Bobc11

    Not what you would think...

  • Honorary Members
  • PipPipPipPipPip
  • 821 posts
  • Gender:Male
  • Location:Remote Host Closed Socket
  • Interests:Computers plants

Posted 15 May 2012 - 03:09 PM

OK another issue: My pc is canceling all UAC prompts when they appear. csrss.exe is always using 11-50% of the processor.

Starting clean boot thing now.

Be who you are,
Do what you do


×÷·.·´¯`·)»The Weather Guy/Bobc11«(·´¯`·.·÷×





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users