Infection on an SD memory card

[juliofelipe]

I plugged my camera into a computer at work and it picked up some malware. Now when I go to explore the contents of the SD card, instead of seeing the picture/video files, it shows 7 folders (shortcuts to Documents, Music, New Folder, Passwords, Video, and Pictures - and a folder called RECYCLER).

My virus scanner at work picked it up as having a Win32.(something) virus - sorry, I didn't get the whole thing written down. I ran the virus scan and it said that it removed the issue - but the picture/video files are still not showing up. When I click on one of the folder links, I get a message that "the item 'siuon.scr' that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly. Do you want to delete this shortcut?" So, it seems that the virus scan may have done something, but it's not the whole way fixed.

I ran Malwarebytes on the camera (it comes up as two separate drives when plugged in - one for what appears to be the internal memory of the camera and a second for the SD card) on both drives and nothing came up. I ran the dds file like instructed, but that only looked at my internal harddrive, and not the drives on the camera. I have looked all over online and I can't seem to find much info on how to clean external drives like an SD card.

Any help that you can offer would be much appreciated.

Thanks,

JF

[Larusso]

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

• First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  
• Perform everything in the correct order. Sometimes one step requires the previous one.
  
• If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  
• Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  
• Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  
• Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  
• My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  
• I am currently visiting an evening school and working nightshift only which might be evening for you. In this time I am mostly online with my mobile devices and won't be able to reply.

Please press the + R Key and type notepad into the Run box.

Copy/paste the entire contents of the codebox below, into notepad:

@echo off
dir /s /a /b > look.txt
notepad look.txt
del %0

• Now on the top of the window choose File --> Save as
  
• Into the Save as line type in look.bat
  
• Change the Save as type to All Files (*.*)
  
• Save it on your Flashdrive.
  It should look like this
  
• Run the look.bat

If you are using Vista/ 7, please start with Right- click --> Run as Administrator

A notepad window will appear, please post its content here. ( if it is too large, please attach it )

[juliofelipe]

Here is the output. FYI - the N:\DCIM, N:\MISC and all of the files in the DCIM\100SPORT folder are what should be there - but those aren't appearing when I open the drive in Windows Explorer. The RECYCLER and the other .lnk files are the ones that popped up when it got infected.

And... thanks for helping me out with this problem.

JF

N:\DCIM

N:\MISC

N:\RECYCLER

N:\New Folder.lnk

N:\Passwords.lnk

N:\Documents.lnk

N:\Pictures.lnk

N:\Music.lnk

N:\Video.lnk

N:\84612795

N:\look.bat

N:\look.txt

N:\DCIM\100SPORT

N:\DCIM\100SPORT\100_0732.MOV

N:\DCIM\100SPORT\100_0733.JPG

N:\DCIM\100SPORT\100_0734.JPG

N:\DCIM\100SPORT\100_0735.JPG

N:\DCIM\100SPORT\100_0736.JPG

N:\DCIM\100SPORT\100_0737.JPG

N:\DCIM\100SPORT\100_0738.JPG

N:\DCIM\100SPORT\100_0739.JPG

N:\DCIM\100SPORT\100_0740.JPG

N:\DCIM\100SPORT\100_0741.JPG

N:\DCIM\100SPORT\100_0742.JPG

N:\DCIM\100SPORT\100_0743.JPG

N:\DCIM\100SPORT\100_0744.JPG

N:\DCIM\100SPORT\100_0745.JPG

N:\DCIM\100SPORT\100_0746.JPG

N:\DCIM\100SPORT\100_0747.JPG

N:\DCIM\100SPORT\100_0748.JPG

N:\DCIM\100SPORT\100_0749.JPG

N:\DCIM\100SPORT\100_0750.JPG

N:\DCIM\100SPORT\100_0751.JPG

N:\DCIM\100SPORT\100_0752.JPG

N:\DCIM\100SPORT\100_0753.JPG

N:\DCIM\100SPORT\100_0754.JPG

N:\DCIM\100SPORT\100_0755.JPG

N:\DCIM\100SPORT\100_0756.JPG

N:\DCIM\100SPORT\100_0757.JPG

N:\DCIM\100SPORT\100_0758.JPG

N:\DCIM\100SPORT\100_0759.JPG

N:\DCIM\100SPORT\100_0760.JPG

N:\DCIM\100SPORT\100_0761.JPG

N:\DCIM\100SPORT\100_0762.JPG

N:\DCIM\100SPORT\100_0763.JPG

N:\DCIM\100SPORT\100_0764.JPG

N:\DCIM\100SPORT\100_0765.JPG

N:\DCIM\100SPORT\100_0766.JPG

N:\DCIM\100SPORT\100_0767.JPG

N:\DCIM\100SPORT\100_0768.JPG

N:\DCIM\100SPORT\100_0769.JPG

N:\DCIM\100SPORT\100_0770.JPG

N:\DCIM\100SPORT\100_0771.JPG

N:\DCIM\100SPORT\100_0772.JPG

N:\DCIM\100SPORT\100_0773.MOV

N:\DCIM\100SPORT\100_0774.MOV

N:\DCIM\100SPORT\100_0775.MOV

N:\DCIM\100SPORT\100_0776.MOV

N:\DCIM\100SPORT\100_0777.MOV

N:\DCIM\100SPORT\100_0778.MOV

N:\DCIM\100SPORT\100_0779.MOV

N:\DCIM\100SPORT\100_0780.MOV

N:\DCIM\100SPORT\100_0781.MOV

N:\DCIM\100SPORT\100_0782.MOV

N:\DCIM\100SPORT\100_0783.MOV

N:\DCIM\100SPORT\100_0784.MOV

N:\DCIM\100SPORT\100_0785.MOV

N:\DCIM\100SPORT\100_0786.MOV

N:\DCIM\100SPORT\100_0787.MOV

N:\DCIM\100SPORT\100_0788.MOV

N:\DCIM\100SPORT\100_0789.MOV

N:\DCIM\100SPORT\100_0790.MOV

N:\DCIM\100SPORT\100_0791.MOV

N:\DCIM\100SPORT\100_0792.MOV

N:\DCIM\100SPORT\100_0793.MOV

N:\DCIM\100SPORT\100_0794.MOV

N:\DCIM\100SPORT\100_0795.MOV

N:\DCIM\100SPORT\100_0796.MOV

N:\DCIM\100SPORT\100_0797.MOV

N:\DCIM\100SPORT\100_0798.MOV

N:\DCIM\100SPORT\100_0799.MOV

N:\DCIM\100SPORT\100_0800.MOV

N:\DCIM\100SPORT\100_0801.MOV

N:\DCIM\100SPORT\100_0802.MOV

N:\DCIM\100SPORT\100_0803.JPG

N:\DCIM\100SPORT\100_0804.JPG

N:\DCIM\100SPORT\100_0805.JPG

N:\DCIM\100SPORT\100_0806.JPG

N:\DCIM\100SPORT\100_0807.JPG

N:\DCIM\100SPORT\100_0808.JPG

N:\DCIM\100SPORT\100_0809.JPG

N:\DCIM\100SPORT\100_0810.JPG

N:\DCIM\100SPORT\100_0811.JPG

N:\DCIM\100SPORT\100_0812.JPG

N:\DCIM\100SPORT\100_0813.JPG

N:\DCIM\100SPORT\100_0814.JPG

N:\DCIM\100SPORT\100_0815.JPG

N:\DCIM\100SPORT\100_0816.JPG

N:\DCIM\100SPORT\100_0817.JPG

N:\DCIM\100SPORT\100_0818.JPG

N:\DCIM\100SPORT\100_0819.JPG

N:\DCIM\100SPORT\100_0820.JPG

N:\DCIM\100SPORT\100_0821.JPG

N:\DCIM\100SPORT\100_0822.JPG

N:\DCIM\100SPORT\100_0823.JPG

N:\DCIM\100SPORT\100_0824.MOV

N:\DCIM\100SPORT\100_0825.JPG

N:\DCIM\100SPORT\100_0826.JPG

N:\DCIM\100SPORT\100_0827.JPG

N:\DCIM\100SPORT\100_0828.JPG

N:\DCIM\100SPORT\100_0829.JPG

N:\DCIM\100SPORT\100_0830.JPG

N:\DCIM\100SPORT\100_0831.JPG

N:\DCIM\100SPORT\100_0832.JPG

N:\DCIM\100SPORT\100_0833.JPG

N:\DCIM\100SPORT\100_0834.MOV

N:\DCIM\100SPORT\100_0835.MOV

N:\DCIM\100SPORT\100_0836.MOV

N:\DCIM\100SPORT\100_0837.MOV

N:\DCIM\100SPORT\100_0838.JPG

N:\DCIM\100SPORT\100_0839.MOV

N:\DCIM\100SPORT\100_0840.MOV

N:\DCIM\100SPORT\100_0841.MOV

N:\DCIM\100SPORT\100_0842.MOV

N:\DCIM\100SPORT\100_0843.MOV

N:\DCIM\100SPORT\100_0844.MOV

N:\DCIM\100SPORT\100_0845.JPG

N:\DCIM\100SPORT\100_0846.JPG

N:\DCIM\100SPORT\100_0847.JPG

N:\DCIM\100SPORT\100_0848.JPG

N:\DCIM\100SPORT\100_0849.JPG

N:\DCIM\100SPORT\100_0850.MOV

N:\DCIM\100SPORT\100_0851.JPG

N:\DCIM\100SPORT\100_0852.JPG

N:\DCIM\100SPORT\100_0853.JPG

N:\DCIM\100SPORT\100_0854.MOV

N:\DCIM\100SPORT\100_0855.MOV

N:\DCIM\100SPORT\100_0856.JPG

N:\DCIM\100SPORT\100_0857.JPG

N:\DCIM\100SPORT\100_0858.JPG

N:\DCIM\100SPORT\100_0859.JPG

N:\DCIM\100SPORT\100_0860.JPG

N:\DCIM\100SPORT\100_0861.JPG

N:\DCIM\100SPORT\100_0862.JPG

N:\DCIM\100SPORT\100_0863.MOV

N:\DCIM\100SPORT\100_0864.JPG

N:\DCIM\100SPORT\100_0865.JPG

N:\DCIM\100SPORT\100_0866.JPG

N:\DCIM\100SPORT\100_0867.JPG

N:\DCIM\100SPORT\100_0868.JPG

N:\DCIM\100SPORT\100_0869.JPG

N:\DCIM\100SPORT\100_0870.JPG

N:\DCIM\100SPORT\100_0871.JPG

N:\DCIM\100SPORT\100_0872.JPG

N:\DCIM\100SPORT\100_0873.JPG

N:\DCIM\100SPORT\100_0874.JPG

N:\DCIM\100SPORT\100_0875.JPG

N:\DCIM\100SPORT\100_0876.JPG

N:\DCIM\100SPORT\100_0877.JPG

N:\DCIM\100SPORT\100_0878.JPG

N:\DCIM\100SPORT\100_0879.JPG

N:\DCIM\100SPORT\100_0880.JPG

N:\DCIM\100SPORT\100_0881.MOV

N:\DCIM\100SPORT\100_0882.MOV

N:\DCIM\100SPORT\100_0883.MOV

N:\DCIM\100SPORT\100_0884.MOV

N:\DCIM\100SPORT\100_0885.JPG

N:\DCIM\100SPORT\100_0886.JPG

N:\DCIM\100SPORT\100_0887.JPG

N:\DCIM\100SPORT\100_0888.JPG

N:\DCIM\100SPORT\100_0889.JPG

N:\DCIM\100SPORT\100_0890.JPG

N:\DCIM\100SPORT\100_0891.JPG

N:\DCIM\100SPORT\100_0892.JPG

N:\DCIM\100SPORT\100_0893.JPG

N:\DCIM\100SPORT\100_0894.JPG

N:\DCIM\100SPORT\100_0895.JPG

N:\DCIM\100SPORT\100_0896.JPG

N:\DCIM\100SPORT\100_0897.JPG

N:\DCIM\100SPORT\100_0898.JPG

N:\DCIM\100SPORT\100_0899.JPG

N:\DCIM\100SPORT\100_0900.JPG

N:\DCIM\100SPORT\100_0901.JPG

N:\DCIM\100SPORT\100_0902.JPG

N:\DCIM\100SPORT\100_0903.JPG

N:\DCIM\100SPORT\100_0904.JPG

N:\DCIM\100SPORT\100_0905.JPG

N:\DCIM\100SPORT\100_0906.JPG

N:\DCIM\100SPORT\100_0907.MOV

N:\DCIM\100SPORT\100_0908.MOV

N:\DCIM\100SPORT\100_0909.MOV

N:\DCIM\100SPORT\100_0910.MOV

N:\DCIM\100SPORT\100_0911.MOV

N:\DCIM\100SPORT\100_0912.MOV

N:\DCIM\100SPORT\100_0913.MOV

N:\DCIM\100SPORT\100_0914.MOV

N:\DCIM\100SPORT\100_0915.MOV

N:\DCIM\100SPORT\100_0916.MOV

N:\DCIM\100SPORT\100_0917.MOV

N:\DCIM\100SPORT\100_0918.MOV

N:\DCIM\100SPORT\100_0919.JPG

N:\DCIM\100SPORT\100_0920.JPG

N:\DCIM\100SPORT\100_0921.JPG

N:\DCIM\100SPORT\100_0922.JPG

N:\DCIM\100SPORT\100_0923.JPG

N:\DCIM\100SPORT\100_0924.MOV

N:\DCIM\100SPORT\100_0925.MOV

N:\DCIM\100SPORT\100_0926.MOV

N:\DCIM\100SPORT\100_0927.MOV

N:\DCIM\100SPORT\100_0928.MOV

N:\DCIM\100SPORT\100_0929.MOV

N:\DCIM\100SPORT\100_0930.MOV

N:\DCIM\100SPORT\100_0931.MOV

N:\DCIM\100SPORT\100_0932.MOV

N:\DCIM\100SPORT\100_0933.MOV

N:\DCIM\100SPORT\100_0934.MOV

N:\DCIM\100SPORT\100_0935.MOV

N:\DCIM\100SPORT\100_0936.MOV

N:\DCIM\100SPORT\100_0937.MOV

N:\DCIM\100SPORT\100_0938.MOV

N:\DCIM\100SPORT\100_0939.JPG

N:\DCIM\100SPORT\100_0940.JPG

N:\DCIM\100SPORT\100_0941.JPG

N:\DCIM\100SPORT\100_0942.JPG

N:\DCIM\100SPORT\100_0943.JPG

N:\DCIM\100SPORT\100_0944.JPG

N:\DCIM\100SPORT\100_0945.JPG

N:\DCIM\100SPORT\100_0946.JPG

N:\DCIM\100SPORT\100_0947.JPG

N:\DCIM\100SPORT\100_0948.JPG

N:\DCIM\100SPORT\100_0949.MOV

N:\DCIM\100SPORT\100_0950.MOV

N:\DCIM\100SPORT\100_0951.MOV

N:\DCIM\100SPORT\100_0952.MOV

N:\DCIM\100SPORT\100_0953.MOV

N:\DCIM\100SPORT\100_0954.JPG

N:\DCIM\100SPORT\100_0955.JPG

N:\DCIM\100SPORT\100_0956.MOV

N:\DCIM\100SPORT\100_0957.MOV

N:\DCIM\100SPORT\100_0958.MOV

N:\DCIM\100SPORT\100_0959.MOV

N:\DCIM\100SPORT\100_0960.MOV

N:\DCIM\100SPORT\100_0961.MOV

N:\DCIM\100SPORT\100_0962.JPG

N:\DCIM\100SPORT\100_0963.JPG

N:\DCIM\100SPORT\100_0964.JPG

N:\DCIM\100SPORT\100_0965.JPG

N:\DCIM\100SPORT\100_0966.JPG

N:\DCIM\100SPORT\100_0967.JPG

N:\DCIM\100SPORT\100_0968.JPG

N:\DCIM\100SPORT\100_0969.JPG

N:\DCIM\100SPORT\100_0970.JPG

N:\DCIM\100SPORT\100_0971.MOV

N:\DCIM\100SPORT\100_0972.MOV

N:\DCIM\100SPORT\100_0973.MOV

N:\DCIM\100SPORT\100_0974.JPG

N:\DCIM\100SPORT\100_0975.JPG

N:\DCIM\100SPORT\100_0731.MOV

N:\DCIM\100SPORT\100_0976.MOV

N:\DCIM\100SPORT\100_0977.MOV

N:\DCIM\100SPORT\100_0978.MOV

N:\DCIM\100SPORT\100_0979.MOV

N:\DCIM\100SPORT\100_0980.MOV

N:\DCIM\100SPORT\100_0981.MOV

N:\DCIM\100SPORT\100_0982.JPG

N:\DCIM\100SPORT\100_0983.JPG

N:\DCIM\100SPORT\100_0984.JPG

N:\DCIM\100SPORT\100_0985.MOV

N:\DCIM\100SPORT\100_0986.MOV

N:\DCIM\100SPORT\100_0987.MOV

N:\DCIM\100SPORT\100_0988.JPG

N:\DCIM\100SPORT\100_0989.JPG

N:\DCIM\100SPORT\100_0990.JPG

N:\DCIM\100SPORT\100_0991.MOV

N:\DCIM\100SPORT\100_0992.MOV

N:\DCIM\100SPORT\100_0993.MOV

N:\DCIM\100SPORT\100_0994.MOV

N:\DCIM\100SPORT\100_0995.MOV

N:\DCIM\100SPORT\100_0996.MOV

N:\DCIM\100SPORT\100_0997.MOV

N:\DCIM\100SPORT\100_0998.MOV

N:\DCIM\100SPORT\100_0999.MOV

N:\DCIM\100SPORT\100_1000.MOV

N:\DCIM\100SPORT\100_1001.MOV

N:\DCIM\100SPORT\100_1002.MOV

N:\DCIM\100SPORT\100_1003.MOV

N:\DCIM\100SPORT\100_1004.MOV

N:\DCIM\100SPORT\100_1005.MOV

N:\DCIM\100SPORT\100_1006.MOV

N:\DCIM\100SPORT\100_1007.MOV

N:\DCIM\100SPORT\100_1008.MOV

N:\DCIM\100SPORT\100_1009.MOV

N:\DCIM\100SPORT\100_1010.MOV

N:\DCIM\100SPORT\100_1011.MOV

N:\DCIM\100SPORT\100_1012.JPG

N:\DCIM\100SPORT\100_1013.JPG

N:\DCIM\100SPORT\100_1014.JPG

N:\DCIM\100SPORT\100_1015.JPG

N:\DCIM\100SPORT\100_1016.JPG

N:\DCIM\100SPORT\100_1017.MOV

N:\DCIM\100SPORT\100_1018.MOV

N:\DCIM\100SPORT\100_1019.MOV

N:\DCIM\100SPORT\100_1020.MOV

N:\DCIM\100SPORT\100_1021.JPG

N:\DCIM\100SPORT\100_1022.JPG

N:\DCIM\100SPORT\100_1023.JPG

N:\DCIM\100SPORT\100_1024.JPG

N:\DCIM\100SPORT\100_1025.JPG

N:\DCIM\100SPORT\100_1026.JPG

N:\DCIM\100SPORT\100_1027.MOV

N:\DCIM\100SPORT\100_1028.JPG

N:\DCIM\100SPORT\100_1029.JPG

N:\DCIM\100SPORT\100_1030.JPG

N:\DCIM\100SPORT\100_1031.JPG

N:\DCIM\100SPORT\100_1032.JPG

N:\DCIM\100SPORT\100_1033.JPG

N:\DCIM\100SPORT\100_1034.JPG

N:\DCIM\100SPORT\100_1035.JPG

N:\DCIM\100SPORT\100_1036.JPG

N:\DCIM\100SPORT\100_1037.JPG

N:\DCIM\100SPORT\100_1038.JPG

N:\DCIM\100SPORT\100_1039.MOV

N:\DCIM\100SPORT\100_1040.MOV

N:\DCIM\100SPORT\100_1041.MOV

N:\DCIM\100SPORT\100_1042.MOV

N:\DCIM\100SPORT\100_1043.MOV

N:\DCIM\100SPORT\100_1044.MOV

N:\DCIM\100SPORT\100_1045.JPG

N:\DCIM\100SPORT\100_1046.JPG

N:\DCIM\100SPORT\100_1047.MOV

N:\DCIM\100SPORT\100_1048.JPG

N:\DCIM\100SPORT\100_1049.JPG

N:\DCIM\100SPORT\100_1050.JPG

N:\DCIM\100SPORT\100_1051.JPG

N:\DCIM\100SPORT\100_1052.JPG

N:\DCIM\100SPORT\100_1053.JPG

N:\DCIM\100SPORT\100_1054.JPG

N:\DCIM\100SPORT\100_1055.MOV

N:\DCIM\100SPORT\100_1056.MOV

N:\DCIM\100SPORT\100_1057.MOV

N:\DCIM\100SPORT\100_1058.MOV

N:\DCIM\100SPORT\100_1059.MOV

N:\DCIM\100SPORT\100_1060.MOV

N:\DCIM\100SPORT\100_1061.MOV

N:\DCIM\100SPORT\100_1062.MOV

N:\DCIM\100SPORT\100_1063.MOV

N:\DCIM\100SPORT\100_1064.MOV

N:\DCIM\100SPORT\100_1065.MOV

N:\DCIM\100SPORT\100_1066.MOV

N:\DCIM\100SPORT\100_1067.MOV

N:\DCIM\100SPORT\100_1068.MOV

N:\DCIM\100SPORT\100_1069.MOV

N:\DCIM\100SPORT\100_1070.MOV

N:\DCIM\100SPORT\100_1071.MOV

N:\DCIM\100SPORT\100_1072.MOV

N:\DCIM\100SPORT\100_1073.MOV

N:\DCIM\100SPORT\100_1074.MOV

N:\DCIM\100SPORT\100_1075.MOV

N:\DCIM\100SPORT\100_1076.MOV

N:\DCIM\100SPORT\100_1077.MOV

N:\DCIM\100SPORT\100_1078.MOV

N:\DCIM\100SPORT\100_1079.MOV

N:\DCIM\100SPORT\100_1080.MOV

N:\DCIM\100SPORT\100_1081.MOV

N:\DCIM\100SPORT\100_1082.MOV

N:\DCIM\100SPORT\100_1083.MOV

N:\DCIM\100SPORT\100_1084.MOV

N:\DCIM\100SPORT\100_1085.MOV

N:\DCIM\100SPORT\100_1086.MOV

N:\DCIM\100SPORT\100_1087.MOV

N:\DCIM\100SPORT\100_1088.MOV

N:\DCIM\100SPORT\100_1089.MOV

N:\DCIM\100SPORT\100_1090.MOV

N:\DCIM\100SPORT\100_1091.MOV

N:\DCIM\100SPORT\100_1092.MOV

N:\DCIM\100SPORT\100_1093.MOV

N:\DCIM\100SPORT\100_1094.MOV

N:\DCIM\100SPORT\100_1095.MOV

N:\DCIM\100SPORT\100_1096.MOV

N:\DCIM\100SPORT\100_1097.MOV

N:\DCIM\100SPORT\100_1098.MOV

N:\DCIM\100SPORT\100_1099.MOV

N:\DCIM\100SPORT\100_1100.MOV

N:\DCIM\100SPORT\100_1101.MOV

N:\DCIM\100SPORT\100_1102.MOV

N:\DCIM\100SPORT\100_1103.MOV

N:\DCIM\100SPORT\100_1104.MOV

N:\DCIM\100SPORT\100_1105.MOV

N:\DCIM\100SPORT\100_1106.MOV

N:\DCIM\100SPORT\100_1107.JPG

N:\DCIM\100SPORT\100_1108.JPG

N:\DCIM\100SPORT\100_1109.JPG

N:\DCIM\100SPORT\100_1110.JPG

N:\DCIM\100SPORT\100_1111.JPG

N:\DCIM\100SPORT\100_1112.JPG

N:\DCIM\100SPORT\100_1113.JPG

N:\DCIM\100SPORT\100_1114.JPG

N:\DCIM\100SPORT\100_1115.JPG

N:\DCIM\100SPORT\100_1116.JPG

N:\DCIM\100SPORT\100_1117.JPG

N:\DCIM\100SPORT\100_1118.JPG

N:\DCIM\100SPORT\100_1119.JPG

N:\DCIM\100SPORT\100_1120.JPG

N:\DCIM\100SPORT\100_1121.JPG

N:\DCIM\100SPORT\100_1122.JPG

N:\DCIM\100SPORT\100_1123.JPG

N:\DCIM\100SPORT\100_1124.JPG

N:\DCIM\100SPORT\100_1125.JPG

N:\DCIM\100SPORT\100_1126.JPG

N:\DCIM\100SPORT\100_1127.JPG

N:\DCIM\100SPORT\100_1128.JPG

N:\DCIM\100SPORT\100_1129.JPG

N:\DCIM\100SPORT\100_1130.JPG

N:\DCIM\100SPORT\100_1131.JPG

N:\DCIM\100SPORT\100_1132.JPG

N:\DCIM\100SPORT\100_1133.JPG

N:\DCIM\100SPORT\100_1134.JPG

N:\DCIM\100SPORT\100_1135.JPG

N:\DCIM\100SPORT\100_1136.JPG

N:\DCIM\100SPORT\100_1137.JPG

N:\DCIM\100SPORT\100_1138.JPG

N:\DCIM\100SPORT\100_1139.JPG

N:\DCIM\100SPORT\100_1140.JPG

N:\DCIM\100SPORT\100_1141.JPG

N:\DCIM\100SPORT\100_1142.JPG

N:\DCIM\100SPORT\100_1143.JPG

N:\DCIM\100SPORT\100_1144.JPG

N:\DCIM\100SPORT\100_1145.JPG

N:\DCIM\100SPORT\100_1146.JPG

N:\DCIM\100SPORT\100_1147.JPG

N:\DCIM\100SPORT\100_1148.JPG

N:\DCIM\100SPORT\100_1149.JPG

N:\DCIM\100SPORT\100_1150.JPG

N:\DCIM\100SPORT\100_1151.JPG

N:\DCIM\100SPORT\100_1152.JPG

N:\DCIM\100SPORT\100_1153.JPG

N:\DCIM\100SPORT\100_1154.JPG

N:\DCIM\100SPORT\100_1155.JPG

N:\DCIM\100SPORT\100_1156.JPG

N:\DCIM\100SPORT\100_1157.JPG

N:\DCIM\100SPORT\100_1158.JPG

N:\DCIM\100SPORT\100_1159.JPG

N:\DCIM\100SPORT\100_1160.JPG

N:\DCIM\100SPORT\100_1161.JPG

N:\DCIM\100SPORT\100_1162.JPG

N:\DCIM\100SPORT\100_1163.JPG

N:\DCIM\100SPORT\100_1164.JPG

N:\DCIM\100SPORT\100_1165.JPG

N:\DCIM\100SPORT\100_1166.JPG

N:\DCIM\100SPORT\100_1167.JPG

N:\DCIM\100SPORT\100_1168.JPG

N:\DCIM\100SPORT\100_1169.JPG

N:\DCIM\100SPORT\100_1170.JPG

N:\DCIM\100SPORT\100_1171.JPG

N:\DCIM\100SPORT\100_1172.JPG

N:\DCIM\100SPORT\100_1173.JPG

N:\DCIM\100SPORT\100_1174.JPG

N:\DCIM\100SPORT\100_1175.JPG

N:\DCIM\100SPORT\100_1176.JPG

N:\DCIM\100SPORT\100_1177.JPG

N:\DCIM\100SPORT\100_1178.JPG

N:\DCIM\100SPORT\100_1179.JPG

N:\DCIM\100SPORT\100_1180.JPG

N:\DCIM\100SPORT\100_1181.JPG

[Larusso]

Hy there.

N:\84612795

This folder is the one I might looking for.

Could you please do a right-click on N:\Passwords.lnk --> properities --> and copy/paste the line "Target" here.

Do I understand you right, that these folders has not been created from you

N:\New Folder.lnk

N:\Passwords.lnk

N:\Documents.lnk

N:\Pictures.lnk

N:\Music.lnk

N:\Video.lnk

N:\84612795

Well, would not make sence to create folders like that on camera

[juliofelipe]

N:\84612795 is not appearing when I look at the folder through Windows Explorer. I checked the properties on the other files and they all had the same target: F:\siuon.scr

The F drive is the other drive that pops up when the camera is loaded. It seems to include the media software for the camera (the drive appears with the label ArcSoft SW).

And to answer your question - you are correct, all of the files that you listed were not created by me. And the RECYCLER folder is also something that wasn't there before the infection.

Thanks,

JF

[Larusso]

Great, feel free to delete these folders.

Your AVP was fast enough to prevent you from the main infection but to be sure, let me have a quick look over your system.

Download DDS and save it to your desktop from here.

Double click DDS to run the tool and press Start

Don't change any stettings without instruction

• When done, DDS will save two (2) logs to your desktop:
  1. DDS.txt
  2. Attach.txt

  [*].Please post them in your next reply

[juliofelipe]

I deleted the files that were added by the infection - but I still can't see all of the files/folders that are supposed to be there. The output from look.bat says that those files are on the card, but they are hidden for some reason.

And, attached are the two output files from dds.

Thanks,

JF

attach.txt

dds.txt

[Larusso]

Which one(s) you can't see ?

Anyway, I see one entry in your DDS log which should not be there. Hopefully, this kind of infection is not completely present.

Download ComboFix from this location:

Link 1

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications

====================================================

Double click on ComboFix.exe & follow the prompts.

• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

[juliofelipe]

Right now nothing is showing up on the SD card. It all disappeared when it got infected, and even after running the virus scan and deleting those new folders they haven't reappeared.

Attached is the ComboFix log. When it was running, a message popped up 'You are infected with Rootkit.ZeroAccess! It has inserted itself into the tcp/ip stack.' I am assuming that ComboFix got rid of it, and I didn't have any problem accessing the internet like the message said I might.

Thanks!

JF

[Larusso]

I have a tool for you which will help you to get your files back but please post the log from Combofix. I cant see an attachmant and would prefer to simply copy/paste it.

You never noticed any issues with this PC ?

[juliofelipe]

Sorry about that. I'm pasting the combofix log at the bottom.

For the most part, my computer has been fine. I had some issues a year or so ago, but now my only complaint is that it runs a little slow and the internet connection isn't as fast as it used to be - but my computer is at least 6 years old, so some of that is to be expected. The one major problem that I have is (and I don't know if that is related at all) I can't get my printer to install. All of the other computers in my house were able to load the drivers, but when I try to install it on this computer I keep getting an error message that says it can't connect to the printer so the driver never finishes the installation. I have tried it directly connecting to the printer via a USB cable and also over the wireless network in the house and neither worked. After running combofix, I tried the installation again, hoping that it would work - but it's still not working.

Thanks,

JF

ComboFix 13-03-28.01 - Compaq_Administrator 03/28/2013 14:25:59.14.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2378 [GMT -7:00]

Running from: c:\documents and settings\Compaq_Administrator\Desktop\ComboFix.exe

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\267464291

c:\documents and settings\Compaq_Administrator\Application Data\2bec9f61

c:\documents and settings\Compaq_Administrator\Application Data\a3949061

c:\documents and settings\Compaq_Administrator\Application Data\cb31609e

c:\documents and settings\Compaq_Administrator\Application Data\dc94e89b

c:\windows\$NtUninstallKB62280$

c:\windows\$NtUninstallKB62280$\1655913888

c:\windows\$NtUninstallKB62280$\485945278\@

c:\windows\$NtUninstallKB62280$\485945278\cfg.ini

c:\windows\$NtUninstallKB62280$\485945278\Desktop.ini

c:\windows\$NtUninstallKB62280$\485945278\L\aqaeidou

c:\windows\$NtUninstallKB62280$\485945278\U\00000001.@

c:\windows\$NtUninstallKB62280$\485945278\U\00000002.@

c:\windows\$NtUninstallKB62280$\485945278\U\00000004.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000000.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000004.@

c:\windows\$NtUninstallKB62280$\485945278\U\80000032.@

c:\windows\$NtUninstallKB62280$\485945278\version

c:\windows\system32\dds_trash_log.cmd

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

.

.

((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-28 )))))))))))))))))))))))))))))))

.

.

2013-03-08 04:08 . 2013-03-08 04:09 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-03-12 20:33 . 2012-05-20 22:23 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-03-12 20:33 . 2011-06-05 01:09 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-02-12 00:32 . 2009-01-07 03:38 12928 ------w- c:\windows\system32\drivers\usb8023x.sys

2013-02-12 00:32 . 2004-08-09 21:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys

2013-02-05 20:05 . 2004-08-09 21:00 916480 ----a-w- c:\windows\system32\wininet.dll

2013-02-05 20:05 . 2004-08-09 21:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2013-02-05 20:05 . 2004-08-09 21:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2013-02-05 05:53 . 2004-08-09 21:00 385024 ----a-w- c:\windows\system32\html.iec

2013-01-26 03:55 . 2004-08-09 21:00 552448 ----a-w- c:\windows\system32\oleaut32.dll

2013-01-14 16:48 . 2013-01-14 16:48 10 ----a-w- c:\windows\Fonts\wfonts.key

2013-01-07 01:19 . 2004-08-10 04:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-01-07 00:37 . 2004-08-10 04:00 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-01-04 01:20 . 2004-08-09 21:00 1867264 ----a-w- c:\windows\system32\win32k.sys

2013-01-02 06:49 . 2004-08-09 21:00 1292288 ----a-w- c:\windows\system32\quartz.dll

2013-03-08 03:29 . 2013-03-08 03:28 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]

@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"

[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]

2013-01-24 08:02 383328 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]

@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"

[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]

2013-01-24 08:02 383328 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]

@="{A759AFF6-5851-457D-A540-F4ECED148351}"

[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]

2013-01-24 08:02 383328 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]

@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"

[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]

2013-01-24 08:02 383328 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-29 4780928]

"SugarSync"="c:\program files\SugarSync\SugarSyncManager.exe" [2013-01-24 11184480]

"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]

"ISUSPM"="c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-09 249856]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]

"Nike+ Connect"="c:\program files\Nike\Nike+ Connect\Nike+ Connect daemon.exe" [2010-10-01 299008]

"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]

"DiscUpdateManager"="c:\program files\DISC\DiscUpdateMgr.exe" [2005-11-11 61440]

"DISCover"="c:\program files\DISC\DISCover.exe" [2005-11-11 1064960]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]

"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-09 46368]

"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-09 29984]

"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" [2010-02-09 328992]

"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-06 636192]

"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-06 62752]

"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-21 139264]

"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]

"NielsenOnline"="c:\program files\NetRatingsNetSight\NetSight\NielsenOnline.exe" [2012-02-24 93504]

"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]

"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2010-09-07 1976920]

"DiscWizardMonitor.exe"="c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe" [2009-10-17 1325936]

"AcronisTimounterMonitor"="c:\program files\Seagate\DiscWizard\TimounterMonitor.exe" [2009-10-17 904840]

"Seagate Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2009-10-17 136544]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2012-05-20 198160]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Acrobat Assistant.lnk - c:\program files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-6-11 110592]

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-6-11 110592]

Compaq Connections.lnk - c:\program files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-3-9 36903]

Giganews Accelerator.lnk - c:\program files\Giganews Accelerator\GiganewsAccelerator.exe [2007-12-18 757760]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled

TotalMedia BackUp & Recorder Monitor.lnk - c:\program files\ArcSoft\TotalMedia Extreme\BackUp & Recorder\uBBMonitor.exe [2010-11-11 286720]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-3-9 27136]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= "c:\internet\eudora\EuShlExt.dll" [2005-11-14 86016]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-10-09 113024]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ pdboot.exe\0autocheck autochk *

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=

"c:\\Program Files\\DISC\\DiscStreamHub.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

.

R1 nnrnstdi;nnrnstdi;c:\windows\system32\drivers\nnrnstdi.sys [8/25/2012 1:56 PM 15360]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/29/2008 4:03 PM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/29/2008 4:03 PM 67664]

R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\VCdRom.sys [7/5/2010 9:57 AM 8576]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [8/3/2010 10:50 AM 116608]

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [9/27/2010 7:57 PM 136360]

R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [8/27/2009 5:09 PM 1253376]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/23/2012 1:37 PM 13672]

R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\nero\Update\NASvc.exe [5/4/2010 1:07 PM 503080]

R2 NielsenUpdate;Nielsen Update;c:\program files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [8/25/2012 1:50 PM 2833448]

R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [3/9/2010 12:40 AM 144672]

R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [10/16/2009 6:39 PM 431456]

R3 ArcCD;ArcCD Filter Driver Service;c:\windows\system32\drivers\ArcCD.sys [11/11/2010 12:54 PM 36224]

R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [3/15/2012 6:39 AM 245760]

R3 km_filter;km_filter;c:\windows\system32\drivers\km_filter.sys [8/25/2012 1:56 PM 10368]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [10/24/2010 8:52 AM 47360]

S0 nielprt;Nielsen Patch Service;c:\windows\system32\DRIVERS\nielprt.sys --> c:\windows\system32\DRIVERS\nielprt.sys [?]

S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys --> c:\windows\system32\DRIVERS\AVGIDSShim.Sys [?]

S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [3/11/2012 1:08 PM 71424]

S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [3/11/2012 1:08 PM 11520]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [8/7/2008 11:10 AM 3276800]

S3 MEISTRM;MEI AVC Streaming Filter Driver;c:\windows\system32\drivers\meistrm.sys [11/11/2003 9:33 AM 13195]

S3 MEITUNER;FireBus MPEG2TS Tuner Subunit Device;c:\windows\system32\drivers\meistb.sys [11/11/2003 9:34 AM 22891]

S3 NielGfx;Nielsen USB GFX;c:\windows\system32\drivers\nielgfx.sys --> c:\windows\system32\drivers\nielgfx.sys [?]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/16/2006 4:51 PM 12872]

S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [9/17/2007 7:28 PM 10240]

S4 ArcUdfs;ArcUdfs FileSystem Driver Service;c:\windows\system32\drivers\ArcUdfs.sys [11/11/2010 12:54 PM 134912]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - ArcRec

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

mrobeservice

sddmi2

symndis

vga

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2009-03-17 21:14 451872 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-03-14 18:30 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 20:33]

.

2013-03-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 19:34]

.

2013-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 05:35]

.

2013-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-15 05:35]

.

2013-03-28 c:\windows\Tasks\ReclaimerUpdateFiles_Compaq_Administrator.job

- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-20 18:36]

.

2013-03-28 c:\windows\Tasks\ReclaimerUpdateXML_Compaq_Administrator.job

- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-20 18:36]

.

2013-03-28 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Compaq_Administrator.job

- c:\documents and settings\Compaq_Administrator\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-20 18:36]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://espn.go.com/

uInternet Settings,ProxyOverride = <local>;*.local

IE: Open with PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Save video on Savevid.com - c:\program files\Savevid\redirect.htm

TCP: DhcpNameServer = 192.168.1.1 4.2.2.2

DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimizer/hsi/vzTCPConfig.CAB

FF - ProfilePath - c:\documents and settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://espn.go.com/

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2013-02-02 19:07; crossriderapp4493@crossrider.com; c:\documents and settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\crossriderapp4493@crossrider.com

FF - user.js: browser.search.selectedEngine - Google

FF - user.js: browser.search.order.1 - Google

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-WinPatrol - c:\program files\BillP Studios\WinPatrol\winpatrol.exe

MSConfigStartUp-CTFMON - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-03-28 14:48

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|ù•Ôw*]

"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•Ôw*]

"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1060)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'lsass.exe'(1116)

c:\windows\system32\relog_ap.dll

.

- - - - - - - > 'explorer.exe'(2920)

c:\windows\system32\WININET.dll

c:\docume~1\COMPAQ~1\LOCALS~1\Temp\IadHide5.dll

c:\program files\SugarSync\SugarSyncShellExt.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

c:\program files\NetRatingsNetSight\NetSight\nsmmc.dll

c:\windows\system32\msi.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\system32\brss01a.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\windows\arservice.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\bgsvcgen.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Raxco\PerfectDisk\PDAgent.exe

c:\windows\system32\IoctlSvc.exe

c:\windows\ARPWRMSG.EXE

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

c:\program files\ControlCenter4\BrCtrlCntr.exe

c:\program files\ControlCenter4\BrCcUxSys.exe

c:\program files\Raxco\PerfectDisk\PDEngine.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\DISC\DiscStreamHub.exe

c:\documents and settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe

c:\windows\ALCXMNTR.EXE

.

**************************************************************************

.

Completion time: 2013-03-28 15:04:34 - machine was rebooted

ComboFix-quarantined-files.txt 2013-03-28 22:04

ComboFix2.txt 2012-02-06 03:15

.

Pre-Run: 14,615,588,864 bytes free

Post-Run: 18,859,630,592 bytes free

.

- - End Of File - - 3E574BFCF36F1D9F53B3EC7AE3370C90

[Larusso]

Hy there.

First of all, it looks like Combofix was able to kill the infection. It is the only tool which is able to do this on an XP.

That being said, this kind of infection is really nasty and in case that you expire other issues, we can try to fix them all with an unknown end.

This is a good indicator to simply reformat and reinstall. Than you have a fresh, clean system without any troubles.

Anyway, it is up to you

[juliofelipe]

Thanks for the help with the infection.

You said that you had a tool for my SD card that will unhide all of my files?

[Larusso]

Yes, I do but first of all we need to clean up your System.

Download OTL to your Desktop.

• Double click on the icon to run it.
  
• Under the box paste this in

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
/md5start
services.exe
user32.dll
/md5stop
CREATERESTOREPOINT

• Make sure all other windows are closed to let it run uninterrupted.
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please post both logfiles in your next reply.

[juliofelipe]

Here you go...

(I got an error that the post was too long. I tried posting the OTL.txt in this post and will post the Extras.txt in the next - but even that was too long. So, I'm splitting the OTL.txt in two parts - the first here and the rest at the start of the next post, right before the Extras.txt output.)

Thanks!

JF

OTL logfile created on: 3/29/2013 11:11:26 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 36.32% Memory free

4.18 Gb Paging File | 1.99 Gb Available in Paging File | 47.56% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 178.37 Gb Total Space | 16.35 Gb Free Space | 9.17% Space Free | Partition Type: NTFS

Drive D: | 7.91 Gb Total Space | 0.56 Gb Free Space | 7.08% Space Free | Partition Type: FAT32

Computer Name: HADDY | User Name: Compaq_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/29 23:10:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

PRC - [2013/01/24 01:06:40 | 011,184,480 | ---- | M] (SugarSync, Inc.) -- C:\Program Files\SugarSync\SugarSyncManager.exe

PRC - [2012/10/29 10:41:28 | 002,833,448 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe

PRC - [2012/09/28 20:45:33 | 004,780,928 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2012/09/07 20:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

PRC - [2012/09/06 21:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe

PRC - [2012/09/06 21:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe

PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

PRC - [2012/05/19 17:14:19 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2012/02/24 05:49:52 | 000,093,504 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

PRC - [2011/06/28 09:48:38 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/04/27 11:04:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/03/15 15:18:04 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe

PRC - [2011/03/15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

PRC - [2011/03/15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

PRC - [2010/12/19 11:16:51 | 000,139,264 | ---- | M] (SOURCENEXT) -- C:\WINDOWS\system32\bgsvcgen.exe

PRC - [2010/11/03 03:26:02 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/10/01 08:26:58 | 000,299,008 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe

PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

PRC - [2010/08/09 05:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe

PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\nero\Update\NASvc.exe

PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe

PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/10/16 18:42:54 | 000,904,840 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

PRC - [2009/10/16 18:39:32 | 000,136,544 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

PRC - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

PRC - [2009/10/16 18:37:22 | 001,325,936 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe

PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe

PRC - [2009/05/05 16:06:02 | 001,152,288 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\agent.exe

PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/12/18 09:49:40 | 000,757,760 | ---- | M] (Giganews, Inc.) -- C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe

PRC - [2006/03/09 20:33:38 | 000,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe

PRC - [2005/11/11 14:11:12 | 000,237,568 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscGui.exe

PRC - [2005/11/11 14:11:04 | 001,064,960 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe

PRC - [2005/11/11 14:10:00 | 000,061,440 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DISCUpdateMgr.exe

PRC - [2005/11/11 14:10:00 | 000,049,152 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe

PRC - [2005/11/01 03:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

PRC - [2005/08/02 17:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe

PRC - [2005/08/02 17:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

PRC - [2003/05/15 01:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/28 15:49:34 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2013/03/28 15:49:33 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2013/02/14 04:12:07 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll

MOD - [2013/02/14 04:11:08 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll

MOD - [2013/02/14 04:10:53 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll

MOD - [2013/02/14 04:07:24 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll

MOD - [2013/02/14 04:04:05 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

MOD - [2013/02/14 04:04:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2013/02/14 04:04:02 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2013/02/14 04:04:00 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/02/14 04:04:00 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/02/14 04:03:59 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2013/02/14 04:03:45 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

MOD - [2013/02/14 04:03:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/02/14 04:03:41 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

MOD - [2013/02/14 04:03:35 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2013/01/09 04:19:22 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll

MOD - [2013/01/09 04:19:15 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 04:16:52 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll

MOD - [2013/01/09 04:16:34 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll

MOD - [2013/01/09 04:15:12 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 04:15:04 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 04:05:00 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1e116300\mscorlib.dll

MOD - [2013/01/09 04:04:57 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6ea43965\system.drawing.dll

MOD - [2013/01/09 04:04:51 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_0203b7a4\system.xml.dll

MOD - [2013/01/09 04:04:47 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f63600c2\system.windows.forms.dll

MOD - [2013/01/09 04:04:39 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b7aa3e59\system.dll

MOD - [2013/01/09 04:04:30 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2013/01/09 04:04:29 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll

MOD - [2013/01/09 04:04:28 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2013/01/09 04:04:26 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2012/10/29 10:39:36 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll

MOD - [2012/10/29 10:36:12 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npfirefoxprocessor.dll

MOD - [2012/10/29 10:35:06 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npwmi.dll

MOD - [2012/10/29 10:34:50 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsurvey.dll

MOD - [2012/10/29 10:34:42 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsp1.dll

MOD - [2012/10/29 10:34:32 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\communication.dll

MOD - [2012/02/21 04:58:45 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll

MOD - [2012/02/21 04:48:18 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll

MOD - [2012/02/21 04:48:11 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll

MOD - [2012/02/21 04:48:07 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll

MOD - [2012/02/21 04:41:12 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll

MOD - [2012/02/21 04:40:32 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll

MOD - [2012/02/21 04:39:08 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll

MOD - [2012/02/21 04:38:49 | 000,729,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\09ee8d91e80e00991226aec062aa1e92\System.Security.ni.dll

MOD - [2012/02/21 04:38:19 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll

MOD - [2012/02/21 04:38:10 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll

MOD - [2012/02/21 04:37:58 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll

MOD - [2012/02/21 04:37:45 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll

MOD - [2012/02/21 04:37:34 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll

MOD - [2011/12/17 08:48:18 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011/12/17 08:48:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2011/01/20 21:53:20 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2011/01/20 21:53:20 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2011/01/20 21:53:18 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2011/01/20 21:53:18 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2011/01/20 21:53:18 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll

MOD - [2011/01/20 21:53:18 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2011/01/20 21:53:18 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll

MOD - [2011/01/20 21:53:17 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2011/01/20 21:53:17 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2011/01/20 21:53:17 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2011/01/20 21:53:17 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2010/01/28 13:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2010/01/27 22:16:47 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll

MOD - [2010/01/27 22:16:47 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2010/01/27 22:16:46 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2010/01/27 22:16:45 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2010/01/27 22:16:44 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2010/01/27 22:16:44 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2010/01/27 22:16:43 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2010/01/27 22:16:42 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2010/01/27 22:16:42 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2010/01/27 22:16:42 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2009/10/16 17:59:30 | 001,328,480 | ---- | M] () -- C:\Program Files\Seagate\DiscWizard\fox.dll

MOD - [2009/03/07 11:36:53 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2009/03/07 11:36:53 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2009/03/07 11:36:52 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2009/03/07 11:36:52 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2009/03/07 11:36:52 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2009/03/07 11:36:52 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2009/02/28 11:30:08 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2009/02/28 11:30:07 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2009/02/28 11:30:05 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2009/02/28 11:20:54 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll

MOD - [2009/02/28 11:20:53 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll

MOD - [2009/02/28 11:20:50 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll

MOD - [2009/02/28 11:20:50 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll

MOD - [2009/02/28 11:20:50 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll

MOD - [2009/02/28 11:20:49 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll

MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll

MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/03/09 20:33:35 | 000,151,589 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\bwfiles.dll

MOD - [2006/03/09 20:33:35 | 000,098,339 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\FrExt.dll

MOD - [2006/03/09 20:33:35 | 000,061,496 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\6.3.2.116-5577497\Program\clntutil.dll

MOD - [2006/03/09 19:50:36 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2006/03/09 19:50:34 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll

MOD - [2006/03/09 19:50:33 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll

MOD - [2005/12/15 06:33:48 | 000,126,976 | ---- | M] () -- C:\Program Files\Compaq Connections\5577497\Program\HPClientExt.dll

========== Services (SafeList) ==========

SRV - [2013/03/12 13:33:14 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/03/07 20:29:07 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/10/29 10:41:28 | 002,833,448 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)

SRV - [2012/09/07 20:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)

SRV - [2011/06/28 09:48:38 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/04/27 11:04:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)

SRV - [2011/03/15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)

SRV - [2010/12/19 11:16:51 | 000,139,264 | ---- | M] (SOURCENEXT) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)

SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)

SRV - [2010/07/05 10:05:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)

SRV - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)

SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

SRV - [2005/08/02 17:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

SRV - [2003/10/13 16:24:14 | 000,061,440 | ---- | M] (Adobe Sytems) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe -- (AdobeVersionCue)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD)

DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)

DRV - [2012/10/01 21:00:24 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)

DRV - [2012/10/01 21:00:24 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2012/10/01 21:00:20 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)

DRV - [2012/10/01 21:00:15 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)

DRV - [2012/03/20 17:23:38 | 000,010,368 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)

DRV - [2012/03/20 17:23:26 | 000,015,360 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)

DRV - [2011/10/08 20:25:40 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011/10/08 20:25:40 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2011/06/28 09:48:40 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/06/28 09:48:40 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/12/19 11:16:52 | 000,038,944 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)

DRV - [2010/09/07 03:37:14 | 000,104,024 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)

DRV - [2010/08/27 20:27:21 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)

DRV - [2010/07/05 07:42:24 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\VCdRom.sys -- (vcdrom)

DRV - [2010/04/01 11:40:36 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2009/11/03 03:06:12 | 000,071,424 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb)

DRV - [2009/11/03 03:06:12 | 000,011,520 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb)

DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2007/11/06 14:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)

DRV - [2007/09/17 19:28:58 | 000,010,240 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\softctrl.sys -- (softctrl)

DRV - [2007/05/03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)

DRV - [2007/04/25 09:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)

DRV - [2007/04/24 12:33:50 | 000,007,680 | ---- | M] (ArcSoft Inc.) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)

DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/02 16:47:26 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2005/10/20 09:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2005/09/30 04:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2005/08/29 08:11:00 | 003,644,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)

DRV - [2005/08/13 14:35:00 | 001,313,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005/03/09 06:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)

DRV - [2004/08/03 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2004/04/14 11:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)

DRV - [2004/04/14 11:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)

DRV - [2004/04/14 11:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)

DRV - [2004/04/14 11:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)

DRV - [2003/11/11 09:34:00 | 000,022,891 | ---- | M] (Matsushita Electric Industorial Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\meistb.sys -- (MEITUNER)

DRV - [2003/11/11 09:33:54 | 000,013,195 | ---- | M] (Matsushita Electric Industorial Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\meistrm.sys -- (MEISTRM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://espn.go.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = BC 2F B8 14 0E 65 E6 4E A2 19 D1 9D 0C 50 61 2F [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Google"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://espn.go.com/"

FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:1.0.0.071303000006

FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0

FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129

FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0034-ABCDEFFEDCBA%7D:6.0.34

FF - prefs.js..extensions.enabledAddons: crossriderapp4493%40crossrider.com:0.91.83

FF - prefs.js..extensions.enabledAddons: netsight%40nielsen.com:2.3

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2

FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1

FF - prefs.js..extensions.enabledItems: 6

FF - prefs.js..extensions.enabledItems: 2

FF - prefs.js..extensions.enabledItems: 48

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000006

FF - prefs.js..extensions.enabledItems: tab@search.com:1.0

FF - prefs.js..extensions.enabledItems: {ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}:1.0

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1

FF - prefs.js..network.proxy.type: 0

FF - user.js..browser.search.selectedEngine: "Google"

FF - user.js..browser.search.order.1: "Google"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2013/03/28 15:49:44 | 000,008,039 | ---- | M] ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/07 20:29:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/07 20:28:45 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\WINDOWS\system32\5005 [2010/09/24 06:29:39 | 000,000,000 | ---D | M]

[2011/12/19 17:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions

[2013/03/13 06:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions

[2010/12/10 17:59:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/12/19 17:52:48 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

[2013/01/31 20:50:58 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2009/10/29 20:40:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2013/03/13 06:29:18 | 000,000,000 | ---D | M] ("Coupon Companion") -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\crossriderapp4493@crossrider.com

[2009/08/28 06:31:03 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\moveplayer@movenetworks.com

[2010/08/25 12:34:03 | 000,000,000 | ---D | M] (tab-search) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\tab@search.com

[2012/02/06 21:47:59 | 000,000,000 | ---D | M] (Nero Toolbar) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com

[2013/03/13 06:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\crossriderapp4493@crossrider.com\chrome\content\extensionCode

[2013/02/21 21:52:28 | 000,021,487 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\plugin@yontoo.com.xpi

[2013/02/14 18:30:58 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/12/19 17:52:21 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\searchplugins\SearchResults.xml

[2013/03/25 16:24:37 | 000,002,112 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\searchplugins\wot-safe-search.xml

[2013/03/07 20:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/03/07 20:28:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

[2012/08/16 06:39:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2013/03/28 15:49:44 | 000,008,039 | ---- | M] () (No name found) -- C:\PROGRAM FILES\NETRATINGSNETSIGHT\NETSIGHT\METER2\FIREFOXADDONS\NETSIGHT@NIELSEN.XPI

[2013/03/07 20:29:08 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2010/12/09 03:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2012/08/30 22:18:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/12/19 17:52:21 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2013/02/27 00:09:40 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U34 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Nielsen FirefoxTracker Plug-in (Enabled) = C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

CHR - plugin: Java Deployment Toolkit 6.0.340.4 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Google Docs = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Nielsen = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.3_0\

CHR - Extension: FVD Video Downloader = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.0.1_0\

CHR - Extension: Coupon Companion = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkdpahkifcigckmhiafindmaflfifgm\1.21.47_0\crossrider

CHR - Extension: Coupon Companion = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkdpahkifcigckmhiafindmaflfifgm\1.21.47_0\

CHR - Extension: Gmail = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/28 14:44:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)

O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)

O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [brStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)

O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)

O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)

O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [indexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)

O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)

O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [iSUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKCU..\Run: [sugarSync] C:\Program Files\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/15 07:58:35 | 000,000,000 | -H-D | M]

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Giganews Accelerator.lnk = C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe (Giganews, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AntiVirusDisableNotify =

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UpdatesDisableNotify =

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: FirewallDisableNotify =

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)

O8 - Extra context menu item: Save video on Savevid.com - C:\Program Files\Savevid\redirect.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} http://zone.msn.com/bingame/pacz/default/pandaonline.cab (Reg Error: Key error.)

O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} http://sympatico.zone.msn.com/bingame/rock/default/popcaploader1.cab (Reg Error: Key error.)

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/bingame/chnz/default/mjolauncher.cab (MJLauncherCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab (ZoneAxRcMgr Class)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (ZoneIntro Class)

O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} http://zone.msn.com/bingame/gold/UnSkin/gf.cab (TikGames Online Control)

O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} http://zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab (SCEWebLauncherCtl Object)

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab (CPlayFirstDinerDashControl Object)

O16 - DPF: vzTCPConfig http://my.verizon.com/micro/speedoptimizer/hsi/vzTCPConfig.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 4.2.2.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68ABC49C-2AAA-455E-B332-0CE29F0E8C0C}: DhcpNameServer = 192.168.1.1 4.2.2.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\internet\eudora\EuShlExt.dll (Qualcomm Inc.)

O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/08/30 14:02:02 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O34 - HKLM BootExecute: (pdboot.exe)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {0DC86ADC-4963-4060-87E9-7AA2EF508661} - Themes Setup

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)

ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player

ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)

ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)

ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0

ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {2F7F0BDC-9111-406E-FBE6-8ECC610757BC} - NetShow

ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6C298884-91FD-408C-9D90-5A59D2C29FD1} - Microsoft .NET Framework 1.1 Security Update (KB2742597)

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser

ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider

ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework

ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {DE895E98-54B2-4180-91E1-7A0020EDF577} - Microsoft .NET Framework 1.0 Security Update (KB2742607)

ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3

ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

ActiveX: AutorunsDisabled -

ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

NetSvcs: 6to4 - File not found

NetSvcs: Ias - File not found

NetSvcs: Iprip - File not found

NetSvcs: Irmon - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: mrobeservice - File not found

NetSvcs: sddmi2 - File not found

NetSvcs: symndis - File not found

NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0

MsConfig - State: "win.ini" - 0

MsConfig - State: "bootini" - 0

MsConfig - State: "services" - 0

MsConfig - State: "startup" - 0

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/03/29 23:10:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

[2013/03/28 15:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\ControlCenter4

[2013/03/28 15:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother

[2013/03/28 15:38:22 | 000,000,000 | ---D | C] -- C:\Brother

[2013/03/28 15:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ControlCenter4

[2013/03/28 15:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02

[2013/03/28 15:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\ControlCenter4

[2013/03/28 15:37:57 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05c.dll

[2013/03/28 15:36:39 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll

[2013/03/28 15:36:38 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll

[2013/03/28 15:36:38 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll

[2013/03/28 15:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Brother

[2013/03/28 15:13:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2013/03/28 14:13:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013/03/28 14:13:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013/03/28 14:13:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013/03/28 14:13:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013/03/28 14:13:02 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/03/28 14:10:12 | 005,044,813 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe

[2013/03/27 11:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight

[2013/03/22 13:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth

[2013/03/07 21:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2013/03/07 21:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/03/07 20:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/10/24 08:52:28 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/03/29 23:10:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

[2013/03/29 22:32:07 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/03/29 14:50:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Compaq_Administrator.job

[2013/03/28 16:15:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2013/03/28 16:15:20 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/03/28 15:52:19 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/03/28 15:48:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/03/28 15:47:02 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Compaq_Administrator.job

[2013/03/28 15:46:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/03/28 15:46:48 | 3152,596,992 | -HS- | M] () -- C:\hiberfil.sys

[2013/03/28 15:39:38 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk

[2013/03/28 15:39:18 | 000,000,249 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini

[2013/03/28 15:39:18 | 000,000,065 | ---- | M] () -- C:\WINDOWS\brpcfx.ini

[2013/03/28 15:38:22 | 000,000,086 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini

[2013/03/28 14:44:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013/03/28 14:10:23 | 005,044,813 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe

[2013/03/28 11:21:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/03/28 10:49:03 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Compaq_Administrator.job

[2013/03/27 11:59:11 | 027,407,622 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Drew Dudley Leading with Lollipops (480).mp4

[2013/03/27 11:58:31 | 104,376,597 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TEDxToronto - Drew Dudley Leading with Lollipops.mp4

[2013/03/13 03:02:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/03/08 07:31:12 | 000,501,923 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Campus_Map.pdf

========== Files Created - No Company Name ==========

[2013/03/28 15:39:38 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk

[2013/03/28 15:38:04 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini

[2013/03/28 15:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat

[2013/03/28 14:13:19 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013/03/28 14:13:19 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013/03/28 14:13:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013/03/28 14:13:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013/03/28 14:13:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013/03/27 11:59:11 | 027,407,622 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Drew Dudley Leading with Lollipops (480).mp4

[2013/03/27 11:58:31 | 104,376,597 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TEDxToronto - Drew Dudley Leading with Lollipops.mp4

[2013/03/20 14:38:01 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Compaq_Administrator.job

[2013/03/20 14:38:00 | 000,000,466 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Compaq_Administrator.job

[2013/03/20 14:38:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Compaq_Administrator.job

[2013/03/08 07:31:12 | 000,501,923 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Campus_Map.pdf

[2012/04/02 12:36:49 | 000,002,944 | ---- | C] () -- C:\WINDOWS\BRPARAM.INI

[2012/04/02 11:27:05 | 001,527,650 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll

[2012/03/15 06:40:59 | 000,000,249 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini

[2012/03/15 06:40:59 | 000,000,065 | ---- | C] () -- C:\WINDOWS\brpcfx.ini

[2012/03/11 13:16:18 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI

[2012/03/11 13:16:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL

[2012/02/21 05:00:54 | 001,263,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2684078581-1939207485-826778432-1008-0.dat

[2012/02/21 05:00:39 | 000,273,746 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2012/02/20 10:15:43 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc

[2012/02/15 08:28:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/01/11 00:25:48 | 000,018,066 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\uyy2qb2nixeuy64x76lad14

[2012/01/11 00:25:48 | 000,018,066 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\uyy2qb2nixeuy64x76lad14

[2012/01/09 18:01:34 | 000,016,500 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\036c1j4g1820

[2012/01/09 18:01:34 | 000,016,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\036c1j4g1820

[2011/12/23 12:25:16 | 000,016,392 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\4727uy07g8m3s12g7my1iy4678gag730

[2011/12/23 12:25:16 | 000,016,392 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\4727uy07g8m3s12g7my1iy4678gag730

[2011/07/29 08:29:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\defogger_reenable

[2011/05/11 18:40:35 | 000,017,670 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp

[2011/05/11 18:40:35 | 000,017,670 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp

[2011/03/31 21:51:18 | 000,014,914 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o

[2011/03/31 21:51:18 | 000,014,914 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o

[2011/03/10 20:27:12 | 000,012,608 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\267464291

[2010/10/24 08:52:29 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.cat

[2010/10/24 08:52:28 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.inf

[2008/10/09 11:04:27 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\default.pls

[2008/10/05 17:01:04 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\.rnd

[2007/01/27 17:32:35 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\AutoGK.ini

[2006/06/12 08:00:42 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/06/11 08:13:54 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2010/12/09 08:15:09 | 000,002,048 | -HS- | M] () -- C:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

[2010/12/09 08:15:09 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L

[2012/08/28 06:25:49 | 000,000,000 | -HSD | M] -- C:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U

[2010/12/09 08:15:09 | 000,002,048 | -HS- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@

[2010/12/09 08:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L

[2010/12/09 08:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U

[2005/08/30 13:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[juliofelipe]

PART 2 - the last part of the OTL.txt output and the Extras.txt output.

[2013/03/07 21:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2011/10/09 18:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2012/06/30 10:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon

[2011/12/19 18:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess

[2011/06/27 21:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2013/03/28 15:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ControlCenter4

[2006/03/09 20:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation

[2012/01/04 10:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\F-Secure

[2008/11/17 18:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP

[2008/04/21 21:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft

[2006/08/10 08:39:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync

[2010/11/13 08:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe

[2011/11/05 19:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX

[2008/02/24 18:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor

[2006/06/11 20:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo

[2010/06/15 16:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nike

[2012/03/11 13:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nuance

[2006/08/12 08:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst

[2006/06/23 11:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap

[2010/07/05 10:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone

[2010/07/05 10:03:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RosettaStoneLtdBackup

[2012/03/11 13:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft

[2012/10/01 21:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate

[2011/11/06 11:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc

[2012/06/17 11:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUpMedia

[2010/08/25 21:47:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Update

[2009/01/08 16:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2008/08/26 22:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ylodkfwf

[2012/03/11 13:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zeon

[2010/03/30 20:15:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

[2009/09/11 18:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

[2009/04/10 07:01:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

[2011/12/19 17:52:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}

[2011/12/28 16:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Any Flv Converter

[2012/06/30 10:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Babylon

[2013/03/28 22:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent

[2011/04/12 06:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\C0EFD9542FAA59F0DAA150FC22334505

[2011/08/21 11:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\calibre

[2010/11/21 15:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1

[2013/03/28 15:50:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\ControlCenter4

[2006/07/19 18:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\EBookSys

[2012/01/04 10:41:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\f-secure

[2006/08/10 08:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\fhnetwork.com

[2011/06/06 21:53:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\FreeAudioPack

[2006/09/06 19:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\funkitron

[2006/08/10 08:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\HotSync

[2006/06/11 11:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Leadertech

[2008/07/25 12:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\LEAPS

[2011/11/05 19:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX

[2010/10/24 09:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\MoveFab

[2007/04/04 13:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Netscape

[2012/03/11 13:12:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Nuance

[2008/06/27 17:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\NwDocx

[2009/05/18 18:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Opera

[2008/12/05 21:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Pegasys Inc

[2006/08/12 08:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\PlayFirst

[2011/12/19 17:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\searchquband

[2012/01/23 08:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\searchqutoolbar

[2008/08/22 08:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\TrojanHunter

[2012/06/17 11:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\TuneUpMedia

[2010/10/24 08:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\Vso

[2008/03/28 17:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer

[2007/07/17 09:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\WinBatch

[2012/02/06 20:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\WinPatrol

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >

[2011/06/27 23:27:21 | 000,000,000 | ---D | M] -- C:\$AVG

[2006/11/15 04:01:05 | 000,000,000 | ---D | M] -- C:\21943d461b9bdeb59e6d

[2012/05/03 21:39:05 | 000,000,000 | ---D | M] -- C:\6510

[2012/02/06 21:18:32 | 000,000,000 | ---D | M] -- C:\AMD

[2010/11/13 08:55:57 | 000,000,000 | ---D | M] -- C:\ArcBackupDeviceInfo

[2013/03/28 15:38:22 | 000,000,000 | ---D | M] -- C:\Brother

[2010/09/29 06:47:15 | 000,000,000 | RHSD | M] -- C:\cmdcons

[2005/11/14 11:03:06 | 000,000,000 | ---D | M] -- C:\CMPNENTS

[2013/03/28 15:42:52 | 000,000,000 | ---D | M] -- C:\Config.Msi

[2011/01/31 07:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings

[2006/09/03 10:07:04 | 000,000,000 | ---D | M] -- C:\games

[2006/07/03 19:50:14 | 000,000,000 | ---D | M] -- C:\hp

[2009/05/03 10:45:08 | 000,000,000 | ---D | M] -- C:\Hy-Sport

[2006/03/09 19:59:17 | 000,000,000 | ---D | M] -- C:\i386

[2007/06/29 15:13:20 | 000,000,000 | ---D | M] -- C:\internet

[2008/11/17 19:33:36 | 000,000,000 | ---D | M] -- C:\My Downloads

[2013/03/07 21:58:46 | 000,000,000 | ---D | M] -- C:\my music

[2008/02/23 22:41:02 | 000,000,000 | ---D | M] -- C:\New Folder

[2006/12/25 14:43:47 | 000,000,000 | ---D | M] -- C:\p's music

[2011/12/31 10:04:30 | 000,000,000 | ---D | M] -- C:\photos

[2013/03/29 10:02:18 | 000,000,000 | ---D | M] -- C:\Program Files

[2007/02/23 07:43:58 | 000,000,000 | ---D | M] -- C:\ProgramData

[2007/11/26 20:24:50 | 000,000,000 | ---D | M] -- C:\Python22

[2013/03/28 15:04:39 | 000,000,000 | ---D | M] -- C:\Qoobox

[2012/10/01 20:22:47 | 000,000,000 | ---D | M] -- C:\RaidTool

[2013/03/28 15:13:48 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2006/06/26 07:25:37 | 000,000,000 | ---D | M] -- C:\Rio

[2010/06/26 06:49:31 | 000,000,000 | ---D | M] -- C:\Rooter$

[2008/02/23 23:02:16 | 000,000,000 | ---D | M] -- C:\shared

[2012/09/22 23:42:21 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2006/03/09 19:47:59 | 000,000,000 | ---D | M] -- C:\system.sav

[2006/07/03 19:50:05 | 000,000,000 | ---D | M] -- C:\temp

[2011/05/01 09:50:45 | 000,000,000 | ---D | M] -- C:\tempMM

[2012/05/10 22:55:02 | 000,000,000 | ---D | M] -- C:\tfmeets

[2013/03/29 22:49:00 | 000,000,000 | ---D | M] -- C:\WINDOWS

< %PROGRAMFILES%\*.exe >

Invalid Environment Variable: LOCALAPPDATA

< %systemroot%\*. /mp /s >

< %windir%\installer\*. /5 >

[2013/03/27 11:36:01 | 000,000,000 | ---D | M] -- C:\WINDOWS\installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Invalid Environment Variable: localappdata

< MD5 for: SERVICES.EXE >

[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe

[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\erdnt\cache\services.exe

[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe

[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe

[2004/08/09 14:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: USER32.DLL >

[2005/03/02 11:19:56 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=1800F293BCCC8EDE8A70E12B88D80036 -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll

[2007/03/08 08:48:36 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=7AA4F6C00405DFC4B70ED4214E7D687B -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll

[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\erdnt\cache\user32.dll

[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008/04/13 17:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

[2007/03/08 08:36:28 | 000,577,536 | ---- | M] (Microsoft Corporation) MD5=B409909F6E2E8A7067076ED748ABF1E7 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

< End of report >

OTL Extras logfile created on: 3/29/2013 11:11:27 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 36.32% Memory free

4.18 Gb Paging File | 1.99 Gb Available in Paging File | 47.56% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 178.37 Gb Total Space | 16.35 Gb Free Space | 9.17% Space Free | Partition Type: NTFS

Drive D: | 7.91 Gb Total Space | 0.56 Gb Free Space | 7.08% Space Free | Partition Type: FAT32

Computer Name: HADDY | User Name: Compaq_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusOverride" = 1

"FirewallOverride" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

"54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Disabled:Compaq Connections -- (Hewlett-Packard)

"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DSH -- (Digital Interactive Systems Corporation, Inc.)

"C:\Program Files\Brother\Brmfl10g\FAXRX.exe" = C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries, Ltd.)

"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}" = Adobe Audition 2.0

"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport

"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6510DW

"{17D1D0AC-CB9C-4273-A827-2D242460C6B5}" = FlipAlbum 5.0 Pro

"{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5

"{1A995D22-F711-4199-83D4-579B593A46C5}" = TMPGEnc DVD Author 1.6

"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations

"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes

"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java 6 Update 34

"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006

"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus

"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation

"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1

"{2A780209-2A41-4C75-932A-F6F0390D430A}" = Adobe Photoshop CS2 Functional Content

"{2ECE7ECE-D15B-4999-8B8D-01C998F489D5}" = Adobe Encore DVD 2.0

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in

"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{360EDFB0-EAA2-012B-AD16-000000000000}" = TurboTax 2009 wcaiper

"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder

"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset

"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset

"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine

"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver

"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper

"{3C5F1B30-B10B-4579-86DD-D00F662E1033}" = Nero 8

"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap

"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm

"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works

"{4545A088-CCEF-43C2-8840-B34B04594FA6}" = USB CDC Device Driver

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B9B1B84-FEC0-46D5-BDB9-832565779422}" = CheckIt Diagnostics

"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig

"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper

"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.091

"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder

"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57922B53-02D4-4DFC-AC24-A3519DC1F49A}" = Adobe Premiere Pro FC

"{5B30AA25-BF39-4BE4-8FEE-51938BAB214D}" = TurboTax 2008 wcaiper

"{619B8475-0F48-41B7-A370-5147F7092989}" = Virtual Earth 3D (Beta)

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12

"{6C91041E-406E-C082-0D03-75D4BC9C6CB0}" = Picaboo X

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6EC0A77B-AFAF-4B9A-A2AF-412589CF5FF6}" = Eudora

"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset

"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1

"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK

"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English

"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software

"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig

"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10

"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper

"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine

"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}" = SaveVid Plug-in

"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer

"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage

"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3

"{998AD896-5B25-466D-8D56-CC0CC9228A68}" = Adobe Audition 2.0 Loopology Content

"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour

"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime

"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = Microsoft Office 2003 Edition 60 Days Trial Welcome Tour

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine

"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAB061B3-99A6-4EE5-93F4-6EB1F60295C4}" = Adobe Production Studio

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio

"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0

"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006

"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers

"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy

"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper

"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport

"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3

"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0

"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional

"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software

"{B9273566-6E0A-4A87-AABB-08A0733ECE8E}" = MEET MANAGER 2.0 for Track & Field

"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C4186C0D-FB9F-5D83-21FB-A737A13EFAE6}" = AMD Catalyst Install Manager

"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard

"{C89269D9-DD02-45DD-99DD-6AE592F6C447}" = TurboTax 2011 wcaiper

"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update

"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D2095DFD-9022-4995-9A7A-CC9212837D29}" = calibre

"{D52ECEBC-9B20-41A5-81C4-A62DE2367419}" = Adobe Creative Suite

"{D7D38949-8251-4F07-BC2C-AA767308010B}" = TMPGEnc Authoring Works 4

"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview

"{DA15D535-5E1D-4076-B520-8571346D6238}" = Norton Security Scan

"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0

"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater

"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support

"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine

"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp

"{E722A962-E87D-CB6B-EB1E-27AD13D0F577}" = AMD Parental Control & Encoder

"{E7300AF3-DD5B-4E86-A291-7631BE0C62C7}" = Giganews Accelerator

"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper

"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks

"{EC1963C6-8EA9-40DF-8CD7-F63E174FCAEC}" = Adobe After Effects 7.0 Functional Content

"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper

"{EFD2807A-C66B-4C13-8FB8-42FCA6DEF171}" = TurboTax 2012 wcaiper

"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine

"{F0E8F94D-6E68-4B35-92DF-3AA6DC6A6768}" = Safari

"{F5F5ABB8-87EA-47A7-8CC6-E68AFC2D3BC0}" = TMPGEnc Sound Player

"{F6F6C08A-ED6F-4968-8292-A08E9F02584F}" = Adobe Encore DVD FC

"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive

"{F97B750E-554D-4194-BF3F-41EA91389E10}" = ArcSoft TotalMedia Extreme

"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0

"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset

"{FC5495CB-CDA5-4DCE-99DF-D1567DAF5A86}" = TMPGEnc 4.0 XPress

"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"045C89A0-CA37-443C-8826-F750227DE69C" = Shooting Stars Pool from Compaq (remove only)

"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)

"0BD36D37-C5D7-4B96-B64A-CB2C3A82EC4D" = Zuma Deluxe from Compaq (remove only)

"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic

"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)

"3330A279-CC39-4A17-AE19-DA464B26AD9A" = Polar Golfer from Compaq (remove only)

"3B3B73D1-DC4A-4780-B0E4-E823D08B3397" = 5 Card Slingo from Compaq (remove only)

"422C7575-C10D-4795-87FA-9972765379E6" = Mah Jong Quest from Compaq (remove only)

"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)

"52AEBC18-F252-4B0C-B3E1-724537D9F873" = Ricochet Lost Worlds from Compaq (remove only)

"53474592-01BC-4338-8647-FE350957D912" = Barnyard Invasion from Compaq (remove only)

"5AF1DD17-7B06-45EF-8592-2E524E458BAB" = Insaniquarium Deluxe from Compaq (remove only)

"63E4EC24-7173-4E1F-9C77-B4403CBCF91F" = Lemonade Tycoon 2 from Compaq (remove only)

"66195170-D19D-46C5-8FB7-8A4630071ADC" = Tradewinds from Compaq (remove only)

"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007

"85CF9BF3-1057-468C-962D-31BAABC6AC72" = FATE from Compaq (remove only)

"8D11F98B-4931-44F6-8FC6-971CCBBBB131" = Snowboard SuperJam from Compaq (remove only)

"9448DE42-C017-4A3E-A0BB-C50BF673E9E0" = Chuzzle Deluxe from Compaq (remove only)

"997DD523-B925-4C73-970B-C201E8F781AD" = AstroPop Deluxe from Compaq (remove only)

"9D7E7CDA-051E-4B0D-8CEE-58F41F449CF9" = Blasterball 2 Remix from Compaq (remove only)

"AC3ACM" = AC-3 ACM Codec

"Adobe AIR" = Adobe AIR

"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem

"Allok 3GP PSP MP4 iPod Video Converter_is1" = Allok 3GP PSP MP4 iPod Video Converter 4.1.0422

"Allok Video Joiner_is1" = Allok Video Joiner 3.3.1116

"ATI Display Driver" = ATI Display Driver

"AutoGK" = Auto Gordian Knot 2.40

"AVI Joiner_is1" = AVI Joiner

"AVI Splitter_is1" = AVI Splitter

"Avi2Dvd" = Avi2Dvd 0.4.4 beta

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3

"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6

"AwayMode160" = Microsoft Away Mode

"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto

"BBCBAA5D-AC5A-4098-A53E-EC60A68F38F9" = Shrek 2 Ogre Bowler from Compaq (remove only)

"BBE9E0F3-11F7-4424-9905-8E0153E872C1" = Family Feud

"BFAF1EEC-E987-415B-BCB8-80CDB0BC6CDF" = Blackhawk Striker 2 from Compaq (remove only)

"BitTorrent" = BitTorrent

"C43D84CD-EBFC-48D3-A330-7868C8AD415A" = Crystal Maze from Compaq (remove only)

"C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B" = Boggle Supreme from Compaq (remove only)

"CalorieKing Nutrition and Exercise Manager" = CalorieKing Nutrition and Exercise Manager (remove only)

"CalorieKing.com Diet Diary for PalmOS" = CalorieKing.com Diet Diary for PalmOS

"CCleaner" = CCleaner (remove only)

"com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1" = Picaboo X

"Coupon Companion" = Coupon Companion

"D84AC71A-75E8-4709-8BA5-4B46EAC00C5E" = Bejeweled 2 Deluxe from Compaq (remove only)

"DE87FA96-7840-420C-86F9-33F3B7B3CED1" = Super Granny from Compaq (remove only)

"DISCover" = DISCover

"DVD Shrink_is1" = DVD Shrink 3.2

"DVDFab 8_is1" = DVDFab 8.0.2.2 (01/10/2010)

"DVDx_is1" = DVDx

"E1A0F769-A43A-4DDB-9F73-12791E453557" = Puzzle Express from Compaq (remove only)

"E618FC78-EE4F-4243-8409-078EB5E0B1F6" = Bookworm Deluxe from Compaq (remove only)

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"EsetOnlineScanner" = ESET Online Scanner

"exPressit S.E. 2.2" = exPressit S.E. 2.2

"F05A08BF-E600-4FBD-A53A-3D47296B1275" = Lexibox Deluxe from Compaq (remove only)

"F19E8CDF-5EFD-45E0-9FAF-66CBAE84B1D9" = Slingo Deluxe from Compaq (remove only)

"FA6A73EB-40AB-4B58-851D-3892B3C10EF6" = SCRABBLE from Compaq (remove only)

"FileHippo.com" = FileHippo.com Update Checker

"FLVPlayer" = FLV Player 1.3.3

"Forte Agent" = Forté Agent

"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.95

"Free WMA MP3 Converter" = Free WMA MP3 Converter

"Google Chrome" = Google Chrome

"GSpot" = GSpot Codec Information Appliance

"HaaliMkx" = Haali Media Splitter

"HP Game Console" = HP Game Console and games

"HP Imaging Device Functions" = HP Imaging Device Functions 6.0

"HP Photo & Imaging" = HP Photosmart Premier Software 6.0

"HP Rhapsody" = HP Rhapsody

"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InFlac" = InFlac 1.1.1

"InstallShield_{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"InstallShield_{4545A088-CCEF-43C2-8840-B34B04594FA6}" = USB CDC Device Driver

"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"IsoBuster_is1" = IsoBuster 2.8

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Matroska Pack" = Matroska Pack

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Money2006b" = Microsoft Money 2006

"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Netscape Browser" = Netscape Browser (remove only)

"NetSight" = Nielsen

"Nike+ Connect" = Nike+ Connect

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Open Video Joiner_is1" = Open Video Joiner version 3.1

"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows

"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.9

"PG-1-278" = MultiLane version 1.0

"Photo Viewer_is1" = Photo Viewer 2.4

"Photo2DVD Studio_is1" = Photo2DVD Studio Build 4.8.0.1

"PS2" = PS2

"Python 2.2.3" = Python 2.2.3

"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)

"RealPlayer 12.0" = RealPlayer

"SaveVid Plug-in" = SaveVid Plug-in

"SPSS for Windows 11.5" = SPSS 11.5 for Windows

"Sqirlz Morph" = Sqirlz Morph

"SubtitleCreator" = SubtitleCreator

"SugarSync" = SugarSync Manager

"TuneUpMedia" = TuneUp Companion 2.4.6.4

"TurboTax 2008" = TurboTax 2008

"TurboTax 2009" = TurboTax 2009

"TurboTax 2010" = TurboTax 2010

"TurboTax 2011" = TurboTax 2011

"TurboTax 2012" = TurboTax 2012

"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006

"TurboTax Premier 2007" = TurboTax Premier 2007

"Tweak UI 2.10" = Tweak UI

"Video Cleaner" = River Past Video Cleaner

"VLC media player" = VLC media player 2.0.1

"VobSub" = VobSub v2.23 (Remove Only)

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Winamp" = Winamp

"WinAVIVideoConverter_is1" = WinAVIVideoConverter

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinMorph_is1" = WinMorph™ 3.01

"WinRAR archiver" = WinRAR 4.11 (32-bit)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

"XviD_is1" = XviD 1.1 final uninstall

"XviD4PSP5_is1" = XviD4PSP 5.10.271.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 3/24/2013 6:54:26 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 15:54:26.674]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 6:55:35 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 15:55:35.674]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 6:59:02 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 15:59:02.705]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:00:11 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:00:11.721]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:01:20 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:01:20.721]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:03:38 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:03:38.737]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:04:47 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:04:47.737]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:05:56 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:05:56.737]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:07:05 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:07:05.752]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:08:14 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:08:14.752]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

[ System Events ]

Error - 3/28/2013 10:04:33 AM | Computer Name = HADDY | Source = Disk | ID = 262155

Description = The driver detected a controller error on \Device\Harddisk1\D.

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

< End of report >

[Larusso]

Hy there.

I see you are using peer 2 peer software. In your case BitTorrent

Refering to this sticky topic, I want you to uninstall this kind of software.

Double click on the OTL icon to run it.

Copy/paste the entire contents of the codebox below into the Box:

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}: "URL" = http://dts.search-re...q={searchTerms}
FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.02
FF - prefs.js..browser.search.defaultenginename: "Search Results"
[2011/12/19 17:52:48 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2010/08/25 12:34:03 | 000,000,000 | ---D | M] (tab-search) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\tab@search.com
[2012/02/06 21:47:59 | 000,000,000 | ---D | M] (Nero Toolbar) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com
[2013/02/21 21:52:28 | 000,021,487 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\plugin@yontoo.com.xpi
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AntiVirusDisableNotify =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: UpdatesDisableNotify =
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: FirewallDisableNotify =
[2012/01/11 00:25:48 | 000,018,066 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\uyy2qb2nixeuy64x76lad14
[2012/01/11 00:25:48 | 000,018,066 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\uyy2qb2nixeuy64x76lad14
[2012/01/09 18:01:34 | 000,016,500 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\036c1j4g1820
[2012/01/09 18:01:34 | 000,016,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\036c1j4g1820
[2011/12/23 12:25:16 | 000,016,392 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\4727uy07g8m3s12g7my1iy4678gag730
[2011/12/23 12:25:16 | 000,016,392 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\4727uy07g8m3s12g7my1iy4678gag730
[2011/05/11 18:40:35 | 000,017,670 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp
[2011/05/11 18:40:35 | 000,017,670 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp
[2011/03/31 21:51:18 | 000,014,914 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o
[2011/03/31 21:51:18 | 000,014,914 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o
[2011/03/10 20:27:12 | 000,012,608 | -HS- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\267464291
[2012/06/30 10:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2011/12/19 17:53:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\searchquband
[2012/01/23 08:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\searchqutoolbar
[2008/08/22 08:03:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Administrator\Application Data\TrojanHunter
:commands
[emptytemp]

• Please close all other programs now.
  
• Then click the Run Fix button at the top.
  
• OTL may ask to reboot the machine. Please do so if asked.
  
• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.

Please post the log in your next reply.

Please download Malwarebytes Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page for performing a scan.
  
• Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  
• When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  
• If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  
• Two files ( mbar-log-YYYY-MM-DD, system-log.txt ) will be created and saved within that same folder.
  
• Copy and paste the contents of these two log files in your next reply.

Note: Further documentation can be found in the ReadMe.rtf file which is located in the Malwarebytes Anti-Rootkit folder.

[juliofelipe]

OK, I removed BitTorrent. I just used the Add and Remove Programs control panel to remove it - I hope that deletes it completely.

Below are the 3 logs that you asked for. 1st is the OTL log. The second is the mbar log (The first time it came up with 4 issues that it cleaned. I ran it again like the instructions said and it came up clean. I'll post both of them since I'm not sure which one you want/need. And lastly is the system log. Considering the last post had to be broken up into multiple posts, I'll probably have to do the same here.

Thanks,

JF

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}\ not found.

Prefs.js: plugin%40yontoo.com:1.20.02 removed from extensions.enabledAddons

Prefs.js: "Search Results" removed from browser.search.defaultenginename

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\tab@search.com\chrome folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\tab@search.com folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\defaults folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com\chrome folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\toolbar@ask.com folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\plugin@yontoo.com.xpi moved successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\AntiVirusDisableNotify deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\UpdatesDisableNotify deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\FirewallDisableNotify deleted successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\uyy2qb2nixeuy64x76lad14 moved successfully.

C:\Documents and Settings\All Users\Application Data\uyy2qb2nixeuy64x76lad14 moved successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\036c1j4g1820 moved successfully.

C:\Documents and Settings\All Users\Application Data\036c1j4g1820 moved successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\4727uy07g8m3s12g7my1iy4678gag730 moved successfully.

C:\Documents and Settings\All Users\Application Data\4727uy07g8m3s12g7my1iy4678gag730 moved successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp moved successfully.

C:\Documents and Settings\All Users\Application Data\6lr8qybjn13oh6xyp8ivrd2x86m5wp moved successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o moved successfully.

C:\Documents and Settings\All Users\Application Data\40l3j85ka67376pv1f77tn526lmm2dsbdnf12x4o moved successfully.

C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\267464291 moved successfully.

C:\Documents and Settings\All Users\Application Data\Babylon folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\searchquband folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\searchqutoolbar\weather folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\searchqutoolbar\coupons folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\searchqutoolbar folder moved successfully.

C:\Documents and Settings\Compaq_Administrator\Application Data\TrojanHunter folder moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 4047 bytes

->FireFox cache emptied: 21293864 bytes

->Flash cache emptied: 722 bytes

User: All Users

User: Compaq_Administrator

->Temp folder emptied: 120656340 bytes

->Temporary Internet Files folder emptied: 3561322 bytes

->Java cache emptied: 28161 bytes

->FireFox cache emptied: 339867570 bytes

->Google Chrome cache emptied: 139959686 bytes

->Flash cache emptied: 21323 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 0 bytes

User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 49816 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 85415345 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 237188841 bytes

Total Files Cleaned = 904.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03302013_125504

Files\Folders moved on Reboot...

C:\WINDOWS\temp\Perflib_Perfdata_ec0.dat moved successfully.

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\CR_445AE.tmp\SETUP_PATCH.PACKED.7Z not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\atmosphere.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\atmosphere.glsllib not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\glsles.h not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\precipitation_double_cone.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\speedtree_configuration_glsles.h not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\speedtree_utils_glsles.h not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbfp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.arbvp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.asd not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.cfg not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.ps_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbillboard.vs_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.arbfp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.arbvp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.asd not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.cfg not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.ps_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stbranch.vs_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stcommonobjects.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.arbfp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.arbvp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.asd not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.cfg not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.ps_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stfrond.vs_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbfp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.arbvp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.asd not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.cfg not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.ps_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafcard.vs_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbfp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.arbvp1 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.asd not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.cfg not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.ps_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\stleafmesh.vs_2_0 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\water.glsllib not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\shaders\watersurface.glslesv not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\planet\earth.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\generic.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\keyboard\sr22.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\hud\generic.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\hud\sr22.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\generic.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\genius_maxfighter_f16u.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_attack3.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_extreme_3d.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_force_3d.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\logitech_freedom.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_cyborg_evo.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\saitek_x52.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_hawk.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_black_widow.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_cougar_flightstick.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\speed_link_dark_tornado.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\controller\xbox_360.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\f16.acf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\aircraft\sr22.acf not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\flightsim\flightsim.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\application.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\balloons.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\builtin_webdata.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\cursor_crosshair_inverse.png not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\cursor_crosshair_thick.png not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\doppler.txt not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\effects.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\filmstrip.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\leftpanel-common.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\leftpanel-layer.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\localshapes.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\navcontrols.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\notifications.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\progress.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\renderui.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\search.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\spin_icon.png not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\statusbar.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\terrainmgr.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\tmcontrols.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\toolbar.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\tourcontrols.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\unknown_plugin.png not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\userpalette.kml not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\res\webbrowser.rcc not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ar.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\bg.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ca.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\cs.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\da.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\de.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\el.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\en.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\es-419.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\es.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\fa.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\fi.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\fil.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\fr.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\he.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\hi.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\hr.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\hu.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\id.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\it.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ja.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ko.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\lt.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\lv.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\nl.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\no.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\pl.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\pt-PT.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\pt.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ro.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\ru.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\sk.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\sl.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\sr.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\sv.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\th.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\tr.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\uk.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\vi.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\zh-Hans.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\zh-Hant-HK.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\lang\zh-Hant.qm not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\alchemyext.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\drivers.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\earthps.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\geplugin.exe not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ge_expat.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\googleearth.exe.local not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\googleearth_free.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\google_earth.ico not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\gpl.txt not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\icudt.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGAttrs.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGCore.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGExportCommon.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGGfx.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGMath.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGOpt.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGSg.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\IGUtils.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ImporterGlobalSettings.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\ImporterUISettings.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\kh20 not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcp100.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\msvcr100.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\npgeplugin.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\PCOptimizations.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\plugin_ax.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtCore4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtGui4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtNetwork4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\QtWebKit4.dll not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\program files\Google\Google Earth\plugin\uninstall.ico not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\0x0409.ini not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\Google Earth.msi not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\GoogleEarth.exe not found!

File\Folder C:\WINDOWS\System32\config\systemprofile\Local Settings\Temp\._msigeplugin61\Setup.ini not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

www.malwarebytes.org

Database version: v2013.03.30.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Compaq_Administrator :: HADDY [administrator]

3/30/2013 1:33:06 PM

mbar-log-2013-03-30 (13-33-06).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 29932

Time elapsed: 20 minute(s), 46 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 2

c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L (Backdoor.0Access) -> Delete on reboot.

c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U (Backdoor.0Access) -> Delete on reboot.

Files Detected: 2

c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ (Backdoor.0Access) -> Delete on reboot.

c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ (Backdoor.0Access) -> Delete on reboot.

(end)

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

www.malwarebytes.org

Database version: v2013.03.30.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Compaq_Administrator :: HADDY [administrator]

3/30/2013 1:50:59 PM

mbar-log-2013-03-30 (13-50-59).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 29922

Time elapsed: 16 minute(s), 27 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[juliofelipe]

Part 2 - Here is the system log. It was too long to post, so I'm splitting into multiple posts (although it kinda looks like it ran twice)...

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_34

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.188000 GHz

Memory total: 3152519168, free: 1747968000

------------ Kernel report ------------

03/30/2013 13:10:05

------------ Loaded modules -----------

\WINDOWS\system32\ntkrnlpa.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

wdf01000.sys

\WINDOWS\System32\Drivers\WDFLDR.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

viaide.sys

intelide.sys

MountMgr.sys

ftdisk.sys

dmload.sys

dmio.sys

PartMgr.sys

jraid.sys

\WINDOWS\system32\DRIVERS\SCSIPORT.SYS

VolSnap.sys

iaStor.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

timntr.sys

tdrpman.sys

snapman.sys

Mup.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\AmdK8.sys

\SystemRoot\system32\DRIVERS\aracpi.sys

\SystemRoot\system32\DRIVERS\ati2mtag.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\Afc.sys

\SystemRoot\System32\Drivers\cdrbsdrv.SYS

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\System32\Drivers\ArcCD.SYS

\SystemRoot\System32\Drivers\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\Rtnicxp.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\AGRSM.sys

\SystemRoot\System32\Drivers\Modem.SYS

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\km_filter.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\arpolicy.sys

\SystemRoot\system32\DRIVERS\serscan.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\System32\Drivers\pcouffin.sys

\SystemRoot\System32\Drivers\RootMdm.sys

\SystemRoot\system32\DRIVERS\rdpdr.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\drivers\WmBEnum.sys

\SystemRoot\system32\drivers\WmXlCore.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\ArcRec.SYS

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\system32\drivers\netbt.sys

\SystemRoot\System32\Drivers\nnrnstdi.SYS

\SystemRoot\System32\drivers\ws2ifsl.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\??\C:\WINDOWS\system32\VCdRom.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\arhidfltr.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\arkbcfltr.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\armoucfltr.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\ati2dvag.dll

\SystemRoot\System32\ati2cqag.dll

\SystemRoot\System32\atikvmag.dll

\SystemRoot\System32\ati3duag.dll

\SystemRoot\System32\ativvaxx.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\DRIVERS\tifsfilt.sys

\SystemRoot\System32\Drivers\DefragFS.SYS

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk4\DR6

Upper Device Object: 0xffffffff8a7c8ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000088\

Lower Device Object: 0xffffffff8a7b5348

Lower Device Driver Name: \Driver\usbstor\

Driver name found: usbstor

Initialization returned 0x0

Load Function returned 0x0

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR5

Upper Device Object: 0xffffffff8a78cab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000087\

Lower Device Object: 0xffffffff8a7bc8c8

Lower Device Driver Name: \Driver\usbstor\

Driver name found: usbstor

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR4

Upper Device Object: 0xffffffff8a7bcab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000086\

Lower Device Object: 0xffffffff8a788ea0

Lower Device Driver Name: \Driver\usbstor\

Driver name found: usbstor

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR3

Upper Device Object: 0xffffffff8a789428

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000085\

Lower Device Object: 0xffffffff8a7b8030

Lower Device Driver Name: \Driver\usbstor\

Driver name found: usbstor

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8ae9bab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\

Lower Device Object: 0xffffffff8ad81d98

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

Initialization returned 0x0

Load Function returned 0x0

Downloaded database version: v2013.03.30.06

Downloaded database version: v2013.03.25.01

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 1

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8ae9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ae9b998, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8ae9d900, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8ae9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8aeec030, DeviceName: \Device\00000076\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8ad81d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: Unknown, DriverName: \Driver\PartMgr\

Upper DeviceData: 0xffffffffe3827470, 0xffffffff8ae9bab8, 0xffffffff89c20ab8

Lower DeviceData: 0xffffffffe3825c58, 0xffffffff8ad81d98, 0xffffffff89cec5d8

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: CAB10BEE

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 374073462

Partition file system is NTFS

Partition is bootable

Partition 1 type is Other (0xc)

Partition is NOT ACTIVE.

Partition starts at LBA: 374089590 Numsec = 16627275

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 200049647616 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-390701968-390721968)...

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xffffffff8a789428, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b3de0, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a7c9020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a789428, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7b8030, DeviceName: \Device\00000085\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xffffffff8a7bcab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a792c48, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a7c0020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a7bcab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a788ea0, DeviceName: \Device\00000086\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xffffffff8a78cab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b39f8, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8aa80020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a78cab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7bc8c8, DeviceName: \Device\00000087\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xffffffff8a7c8ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b5768, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a784020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a7c8ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7b5348, DeviceName: \Device\00000088\, DriverName: \Driver\usbstor\

------------ End ----------

Done!

Performing system, memory and registry scan...

Read File: File "c:\Documents and Settings\Administrator\Application Data\Lavasoft\Ad-Aware\stats.awd" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\profiles.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\Msg\Category.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\Msg\SCategory.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\rnadmin\rnsystem.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\WinRAR\version.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\hpzinstall.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\boost_interprocess\401C437CB6BECC01\{1832B446-3F6D-4880-99C1-0B3B26170D94}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Bots.sbe" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\SystemInternals.sbe" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\com.apple.QuickTime.plist" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\arcsoft_codec.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\guid.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\tic.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\UpdaterforApp.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\TotalMedia Extreme\TME.DAT" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\cfg\malrep.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\cfgall\userall.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\log\commonpub.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\log\history.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\addr_file.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\crm.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\Fotomanager_dlx.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\Installation.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\installation.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\Photo_Manager_10\_msi_keyfile_k4s0bq0oui3c03cqsvex8i9vt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\exclusions.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\link.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Maxtor\mxtr_auto_settings.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Maxtor\ULC\nextBackup.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\Machine Debug Manager\mdm.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f1.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f2.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f5.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\NOS\GP_GUI_Adobe\blank.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\NOS\GP_GUI_Adobe\SmoothMovement.js" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Real\RealPlayer\cdplayer.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\bookmrk.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Grpsyll.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Progress.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Settings.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Syllabus.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\MetaStreamID.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\instance.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\SavevidSetupV2.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\SavevidSetupV2.par" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Common Files\D562D8C0-5259-3FE8-63D0-D18B37D0AEE3.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation\Data.DCD" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation\DiscInstalledMC.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.5c060651" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.e9ab0d36" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Encore DVD 2.0\ProjectPrefs.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Encore DVD 2.0\WSMgrCfg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Illustrator CS Settings\AI Color Settings" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\AIR\eulaAccepted" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Updater\AUTrans.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\GCHWCfg.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\GCHWCfg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\NeroVisionLog.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-am.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-mtmpl.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-vobmap.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Apple Computer\Preferences\iTunes.exe.plist" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\IORRT 3.5.cmd.1.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\IORRT 3.5.cmd.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\Long Walk to Freedom Nelson Mandela (epub)[rogercc][h33t].epub.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\A Raisin In The Sun.rtf.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\Corrections.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\the white tiger.txt.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\calibre\conversion\comic_input.py" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\calibre\conversion\page_setup.py" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\crm.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\Fotos_dlx.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\Fotos_dlx.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Media Player\001002A2.wpl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Excel12.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Imagin10.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\MSO1024.acl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Scanni10.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Move Networks\MNStatsID.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MoveFab\init0.movefab" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\TuneUpMedia\prefs.js" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Real\RealMediaSDK\c0a80100.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\vlc\ml.xspf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\asset.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\assets.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\FolderList.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\thumbnailSel.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\ViewSel.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\auth.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\gen_jumpex.m3u8" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\Winamp.m3u" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\winamp.m3u8" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\Plugins\gen_mud.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\FreeAudioPack\EasyCutter.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\FreeAudioPack\FreeConverter.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\funkitron\Boggle Supreme\Boggle.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1\Local Store\DesktopCitizen.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Netscape\registry.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Netscape\NSB\profiles.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Symantec\PendingAlertsQueue.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\protection-log-2010-09-25.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\My Documents\Downloads\031612 vs belmont.pxy" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\My Documents\Downloads\032812 vs bernstein.pxy" is compressed (flags = 1)

Read File: File "c:\Program Files\Outlook Express\msoe.txt" is compressed (flags = 1)

Read File: File "c:\Program Files\Windows Media Player\npdrmv2.zip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\$ncsp$.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\24wwxsp1.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\AK083E209605E394C.lie" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\cmos.ram" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\dsound.vxd" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\login.cmd" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\l_except.nls" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\MsiExec.exe.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\pcl.sep" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perfci.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perffilt.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perfwci.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\pscript.sep" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\spupdwxp.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\temp_0000_80678.aok" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\thxcfg.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\veolx32n.dll" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\prodspec.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\View Channels.scf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\650807529" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\hosts.20080821-215650.backup" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\hosts.20090216-183112.backup" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\networks" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\migip.dun" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\migrate.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\msobe.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\obeip.dun" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\oobeinfo.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\reg.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\wbem\wmiclivalueformat.xsl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\default.pls" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\brpcfx.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Brpfx04a.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\BRPP2KA.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\BRWMARK.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\explorer.scf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\iexplore.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Nxiwuzuwoc.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\ODBC.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\smscfg.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\srun.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\AviSplitter.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UPGRADE.TXT" is compressed (flags = 1)

Read File: File "c:\WINDOWS\vb.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\vbaddin.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\WININIT.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\wmsetup10.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroBackItUp.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroMediaHome.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroShowTime.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroVision.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNRecode.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\popcinfo.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Quicken.ini" is compressed (flags = 1)

[juliofelipe]

Part 3 - Continuation of the system log...

Read File: File "c:\WINDOWS\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\AxInterop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\AxInterop.WT3DLib\1.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Common.Logging\1.2.0.0__af08829b84f0328e\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\DiscWriter\2.3.1.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\SymAddIn\15.0.0.1__ea8ad8cd626b3bac\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\GemMaster3\3.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcddvd\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqglutl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpel10\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodai\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.MsHtmHst\0.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Codecs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hplMosaicNet\1.4.1.0__0d5444959b41355f\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\HPODMmcLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqactiv\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqactiv.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqalb\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqasmgt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqasset\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbakup\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbakup.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbkloc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbutil\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcalp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcalp.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcc2\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcc2.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcdcpy\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcdcpy.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroBurnAdvrCntrl2Lib\1.0.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NEROLib\1.4.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroMCEWrapper\1.0.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroVisionAPI\1.3.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.WT3DLib\1.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqglutl.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqgtpin\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqgtpin.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqiface\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimgrc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimgrc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimvlt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimvlt.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqisdsp\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqislib\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqistab\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsprj\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsprj.resources\1.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsutl\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqltutl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmdmr\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmdmr.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmpvad\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmyint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqntrop\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqovskn\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpanop\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpanop.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpbgen\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpdmdl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqunkwd\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqunkwd.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqutils\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqvideo\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqxpbrn\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.HPDarc\1.0.0.0__19565c63d39c2842\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpocxi08\1.0.0.0__3b766a3b3d2dc385\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodae\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodaud\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodeb08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodev08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodio08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmmc\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmp\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmpv\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmpv_md\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodprint2\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodtrk\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodvid\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodxmlutil\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqaiois\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.HpqCamUn\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqcbcnv\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqcldat\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqcrmcm\60.0.86.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqdstcp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.LITTManagerLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Twain\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.CommonDialogs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.Codecs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.Twain\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms.CommonDialogs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpel10.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprif\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjcm\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjfx\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjfx.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprrsc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprrsc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprutl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprutl.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptfx\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptfx.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptint\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptint.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqqca\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqszip\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqtray\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqtray.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpolp\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpolp.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqdocpt\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqdocpt.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqeal\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedit\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedit.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedppi\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedppi.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqfmrsc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\mjolauncher.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.87.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\gpcontrol.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\OnlineScanner.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\OSD2B0C.OSD" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\SCEWebLauncher.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\swflash.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\symdlmgr.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\wlscBase.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Fonts\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\ciadmin.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\conf.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\connect.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\mshearts.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\msnauth.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\nocontnt.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\ratings.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\update.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\windows.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\winhlp32.cnt" is compressed (flags = 1)

Infected: c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ --> [backdoor.0Access]

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\al.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ConfigWizards.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\default.disco" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ieexec.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\l_except.nlp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\_dataperfcounters.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\_NetworkingPerfCounters.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.mof.uninstall" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ieexec.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\l_except.nlp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU1.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU2.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet.mof.uninstall" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\webAdminNoNavBar.master" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess32.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\default.win32manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\EdmGen.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\applaunch.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\default.win32manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\XPThemes.manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\_dataperfcounters_shared12_neutral.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Web\bullet.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory\regasm.exe.11f1da13.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\mvdmap.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\SubtitleCreator\MRU.txt" is compressed (flags = 1)

Infected: c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ --> [backdoor.0Access]

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SID.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db.id" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\ArcSoft\Connection Service\timecfg.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Silverlight\mssl.lck" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\bgscncfg.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\SID.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory\regasm.exe.11f1da13.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\conngmidchg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\gmid.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\upgmidchg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\uuid.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\mvdmap.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\{6005a339-8b45-43d1-856a-a05dd9e4f98b}\staxSys.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Rio\Rio Music Manager\Rio_Forge_5042_0002F68C2CF98817.lsa" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\SubtitleCreator\MRU.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\$NtUninstallKB2624667$\update.ver" is compressed (flags = 1)

Read File: File "c:\WINDOWS\$NtUninstallKB2624667$\updatebr.inf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\protection-log-2010-09-25.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\autorun.inf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\facefilter\InstFFSpath.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\menu\LogoCopyright.swf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\tools\brinfo\BrCollect.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\tools\brinfo\BrDbgOut.INI" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\frc\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\frc\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\ptb\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\ptb\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\spa\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\spa\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\usa\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\usa\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\layout.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\ENG_End_Mes.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\JPN_End_Mes.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\JPN_guide.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk2\layout.bin" is compressed (flags = 1)

Infected: c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L --> [backdoor.0Access]

Infected: c:\WINDOWS\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U --> [backdoor.0Access]

Done!

Scan finished

Creating System Restore point...

Scheduling clean up...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Removal successful. No system shutdown is required.

=======================================

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_34

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.188000 GHz

Memory total: 3152519168, free: 2303700992

------------ Kernel report ------------

03/30/2013 13:34:25

------------ Loaded modules -----------

\WINDOWS\system32\ntkrnlpa.exe

\WINDOWS\system32\hal.dll

\WINDOWS\system32\KDCOM.DLL

\WINDOWS\system32\BOOTVID.dll

ACPI.sys

\WINDOWS\system32\DRIVERS\WMILIB.SYS

pci.sys

isapnp.sys

ohci1394.sys

\WINDOWS\system32\DRIVERS\1394BUS.SYS

wdf01000.sys

\WINDOWS\System32\Drivers\WDFLDR.SYS

pciide.sys

\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

viaide.sys

intelide.sys

MountMgr.sys

ftdisk.sys

dmload.sys

dmio.sys

PartMgr.sys

jraid.sys

\WINDOWS\system32\DRIVERS\SCSIPORT.SYS

VolSnap.sys

iaStor.sys

atapi.sys

disk.sys

\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

fltmgr.sys

sr.sys

PxHelp20.sys

KSecDD.sys

Ntfs.sys

NDIS.sys

timntr.sys

tdrpman.sys

snapman.sys

Mup.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\AmdK8.sys

\SystemRoot\system32\DRIVERS\aracpi.sys

\SystemRoot\system32\DRIVERS\ati2mtag.sys

\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS

\SystemRoot\system32\DRIVERS\imapi.sys

\SystemRoot\system32\drivers\Afc.sys

\SystemRoot\System32\Drivers\cdrbsdrv.SYS

\SystemRoot\system32\drivers\pfc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\redbook.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\System32\Drivers\ArcCD.SYS

\SystemRoot\System32\Drivers\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\Rtnicxp.sys

\SystemRoot\system32\DRIVERS\nic1394.sys

\SystemRoot\system32\DRIVERS\AGRSM.sys

\SystemRoot\System32\Drivers\Modem.SYS

\SystemRoot\system32\drivers\ALCXWDM.SYS

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\km_filter.sys

\SystemRoot\system32\DRIVERS\parport.sys

\SystemRoot\system32\DRIVERS\arpolicy.sys

\SystemRoot\system32\DRIVERS\serscan.sys

\SystemRoot\system32\DRIVERS\audstub.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\psched.sys

\SystemRoot\system32\DRIVERS\msgpc.sys

\SystemRoot\system32\DRIVERS\ptilink.sys

\SystemRoot\system32\DRIVERS\raspti.sys

\SystemRoot\System32\Drivers\pcouffin.sys

\SystemRoot\System32\Drivers\RootMdm.sys

\SystemRoot\system32\DRIVERS\rdpdr.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\update.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\drivers\WmBEnum.sys

\SystemRoot\system32\drivers\WmXlCore.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\Drivers\mnmdd.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\System32\Drivers\ArcRec.SYS

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\ipsec.sys

\SystemRoot\system32\DRIVERS\tcpip.sys

\SystemRoot\system32\DRIVERS\tcpip6.sys

\SystemRoot\system32\drivers\netbt.sys

\SystemRoot\System32\Drivers\nnrnstdi.SYS

\SystemRoot\System32\drivers\ws2ifsl.sys

\SystemRoot\System32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\??\C:\WINDOWS\system32\VCdRom.sys

\SystemRoot\system32\DRIVERS\ssmdrv.sys

\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\System32\Drivers\Fips.SYS

\SystemRoot\system32\DRIVERS\ipnat.sys

\SystemRoot\system32\drivers\ip6fw.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\arp1394.sys

\SystemRoot\system32\DRIVERS\avipbb.sys

\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\arhidfltr.sys

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\arkbcfltr.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\armoucfltr.sys

\SystemRoot\System32\Drivers\Fastfat.SYS

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_WMILIB.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\System32\watchdog.sys

\SystemRoot\System32\drivers\dxg.sys

\SystemRoot\System32\drivers\dxgthk.sys

\SystemRoot\System32\ati2dvag.dll

\SystemRoot\System32\ati2cqag.dll

\SystemRoot\System32\atikvmag.dll

\SystemRoot\System32\ati3duag.dll

\SystemRoot\System32\ativvaxx.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\avgntflt.sys

\SystemRoot\system32\DRIVERS\tifsfilt.sys

\SystemRoot\System32\Drivers\DefragFS.SYS

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\mrxdav.sys

\SystemRoot\system32\drivers\wdmaud.sys

\SystemRoot\system32\drivers\sysaudio.sys

\SystemRoot\System32\Drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\srv.sys

\SystemRoot\System32\Drivers\Cdfs.SYS

\SystemRoot\system32\DRIVERS\asyncmac.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\system32\drivers\kmixer.sys

\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys

\WINDOWS\system32\ntdll.dll

----------- End -----------

[juliofelipe]

Part 4 - another piece of the system log...

<<<1>>>

Upper Device Name: \Device\Harddisk4\DR6

Upper Device Object: 0xffffffff8a7c8ab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000088\

Lower Device Object: 0xffffffff8a7b5348

Lower Device Driver Name: \Driver\usbstor\

Device already Exists: 0xffffffff8aafb1e8

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR5

Upper Device Object: 0xffffffff8a78cab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000087\

Lower Device Object: 0xffffffff8a7bc8c8

Lower Device Driver Name: \Driver\usbstor\

Device already Exists: 0xffffffff8aba46d8

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR4

Upper Device Object: 0xffffffff8a7bcab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000086\

Lower Device Object: 0xffffffff8a788ea0

Lower Device Driver Name: \Driver\usbstor\

Device already Exists: 0xffffffff89cea040

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR3

Upper Device Object: 0xffffffff8a789428

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000085\

Lower Device Object: 0xffffffff8a7b8030

Lower Device Driver Name: \Driver\usbstor\

Device already Exists: 0xffffffff89c04f18

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff8ae9bab8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\

Lower Device Object: 0xffffffff8ad81d98

Lower Device Driver Name: \Driver\atapi\

Device already Exists: 0xffffffff89cec5d8

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 1

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff8ae9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8ae9b998, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8ae9d900, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8ae9bab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8aeec030, DeviceName: \Device\00000076\, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8ad81d98, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: Unknown, DriverName: \Driver\PartMgr\

Upper DeviceData: 0xffffffffe1d96440, 0xffffffff8ae9bab8, 0xffffffff89c20ab8

Lower DeviceData: 0xffffffffe1cf7ed0, 0xffffffff8ad81d98, 0xffffffff89cec5d8

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\WINDOWS\system32\drivers...

<<<2>>>

Device number: 0, partition: 1

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: CAB10BEE

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 374073462

Partition file system is NTFS

Partition is bootable

Partition 1 type is Other (0xc)

Partition is NOT ACTIVE.

Partition starts at LBA: 374089590 Numsec = 16627275

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 200049647616 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-390701968-390721968)...

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xffffffff8a789428, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b3de0, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a7c9020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a789428, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7b8030, DeviceName: \Device\00000085\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xffffffff8a7bcab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a792c48, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a7c0020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a7bcab8, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a788ea0, DeviceName: \Device\00000086\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xffffffff8a78cab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b39f8, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8aa80020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a78cab8, DeviceName: \Device\Harddisk3\DR5\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7bc8c8, DeviceName: \Device\00000087\, DriverName: \Driver\usbstor\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xffffffff8a7c8ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff8a7b5768, DeviceName: Unknown, DriverName: \Driver\snapman\

DevicePointer: 0xffffffff8a784020, DeviceName: Unknown, DriverName: \Driver\PartMgr\

DevicePointer: 0xffffffff8a7c8ab8, DeviceName: \Device\Harddisk4\DR6\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff8a7b5348, DeviceName: \Device\00000088\, DriverName: \Driver\usbstor\

------------ End ----------

Done!

Performing system, memory and registry scan...

Read File: File "c:\Documents and Settings\Administrator\Application Data\Lavasoft\Ad-Aware\stats.awd" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\profiles.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\Msg\Category.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\Msg\SCategory.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\Real\rnadmin\rnsystem.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Application Data\WinRAR\version.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\hpzinstall.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\boost_interprocess\401C437CB6BECC01\{1832B446-3F6D-4880-99C1-0B3B26170D94}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\Bots.sbe" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Excludes\SystemInternals.sbe" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Apple Computer\QuickTime\com.apple.QuickTime.plist" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\arcsoft_codec.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\guid.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\tic.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\arcsoft mpeg\UpdaterforApp.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\ArcSoft\TotalMedia Extreme\TME.DAT" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\cfg\malrep.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\cfgall\userall.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\log\commonpub.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\AVG10\log\history.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\addr_file.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\crm.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\Fotomanager_dlx.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\C_Photo_Manager_10\Installation.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\installation.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\MAGIX\Photo_Manager_10\_msi_keyfile_k4s0bq0oui3c03cqsvex8i9vt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\exclusions.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\link.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\news.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Maxtor\mxtr_auto_settings.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Maxtor\ULC\nextBackup.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Microsoft\Machine Debug Manager\mdm.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f1.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f2.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Nero\Nero Container\f5.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\NOS\GP_GUI_Adobe\blank.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\NOS\GP_GUI_Adobe\SmoothMovement.js" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Real\RealPlayer\cdplayer.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\bookmrk.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Grpsyll.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Progress.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Settings.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\SBSI\ORUN\Syllabus.dbf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Viewpoint\Viewpoint Media Player\MetaStreamID.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\instance.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\SavevidSetupV2.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\{ACFC9F59-F1AE-43D2-8CFE-E2F1E0F82ABA}\SavevidSetupV2.par" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Common Files\D562D8C0-5259-3FE8-63D0-D18B37D0AEE3.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation\Data.DCD" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation\DiscInstalledMC.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.5c060651" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\All Users\Application Data\DVD Shrink\Analysis Results.e9ab0d36" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Encore DVD 2.0\ProjectPrefs.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Encore DVD 2.0\WSMgrCfg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Adobe Illustrator CS Settings\AI Color Settings" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\AIR\eulaAccepted" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Adobe\Updater\AUTrans.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\GCHWCfg.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\GCHWCfg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\NeroVisionLog.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-am.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-mtmpl.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Ahead\NeroVision\nve-vobmap.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Apple Computer\Preferences\iTunes.exe.plist" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\IORRT 3.5.cmd.1.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\IORRT 3.5.cmd.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\Long Walk to Freedom Nelson Mandela (epub)[rogercc][h33t].epub.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\A Raisin In The Sun.rtf.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\Corrections.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\BitTorrent\the white tiger.txt.torrent" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\calibre\conversion\comic_input.py" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\calibre\conversion\page_setup.py" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\crm.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\Fotos_dlx.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MAGIX\PhotoStory_on_CD_DVD_10_Deluxe_DLV\Fotos_dlx.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Media Player\001002A2.wpl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Excel12.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Imagin10.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\MSO1024.acl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Microsoft\Office\Scanni10.pip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Move Networks\MNStatsID.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\MoveFab\init0.movefab" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\TuneUpMedia\prefs.js" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Real\RealMediaSDK\c0a80100.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\vlc\ml.xspf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\asset.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\assets.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\FolderList.yos" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\thumbnailSel.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\W Photo Studio Viewer\ViewSel.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\auth.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\gen_jumpex.m3u8" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\Winamp.m3u" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\winamp.m3u8" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Winamp\Plugins\gen_mud.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\FreeAudioPack\EasyCutter.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\FreeAudioPack\FreeConverter.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\funkitron\Boggle Supreme\Boggle.cfg" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1\Local Store\DesktopCitizen.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Netscape\registry.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Application Data\Netscape\NSB\profiles.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Protect\CREDHIST" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\Symantec\PendingAlertsQueue.log" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\protection-log-2010-09-25.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\My Documents\Downloads\031612 vs belmont.pxy" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\My Documents\Downloads\032812 vs bernstein.pxy" is compressed (flags = 1)

Read File: File "c:\Program Files\Outlook Express\msoe.txt" is compressed (flags = 1)

Read File: File "c:\Program Files\Windows Media Player\npdrmv2.zip" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\$ncsp$.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\24wwxsp1.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\AK083E209605E394C.lie" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\cmos.ram" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\dsound.vxd" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\login.cmd" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\l_except.nls" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\MsiExec.exe.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\pcl.sep" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perfci.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perffilt.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\perfwci.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\pscript.sep" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\spupdwxp.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\temp_0000_80678.aok" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\thxcfg.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\veolx32n.dll" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\prodspec.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\View Channels.scf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\650807529" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\hosts.20080821-215650.backup" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\hosts.20090216-183112.backup" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\drivers\etc\networks" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\migip.dun" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\migrate.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\msobe.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\obeip.dun" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\oobeinfo.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\oobe\reg.isp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\wbem\wmiclivalueformat.xsl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\default.pls" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\ntuser.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\brpcfx.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Brpfx04a.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\BRPP2KA.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\BRWMARK.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\explorer.scf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\iexplore.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Nxiwuzuwoc.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\ODBC.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\smscfg.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\srun.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\AviSplitter.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UPGRADE.TXT" is compressed (flags = 1)

Read File: File "c:\WINDOWS\vb.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\vbaddin.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\WININIT.INI" is compressed (flags = 1)

Read File: File "c:\WINDOWS\wmsetup10.log" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroBackItUp.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroMediaHome.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroShowTime.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNNeroVision.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\UNRecode.cfg" is compressed (flags = 1)

Read File: File "c:\WINDOWS\popcinfo.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Quicken.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Accessibility\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\AxInterop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\AxInterop.WT3DLib\1.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Common.Logging\1.2.0.0__af08829b84f0328e\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\cscompmgd\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\DiscWriter\2.3.1.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiExtCOM\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiExtens\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehiwmp\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\SonicMCEBurnEngine\0.9.0.0__17c52700e9a64fd0\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\SymAddIn\15.0.0.1__ea8ad8cd626b3bac\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Configuration.Install.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Data.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Design.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.DirectoryServices.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Drawing.Design.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Management\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\system.management.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Messaging.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Remoting.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Security.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.ServiceProcess.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.Services.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Xml\1.0.3300.0__b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_de_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_es_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_fr_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_it_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_ja_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_ko_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_zh-CHS_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.XML.resources\1.0.3300.0_zh-CHT_b77a5c561934e089\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\GemMaster3\3.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcddvd\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqglutl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpel10\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodai\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.MsHtmHst\0.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Codecs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript.resources\7.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.EnterpriseServices.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\System.Web.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hplMosaicNet\1.4.1.0__0d5444959b41355f\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\HPODMmcLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqactiv\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqactiv.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqalb\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqasmgt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqasset\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbakup\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbakup.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbkloc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqbutil\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcalp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcalp.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcc2\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcc2.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcdcpy\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcdcpy.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroBurnAdvrCntrl2Lib\1.0.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NEROLib\1.4.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroMCEWrapper\1.0.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.NeroVisionAPI\1.3.0.0__477a69ee60b50063\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.SHDocVw\1.1.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.WT3DLib\1.0.0.0__1bf1415c4c44d353\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ISymWrapper\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqglutl.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqgtpin\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqgtpin.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqiface\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimgrc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimgrc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimlib\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimvlt\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqimvlt.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqisdsp\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqislib\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqisrtb\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqistab\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsprj\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsprj.resources\1.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqlsutl\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqltutl\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmdmr\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmdmr.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmpvad\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqmyint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqntrop\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqovskn\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpanop\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpanop.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpbgen\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpdmdl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqunkwd\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqunkwd.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqutils\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqvideo\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqxpbrn\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEExecRemote\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEHost\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IIEHost\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.HPDarc\1.0.0.0__19565c63d39c2842\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpocxi08\1.0.0.0__3b766a3b3d2dc385\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodae\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodaud\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodeb08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodev08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpodio08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmmc\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmp\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmpv\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodmpv_md\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodprint2\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodtrk\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodvid\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpodxmlutil\2.0.588.1728__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqaiois\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.HpqCamUn\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqcbcnv\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqcldat\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqcrmcm\60.0.86.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqdstcp\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqusg\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.hprblog\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Interop.LITTManagerLib\1.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Drawing.Imaging.Twain\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.CommonDialogs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.Codecs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.ImageProcessing\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Drawing.Imaging.Twain\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms.CommonDialogs\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Windows.Forms.DrawingContainer\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\policy.13.0.LEAD.Wrapper\13.0.0.113__9cf889f53ea9b907\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Regcode\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\RegCode.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqpel10.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprif\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjcm\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjfx\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprjfx.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprrsc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprrsc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprutl\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqprutl.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptfx\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptfx.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptint\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqptint.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqqca\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqszip\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqthumb\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqtray\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqtray.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpint\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpolp\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcpolp.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcprsc\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqcprsc.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqdocpt\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqdocpt.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqeal\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedit\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedit.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedppi\3.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqedppi.resources\3.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\hpqfmrsc.resources\4.0.0.0_en_a53cf5803f4c3827\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.resources\7.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg\1.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_de_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_es_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_fr_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_it_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_ja_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_ko_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_zh-CHS_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\mscorcfg.resources\1.0.3300.0_zh-CHT_b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\assembly\GAC\office\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini" is compressed (flags = 1)

[juliofelipe]

Part 5 - the last piece of the system log. Wow that is a long file...

Read File: File "c:\WINDOWS\Downloaded Program Files\mjolauncher.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.87.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\gpcontrol.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\OnlineScanner.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\OSD2B0C.OSD" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\SCEWebLauncher.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\swflash.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\symdlmgr.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Downloaded Program Files\wlscBase.inf" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Fonts\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\ciadmin.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\conf.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\connect.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\mshearts.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\msnauth.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\nocontnt.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\ratings.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\update.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\windows.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Help\winhlp32.cnt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\al.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ConfigWizards.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\default.disco" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ieexec.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\l_except.nlp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe.rtm.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\_dataperfcounters.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\_NetworkingPerfCounters.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet.mof.uninstall" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ieexec.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\l_except.nlp" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\XPThemes.manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU1.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\SetupENU2.txt" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\SmartNav.htm" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet.mof.uninstall" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ASP.NETWebAdminFiles\webAdminNoNavBar.master" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInProcess32.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\AddInUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\default.win32manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\EdmGen.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v3.5\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\applaunch.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\caspol.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\csc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\cvtres.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\default.win32manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\jsc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\regasm.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\regsvcs.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\vbc.exe.config" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\XPThemes.manifest" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\_dataperfcounters_shared12_neutral.h" is compressed (flags = 1)

Read File: File "c:\WINDOWS\Web\bullet.gif" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory\regasm.exe.11f1da13.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\mvdmap.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\SubtitleCreator\MRU.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SID.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db.id" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\ArcSoft\Connection Service\timecfg.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Media Player\lastplayed.wpl" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Silverlight\mssl.lck" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\QuickPar\cache.qpc.bak" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\bgscncfg.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\SID.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Ahead\Nero Home\SII.db" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ApplicationHistory\regasm.exe.11f1da13.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\conngmidchg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\gmid.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\upgmidchg.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\ArcSoft\Connection Service\uuid.dat" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\mvdmap.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\MicroVision Applications\{6005a339-8b45-43d1-856a-a05dd9e4f98b}\staxSys.xml" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Rio\Rio Music Manager\Rio_Forge_5042_0002F68C2CF98817.lsa" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\SubtitleCreator\MRU.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Default User\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\fusioncache.dat" is compressed (flags = 1)

Read File: File "c:\WINDOWS\$NtUninstallKB2624667$\update.ver" is compressed (flags = 1)

Read File: File "c:\WINDOWS\$NtUninstallKB2624667$\updatebr.inf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\protection-log-2010-09-25.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\autorun.inf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\facefilter\InstFFSpath.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\menu\LogoCopyright.swf" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\tools\brinfo\BrCollect.ini" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\tools\brinfo\BrDbgOut.INI" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\frc\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\frc\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\ptb\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\ptb\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\spa\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\spa\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\usa\basic.css" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Administrator\Desktop\New Folder\wlan_wiz\usa\copy.html" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\layout.bin" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\ENG_End_Mes.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\JPN_End_Mes.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk1\Diagnosis\JPN_guide.txt" is compressed (flags = 1)

Read File: File "c:\Documents and Settings\Compaq_Administrator\Desktop\Data\Disk2\layout.bin" is compressed (flags = 1)

Done!

Scan finished

=======================================

[Larusso]

Hy there

Please connect your Cam with the computer.

Please download unhide by grinler.

Double click on the program to start the unhide process.

Once done a window will pop and let you know the tool has completed its job.

A logfile (Unhide.txt) will be created on your desktop. Please post the contents here.

Double click on the OTL icon to run it.

• In the Extra Registry group check Use SafeList.
  
• Make sure all other windows are closed to let it run uninterrupted.
  
• Click on the Run Scan Button.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please post both in your next reply.

[juliofelipe]

I ran unhide and the output said it found 455 files, but I'm still not seeing them on Windows Explorer?

Here are all of the output files. First Unhide, then OTL, then Extras.

Unhide by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2013 BleepingComputer.com

More Information about Unhide.exe can be found at this link:

http://www.bleepingcomputer.com/forums/topic405109.html

Program started at: 04/01/2013 08:34:23 AM

Windows Version: Windows XP

Please be patient while your files are made visible again.

Processing the C:\ drive

Finished processing the C:\ drive. 379046 files processed.

Processing the D:\ drive

Finished processing the D:\ drive. 16338 files processed.

Processing the G:\ drive

Finished processing the G:\ drive. 0 files processed.

Processing the H:\ drive

Finished processing the H:\ drive. 0 files processed.

Processing the I:\ drive

Finished processing the I:\ drive. 0 files processed.

Processing the J:\ drive

Finished processing the J:\ drive. 0 files processed.

Processing the N:\ drive

Finished processing the N:\ drive. 455 files processed.

The C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\smtmp\ folder does not exist!!

Unhide cannot restore your missing shortcuts!!

Please see this topic in order to learn how to restore default

Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

Searching for Windows Registry changes made by FakeHDD rogues.

- Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

- Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

- Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

No registry changes detected.

Program finished at: 04/01/2013 08:49:41 AM

Execution time: 0 hours(s), 15 minute(s), and 18 seconds(s)

OTL logfile created on: 4/1/2013 8:52:41 AM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 74.49% Memory free

4.18 Gb Paging File | 3.04 Gb Available in Paging File | 72.75% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 178.37 Gb Total Space | 17.51 Gb Free Space | 9.81% Space Free | Partition Type: NTFS

Drive D: | 7.91 Gb Total Space | 0.56 Gb Free Space | 7.07% Space Free | Partition Type: FAT32

Drive F: | 69.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive N: | 29.87 Gb Total Space | 8.06 Gb Free Space | 26.98% Space Free | Partition Type: FAT32

Computer Name: HADDY | User Name: Compaq_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/29 23:10:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

PRC - [2013/01/24 01:06:40 | 011,184,480 | ---- | M] (SugarSync, Inc.) -- C:\Program Files\SugarSync\SugarSyncManager.exe

PRC - [2012/10/29 10:41:28 | 002,833,448 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe

PRC - [2012/09/28 20:45:33 | 004,780,928 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2012/09/07 20:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

PRC - [2012/09/06 21:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe

PRC - [2012/09/06 21:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe

PRC - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

PRC - [2012/05/19 17:14:19 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2012/02/24 05:49:52 | 000,093,504 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe

PRC - [2011/06/28 09:48:38 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/04/27 11:04:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/03/15 15:18:04 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe

PRC - [2011/03/15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe

PRC - [2011/03/15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

PRC - [2010/12/19 11:16:51 | 000,139,264 | ---- | M] (SOURCENEXT) -- C:\WINDOWS\system32\bgsvcgen.exe

PRC - [2010/11/03 03:26:02 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/10/01 08:26:58 | 000,299,008 | ---- | M] (Nike) -- C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe

PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

PRC - [2010/08/09 05:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Program Files\FileHippo.com\UpdateChecker.exe

PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\nero\Update\NASvc.exe

PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe

PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe

PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/10/16 18:42:54 | 000,904,840 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

PRC - [2009/10/16 18:39:32 | 000,136,544 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

PRC - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

PRC - [2009/10/16 18:37:22 | 001,325,936 | ---- | M] (Seagate) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe

PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe

PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/12/18 09:49:40 | 000,757,760 | ---- | M] (Giganews, Inc.) -- C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe

PRC - [2005/11/11 14:11:12 | 000,237,568 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscGui.exe

PRC - [2005/11/11 14:11:04 | 001,064,960 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe

PRC - [2005/11/11 14:10:00 | 000,061,440 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DISCUpdateMgr.exe

PRC - [2005/11/11 14:10:00 | 000,049,152 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe

PRC - [2005/11/01 03:01:00 | 000,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe

PRC - [2005/08/02 17:19:16 | 000,077,312 | ---- | M] (Microsoft) -- C:\WINDOWS\arpwrmsg.exe

PRC - [2005/08/02 17:19:16 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe

PRC - [2003/05/15 01:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe

========== Modules (No Company Name) ==========

MOD - [2013/03/30 13:04:21 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2013/03/30 13:04:20 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2013/02/14 04:12:07 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll

MOD - [2013/02/14 04:11:08 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll

MOD - [2013/02/14 04:10:53 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll

MOD - [2013/02/14 04:07:24 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll

MOD - [2013/02/14 04:04:05 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll

MOD - [2013/02/14 04:04:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll

MOD - [2013/02/14 04:04:02 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2013/02/14 04:04:00 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll

MOD - [2013/02/14 04:04:00 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll

MOD - [2013/02/14 04:03:59 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll

MOD - [2013/02/14 04:03:45 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll

MOD - [2013/02/14 04:03:42 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll

MOD - [2013/02/14 04:03:41 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

MOD - [2013/02/14 04:03:35 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll

MOD - [2013/01/09 04:19:22 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll

MOD - [2013/01/09 04:19:15 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll

MOD - [2013/01/09 04:16:52 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll

MOD - [2013/01/09 04:16:34 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll

MOD - [2013/01/09 04:15:12 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll

MOD - [2013/01/09 04:15:04 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll

MOD - [2013/01/09 04:05:00 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1e116300\mscorlib.dll

MOD - [2013/01/09 04:04:57 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_6ea43965\system.drawing.dll

MOD - [2013/01/09 04:04:51 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_0203b7a4\system.xml.dll

MOD - [2013/01/09 04:04:47 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f63600c2\system.windows.forms.dll

MOD - [2013/01/09 04:04:39 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b7aa3e59\system.dll

MOD - [2013/01/09 04:04:30 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll

MOD - [2013/01/09 04:04:29 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll

MOD - [2013/01/09 04:04:28 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll

MOD - [2013/01/09 04:04:26 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll

MOD - [2013/01/01 23:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll

MOD - [2012/10/29 10:39:36 | 000,502,784 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll

MOD - [2012/10/29 10:36:12 | 000,753,664 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npfirefoxprocessor.dll

MOD - [2012/10/29 10:35:06 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npwmi.dll

MOD - [2012/10/29 10:34:50 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsurvey.dll

MOD - [2012/10/29 10:34:42 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsp1.dll

MOD - [2012/10/29 10:34:32 | 000,503,808 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter2\communication.dll

MOD - [2012/02/21 04:58:45 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll

MOD - [2012/02/21 04:48:18 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll

MOD - [2012/02/21 04:48:11 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll

MOD - [2012/02/21 04:48:07 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll

MOD - [2012/02/21 04:41:12 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll

MOD - [2012/02/21 04:40:32 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll

MOD - [2012/02/21 04:39:08 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll

MOD - [2012/02/21 04:38:49 | 000,729,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\09ee8d91e80e00991226aec062aa1e92\System.Security.ni.dll

MOD - [2012/02/21 04:38:19 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll

MOD - [2012/02/21 04:38:10 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll

MOD - [2012/02/21 04:37:58 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll

MOD - [2012/02/21 04:37:45 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll

MOD - [2012/02/21 04:37:34 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll

MOD - [2012/02/17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2011/12/17 08:48:18 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011/12/17 08:48:18 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll

MOD - [2011/01/20 21:53:20 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2011/01/20 21:53:20 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2011/01/20 21:53:18 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2011/01/20 21:53:18 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2011/01/20 21:53:18 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll

MOD - [2011/01/20 21:53:18 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2011/01/20 21:53:18 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll

MOD - [2011/01/20 21:53:17 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2011/01/20 21:53:17 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2011/01/20 21:53:17 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2011/01/20 21:53:17 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2010/06/13 12:01:28 | 000,410,432 | ---- | M] () -- C:\Program Files\Perfect Uninstaller\Contextmenu.dll

MOD - [2010/01/28 13:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

MOD - [2010/01/27 22:16:47 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll

MOD - [2010/01/27 22:16:47 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2010/01/27 22:16:46 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2010/01/27 22:16:45 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2010/01/27 22:16:44 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2010/01/27 22:16:44 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2010/01/27 22:16:43 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2010/01/27 22:16:42 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2010/01/27 22:16:42 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2010/01/27 22:16:42 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2009/10/16 17:59:30 | 001,328,480 | ---- | M] () -- C:\Program Files\Seagate\DiscWizard\fox.dll

MOD - [2009/03/07 11:36:53 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll

MOD - [2009/03/07 11:36:53 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll

MOD - [2009/03/07 11:36:52 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll

MOD - [2009/03/07 11:36:52 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll

MOD - [2009/03/07 11:36:52 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll

MOD - [2009/03/07 11:36:52 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll

MOD - [2009/02/28 11:30:08 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll

MOD - [2009/02/28 11:30:07 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll

MOD - [2009/02/28 11:30:05 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll

MOD - [2009/02/28 11:20:54 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll

MOD - [2009/02/28 11:20:53 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll

MOD - [2009/02/28 11:20:50 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll

MOD - [2009/02/28 11:20:50 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll

MOD - [2009/02/28 11:20:50 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll

MOD - [2009/02/28 11:20:49 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll

MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files\Brother\BrUtilities\BrLogAPI.dll

MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2008/04/13 17:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll

MOD - [2006/03/09 19:50:36 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll

MOD - [2006/03/09 19:50:34 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll

MOD - [2006/03/09 19:50:33 | 000,573,440 | ---- | M] () -- c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll

========== Services (SafeList) ==========

SRV - [2013/03/12 13:33:14 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/03/07 20:29:07 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/10/29 10:41:28 | 002,833,448 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)

SRV - [2012/09/07 20:25:37 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)

SRV - [2011/06/28 09:48:38 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/04/27 11:04:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/03/15 15:18:00 | 001,570,056 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent)

SRV - [2011/03/15 15:17:46 | 001,475,848 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine)

SRV - [2010/12/19 11:16:51 | 000,139,264 | ---- | M] (SOURCENEXT) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)

SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)

SRV - [2010/07/05 10:05:17 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)

SRV - [2009/10/16 18:39:28 | 000,431,456 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)

SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

SRV - [2005/08/02 17:19:16 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)

SRV - [2003/10/13 16:24:14 | 000,061,440 | ---- | M] (Adobe Sytems) [On_Demand | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe -- (AdobeVersionCue)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD)

DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\nielprt.sys -- (nielprt)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nielgfx.sys -- (NielGfx)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\AVGIDSShim.Sys -- (AVGIDSShim)

DRV - [2012/10/01 21:00:24 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)

DRV - [2012/10/01 21:00:24 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2012/10/01 21:00:20 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)

DRV - [2012/10/01 21:00:15 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)

DRV - [2012/03/20 17:23:38 | 000,010,368 | ---- | M] (The Nielsen Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\km_filter.sys -- (km_filter)

DRV - [2012/03/20 17:23:26 | 000,015,360 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\nnrnstdi.sys -- (nnrnstdi)

DRV - [2011/10/08 20:25:40 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011/10/08 20:25:40 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2011/06/28 09:48:40 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/06/28 09:48:40 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/12/19 11:16:52 | 000,038,944 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)

DRV - [2010/09/07 03:37:14 | 000,104,024 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)

DRV - [2010/08/27 20:27:21 | 000,135,184 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS)

DRV - [2010/07/05 07:42:24 | 000,008,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\VCdRom.sys -- (vcdrom)

DRV - [2010/04/01 11:40:36 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2010/02/11 05:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2009/11/03 03:06:12 | 000,071,424 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrSerIb.sys -- (BrSerIb)

DRV - [2009/11/03 03:06:12 | 000,011,520 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrUsbSib.sys -- (BrUsbSIb)

DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2007/11/06 14:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)

DRV - [2007/09/17 19:28:58 | 000,010,240 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\softctrl.sys -- (softctrl)

DRV - [2007/05/03 14:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)

DRV - [2007/04/25 09:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)

DRV - [2007/04/24 12:33:50 | 000,007,680 | ---- | M] (ArcSoft Inc.) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)

DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)

DRV - [2005/11/02 16:47:26 | 000,010,368 | R--- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2005/10/20 09:01:56 | 001,095,009 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2005/09/30 04:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2005/08/29 08:11:00 | 003,644,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)

DRV - [2005/08/13 14:35:00 | 001,313,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2005/03/09 06:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)

DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)

DRV - [2004/08/03 07:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)

DRV - [2004/04/14 11:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)

DRV - [2004/04/14 11:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)

DRV - [2004/04/14 11:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)

DRV - [2004/04/14 11:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)

DRV - [2003/11/11 09:34:00 | 000,022,891 | ---- | M] (Matsushita Electric Industorial Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\meistb.sys -- (MEITUNER)

DRV - [2003/11/11 09:33:54 | 000,013,195 | ---- | M] (Matsushita Electric Industorial Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\meistrm.sys -- (MEISTRM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://espn.go.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = BC 2F B8 14 0E 65 E6 4E A2 19 D1 9D 0C 50 61 2F [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: "Google"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://espn.go.com/"

FF - prefs.js..extensions.enabledAddons: moveplayer%40movenetworks.com:1.0.0.071303000006

FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0

FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0034-ABCDEFFEDCBA%7D:6.0.34

FF - prefs.js..extensions.enabledAddons: crossriderapp4493%40crossrider.com:0.91.83

FF - prefs.js..extensions.enabledAddons: netsight%40nielsen.com:2.3

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2

FF - user.js..browser.search.selectedEngine: "Google"

FF - user.js..browser.search.order.1: "Google"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\netsight@nielsen.com: C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\netsight@nielsen.xpi [2013/03/31 09:15:12 | 000,008,039 | ---- | M] ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/07 20:29:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/07 20:28:45 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{ED0CF0C8-62F1-4865-A3FD-2E2A2B50FAFA}: C:\WINDOWS\system32\5005 [2010/09/24 06:29:39 | 000,000,000 | ---D | M]

[2011/12/19 17:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Extensions

[2013/03/30 12:55:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions

[2010/12/10 17:59:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2013/01/31 20:50:58 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2009/10/29 20:40:36 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

[2013/03/13 06:29:18 | 000,000,000 | ---D | M] ("Coupon Companion") -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\crossriderapp4493@crossrider.com

[2009/08/28 06:31:03 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\moveplayer@movenetworks.com

[2013/03/13 06:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\crossriderapp4493@crossrider.com\chrome\content\extensionCode

[2013/02/14 18:30:58 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2011/12/19 17:52:21 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\searchplugins\SearchResults.xml

[2013/03/25 16:24:37 | 000,002,112 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\Mozilla\Firefox\Profiles\w95kl63c.default\searchplugins\wot-safe-search.xml

[2013/03/07 20:28:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/03/07 20:28:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}

[2012/08/16 06:39:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF

[2013/03/31 09:15:12 | 000,008,039 | ---- | M] () (No name found) -- C:\PROGRAM FILES\NETRATINGSNETSIGHT\NETSIGHT\METER2\FIREFOXADDONS\NETSIGHT@NIELSEN.XPI

[2013/03/07 20:29:08 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2010/12/09 03:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2012/08/30 22:18:35 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/12/19 17:52:21 | 000,002,497 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml

[2013/02/27 00:09:40 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U34 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

CHR - plugin: Nielsen FirefoxTracker Plug-in (Enabled) = C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll

CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

CHR - plugin: Java Deployment Toolkit 6.0.340.4 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Google Docs = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Nielsen = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.3_0\

CHR - Extension: FVD Video Downloader = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.0.1_0\

CHR - Extension: Coupon Companion = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkdpahkifcigckmhiafindmaflfifgm\1.21.47_0\crossrider

CHR - Extension: Coupon Companion = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbkdpahkifcigckmhiafindmaflfifgm\1.21.47_0\

CHR - Extension: Gmail = C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/28 14:44:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()

O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)

O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)

O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [brStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [ControlCenter4] C:\Program Files\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe (Digital Interactive Systems Corporation)

O4 - HKLM..\Run: [DiscUpdateManager] C:\Program Files\DISC\DISCUpdateMgr.exe (Digital Interactive Systems Corporation, Inc.)

O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)

O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)

O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [indexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()

O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)

O4 - HKLM..\Run: [Nike+ Connect] C:\Program Files\Nike\Nike+ Connect\Nike+ Connect daemon.exe (Nike)

O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)

O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()

O4 - HKLM..\Run: [seagate Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)

O4 - HKCU..\Run: [iSUSPM] C:\Documents and Settings\All Users\Application Data\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)

O4 - HKCU..\Run: [sugarSync] C:\Program Files\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutorunsDisabled [2011/12/15 07:58:35 | 000,000,000 | ---D | M]

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe (Hewlett-Packard)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Giganews Accelerator.lnk = C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe (Giganews, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)

O8 - Extra context menu item: Save video on Savevid.com - C:\Program Files\Savevid\redirect.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} http://zone.msn.com/bingame/pacz/default/pandaonline.cab (Reg Error: Key error.)

O16 - DPF: {4B9F2C37-C0CF-42BC-BB2D-DCFA8B25CABF} http://sympatico.zone.msn.com/bingame/rock/default/popcaploader1.cab (Reg Error: Key error.)

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} http://zone.msn.com/bingame/chnz/default/mjolauncher.cab (MJLauncherCtrl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab (ZoneAxRcMgr Class)

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab (ZoneIntro Class)

O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} http://zone.msn.com/bingame/gold/UnSkin/gf.cab (TikGames Online Control)

O16 - DPF: {DAF5D9A2-D982-4671-83E4-0398706A5F6A} http://zone.msn.com/bingame/hsol/default/SCEWebLauncher.cab (SCEWebLauncherCtl Object)

O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} http://zone.msn.com/bingame/dash/default/DinerDash.1.0.0.87.cab (CPlayFirstDinerDashControl Object)

O16 - DPF: vzTCPConfig http://my.verizon.com/micro/speedoptimizer/hsi/vzTCPConfig.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 4.2.2.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68ABC49C-2AAA-455E-B332-0CE29F0E8C0C}: DhcpNameServer = 192.168.1.1 4.2.2.2

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D}: DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\internet\eudora\EuShlExt.dll (Qualcomm Inc.)

O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/08/30 14:02:02 | 000,000,000 | -HS- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]

O32 - AutoRun File - [2009/12/31 17:00:24 | 000,000,085 | R--- | M] () - F:\Autorun.inf -- [ UDF ]

O34 - HKLM BootExecute: (pdboot.exe)

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/31 21:11:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood

[2013/03/30 13:11:05 | 001,363,016 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Administrator\Desktop\mbar.exe

[2013/03/30 13:11:05 | 000,748,616 | ---- | C] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Administrator\Desktop\fixdamage.exe

[2013/03/30 12:55:04 | 000,000,000 | ---D | C] -- C:\_OTL

[2013/03/29 23:10:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

[2013/03/28 15:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Administrator\Application Data\ControlCenter4

[2013/03/28 15:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother

[2013/03/28 15:38:22 | 000,000,000 | ---D | C] -- C:\Brother

[2013/03/28 15:38:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ControlCenter4

[2013/03/28 15:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\Browny02

[2013/03/28 15:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\ControlCenter4

[2013/03/28 15:37:57 | 000,225,280 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05c.dll

[2013/03/28 15:36:39 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll

[2013/03/28 15:36:38 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll

[2013/03/28 15:36:38 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll

[2013/03/28 15:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Brother

[2013/03/28 15:13:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2013/03/28 14:13:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2013/03/28 14:13:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2013/03/28 14:13:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2013/03/28 14:13:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2013/03/28 14:13:02 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013/03/28 14:10:12 | 005,044,813 | R--- | C] (Swearware) -- C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe

[2013/03/27 11:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight

[2013/03/22 13:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth

[2013/03/21 21:46:45 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys

[2013/03/21 21:46:43 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys

[2013/03/07 21:09:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes

[2013/03/07 21:08:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

[2013/03/07 20:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/10/24 08:52:28 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/04/01 08:51:02 | 000,000,466 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Compaq_Administrator.job

[2013/04/01 08:33:40 | 000,398,752 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Compaq_Administrator\Desktop\unhide.exe

[2013/04/01 08:32:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013/03/31 14:52:04 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Compaq_Administrator.job

[2013/03/30 13:12:20 | 000,000,188 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT

[2013/03/30 13:01:36 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Compaq_Administrator.job

[2013/03/30 13:01:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/03/30 13:01:11 | 3152,596,992 | -HS- | M] () -- C:\hiberfil.sys

[2013/03/29 23:10:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Administrator\Desktop\OTL.exe

[2013/03/28 16:15:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2013/03/28 16:15:20 | 000,111,104 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/03/28 15:48:02 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013/03/28 15:39:38 | 000,001,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk

[2013/03/28 15:39:18 | 000,000,249 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini

[2013/03/28 15:39:18 | 000,000,065 | ---- | M] () -- C:\WINDOWS\brpcfx.ini

[2013/03/28 15:38:22 | 000,000,086 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini

[2013/03/28 14:44:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2013/03/28 14:10:23 | 005,044,813 | R--- | M] (Swearware) -- C:\Documents and Settings\Compaq_Administrator\Desktop\ComboFix.exe

[2013/03/28 11:21:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2013/03/27 11:59:11 | 027,407,622 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Drew Dudley Leading with Lollipops (480).mp4

[2013/03/27 11:58:31 | 104,376,597 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TEDxToronto - Drew Dudley Leading with Lollipops.mp4

[2013/03/21 15:18:29 | 001,363,016 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Administrator\Desktop\mbar.exe

[2013/03/21 15:18:29 | 000,748,616 | ---- | M] (Malwarebytes Corporation) -- C:\Documents and Settings\Compaq_Administrator\Desktop\fixdamage.exe

[2013/03/13 03:02:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2013/03/12 13:33:12 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2013/03/12 13:33:12 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2013/03/08 07:31:12 | 000,501,923 | ---- | M] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Campus_Map.pdf

========== Files Created - No Company Name ==========

[2013/03/28 15:39:38 | 000,001,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Brother Creative Center.lnk

[2013/03/28 15:38:04 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini

[2013/03/28 15:37:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat

[2013/03/28 14:13:19 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2013/03/28 14:13:19 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2013/03/28 14:13:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2013/03/28 14:13:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2013/03/28 14:13:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2013/03/27 11:59:11 | 027,407,622 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Drew Dudley Leading with Lollipops (480).mp4

[2013/03/27 11:58:31 | 104,376,597 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\TEDxToronto - Drew Dudley Leading with Lollipops.mp4

[2013/03/20 14:38:01 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\RNUpgradeHelperLogonPrompt_Compaq_Administrator.job

[2013/03/20 14:38:00 | 000,000,466 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Compaq_Administrator.job

[2013/03/20 14:38:00 | 000,000,462 | ---- | C] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Compaq_Administrator.job

[2013/03/08 07:31:12 | 000,501,923 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Desktop\Campus_Map.pdf

[2012/04/02 12:36:49 | 000,002,944 | ---- | C] () -- C:\WINDOWS\BRPARAM.INI

[2012/04/02 11:27:05 | 001,527,650 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll

[2012/03/15 06:40:59 | 000,000,249 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini

[2012/03/15 06:40:59 | 000,000,065 | ---- | C] () -- C:\WINDOWS\brpcfx.ini

[2012/03/11 13:16:18 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI

[2012/03/11 13:16:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL

[2012/02/21 05:00:54 | 001,263,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2684078581-1939207485-826778432-1008-0.dat

[2012/02/21 05:00:39 | 000,273,746 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat

[2012/02/20 10:15:43 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc

[2012/02/15 08:28:12 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2011/07/29 08:29:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\defogger_reenable

[2010/10/24 08:52:29 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.cat

[2010/10/24 08:52:28 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\pcouffin.inf

[2008/10/09 11:04:27 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\default.pls

[2008/10/05 17:01:04 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\.rnd

[2007/01/27 17:32:35 | 000,000,602 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Application Data\AutoGK.ini

[2006/06/12 08:00:42 | 000,111,104 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/06/11 08:13:54 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2010/12/09 08:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L

[2010/12/09 08:15:09 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Compaq_Administrator\Local Settings\Application Data\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U

[2005/08/30 13:58:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 17:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 17:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

< End of report >

[juliofelipe]

Part 2 - Here is the Extras output file.

OTL Extras logfile created on: 4/1/2013 8:52:41 AM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Compaq_Administrator\Desktop

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 2.19 Gb Available Physical Memory | 74.49% Memory free

4.18 Gb Paging File | 3.04 Gb Available in Paging File | 72.75% Paging File free

Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 178.37 Gb Total Space | 17.51 Gb Free Space | 9.81% Space Free | Partition Type: NTFS

Drive D: | 7.91 Gb Total Space | 0.56 Gb Free Space | 7.07% Space Free | Partition Type: FAT32

Drive F: | 69.74 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Drive N: | 29.87 Gb Total Space | 8.06 Gb Free Space | 26.98% Space Free | Partition Type: FAT32

Computer Name: HADDY | User Name: Compaq_Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusOverride" = 1

"FirewallOverride" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015

"1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016

"500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017

"54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe" = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe:*:Disabled:Compaq Connections -- (Hewlett-Packard)

"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DSH -- (Digital Interactive Systems Corporation, Inc.)

"C:\Program Files\Brother\Brmfl10g\FAXRX.exe" = C:\Program Files\Brother\Brmfl10g\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries, Ltd.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}" = Adobe Audition 2.0

"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport

"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional

"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data

"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel

"{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}" = Brother MFL-Pro Suite MFC-J6510DW

"{17D1D0AC-CB9C-4273-A827-2D242460C6B5}" = FlipAlbum 5.0 Pro

"{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.5

"{1A995D22-F711-4199-83D4-579B593A46C5}" = TMPGEnc DVD Author 1.6

"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus

"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations

"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes

"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java 6 Update 34

"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006

"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus

"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation

"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1

"{2A780209-2A41-4C75-932A-F6F0390D430A}" = Adobe Photoshop CS2 Functional Content

"{2ECE7ECE-D15B-4999-8B8D-01C998F489D5}" = Adobe Encore DVD 2.0

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in

"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload

"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{360EDFB0-EAA2-012B-AD16-000000000000}" = TurboTax 2009 wcaiper

"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder

"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset

"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset

"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine

"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport

"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver

"{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper

"{3C5F1B30-B10B-4579-86DD-D00F662E1033}" = Nero 8

"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap

"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm

"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works

"{4545A088-CCEF-43C2-8840-B34B04594FA6}" = USB CDC Device Driver

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 1.0

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B9B1B84-FEC0-46D5-BDB9-832565779422}" = CheckIt Diagnostics

"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig

"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper

"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP v3.091

"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder

"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{57922B53-02D4-4DFC-AC24-A3519DC1F49A}" = Adobe Premiere Pro FC

"{5B30AA25-BF39-4BE4-8FEE-51938BAB214D}" = TurboTax 2008 wcaiper

"{619B8475-0F48-41B7-A370-5147F7092989}" = Virtual Earth 3D (Beta)

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler

"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12

"{6C91041E-406E-C082-0D03-75D4BC9C6CB0}" = Picaboo X

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6EC0A77B-AFAF-4B9A-A2AF-412589CF5FF6}" = Eudora

"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset

"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1

"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK

"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English

"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software

"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig

"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10

"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper

"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine

"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}" = SaveVid Plug-in

"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer

"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage

"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3

"{998AD896-5B25-466D-8D56-CC0CC9228A68}" = Adobe Audition 2.0 Loopology Content

"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour

"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime

"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = Microsoft Office 2003 Edition 60 Days Trial Welcome Tour

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine

"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAB061B3-99A6-4EE5-93F4-6EB1F60295C4}" = Adobe Production Studio

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10

"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio

"{AC76BA86-1033-0000-7760-000000000001}" = Adobe Acrobat 6.0 Professional

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)

"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0

"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006

"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers

"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config

"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy

"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper

"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport

"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3

"{B74D4E10-0000-0000-0000-EDED00000102}" = Adobe ExtendScript Toolkit 1.0

"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional

"{B9242864-2841-4ADE-86E0-8F90F91B04DD}" = Logitech Gaming Software

"{B9273566-6E0A-4A87-AABB-08A0733ECE8E}" = MEET MANAGER 2.0 for Track & Field

"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C4186C0D-FB9F-5D83-21FB-A737A13EFAE6}" = AMD Catalyst Install Manager

"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard

"{C89269D9-DD02-45DD-99DD-6AE592F6C447}" = TurboTax 2011 wcaiper

"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update

"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D2095DFD-9022-4995-9A7A-CC9212837D29}" = calibre

"{D52ECEBC-9B20-41A5-81C4-A62DE2367419}" = Adobe Creative Suite

"{D7D38949-8251-4F07-BC2C-AA767308010B}" = TMPGEnc Authoring Works 4

"{D7DBA21A-CDE5-42EC-BB1C-AE4B3E616B9A}_is1" = HP Support Overview

"{DA15D535-5E1D-4076-B520-8571346D6238}" = Norton Security Scan

"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper

"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp

"{DD362256-A7A2-4524-9457-213DDC2AFC2A}" = Adobe After Effects 7.0

"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater

"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support

"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine

"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp

"{E722A962-E87D-CB6B-EB1E-27AD13D0F577}" = AMD Parental Control & Encoder

"{E7300AF3-DD5B-4E86-A291-7631BE0C62C7}" = Giganews Accelerator

"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper

"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks

"{EC1963C6-8EA9-40DF-8CD7-F63E174FCAEC}" = Adobe After Effects 7.0 Functional Content

"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper

"{EFD2807A-C66B-4C13-8FB8-42FCA6DEF171}" = TurboTax 2012 wcaiper

"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine

"{F0E8F94D-6E68-4B35-92DF-3AA6DC6A6768}" = Safari

"{F5F5ABB8-87EA-47A7-8CC6-E68AFC2D3BC0}" = TMPGEnc Sound Player

"{F6F6C08A-ED6F-4968-8292-A08E9F02584F}" = Adobe Encore DVD FC

"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive

"{F97B750E-554D-4194-BF3F-41EA91389E10}" = ArcSoft TotalMedia Extreme

"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0

"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset

"{FC5495CB-CDA5-4DCE-99DF-D1567DAF5A86}" = TMPGEnc 4.0 XPress

"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"045C89A0-CA37-443C-8826-F750227DE69C" = Shooting Stars Pool from Compaq (remove only)

"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)

"0BD36D37-C5D7-4B96-B64A-CB2C3A82EC4D" = Zuma Deluxe from Compaq (remove only)

"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic

"29FF6D07-4A15-41F1-9D5E-E0F3A58012C6" = Bounce Symphony from Compaq (remove only)

"3330A279-CC39-4A17-AE19-DA464B26AD9A" = Polar Golfer from Compaq (remove only)

"3B3B73D1-DC4A-4780-B0E4-E823D08B3397" = 5 Card Slingo from Compaq (remove only)

"422C7575-C10D-4795-87FA-9972765379E6" = Mah Jong Quest from Compaq (remove only)

"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)

"52AEBC18-F252-4B0C-B3E1-724537D9F873" = Ricochet Lost Worlds from Compaq (remove only)

"53474592-01BC-4338-8647-FE350957D912" = Barnyard Invasion from Compaq (remove only)

"5AF1DD17-7B06-45EF-8592-2E524E458BAB" = Insaniquarium Deluxe from Compaq (remove only)

"63E4EC24-7173-4E1F-9C77-B4403CBCF91F" = Lemonade Tycoon 2 from Compaq (remove only)

"66195170-D19D-46C5-8FB7-8A4630071ADC" = Tradewinds from Compaq (remove only)

"75528D5F-DD82-402E-BA7C-045B7DC6A712" = Blasterball 2 from Compaq (remove only)

"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007

"85CF9BF3-1057-468C-962D-31BAABC6AC72" = FATE from Compaq (remove only)

"8D11F98B-4931-44F6-8FC6-971CCBBBB131" = Snowboard SuperJam from Compaq (remove only)

"9448DE42-C017-4A3E-A0BB-C50BF673E9E0" = Chuzzle Deluxe from Compaq (remove only)

"997DD523-B925-4C73-970B-C201E8F781AD" = AstroPop Deluxe from Compaq (remove only)

"9D7E7CDA-051E-4B0D-8CEE-58F41F449CF9" = Blasterball 2 Remix from Compaq (remove only)

"AC3ACM" = AC-3 ACM Codec

"Adobe AIR" = Adobe AIR

"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem

"Allok 3GP PSP MP4 iPod Video Converter_is1" = Allok 3GP PSP MP4 iPod Video Converter 4.1.0422

"Allok Video Joiner_is1" = Allok Video Joiner 3.3.1116

"ATI Display Driver" = ATI Display Driver

"AutoGK" = Auto Gordian Knot 2.40

"AVI Joiner_is1" = AVI Joiner

"AVI Splitter_is1" = AVI Splitter

"Avi2Dvd" = Avi2Dvd 0.4.4 beta

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"AVS Update Manager_is1" = AVS Update Manager 1.0

"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3

"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6

"AwayMode160" = Microsoft Away Mode

"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto

"BBCBAA5D-AC5A-4098-A53E-EC60A68F38F9" = Shrek 2 Ogre Bowler from Compaq (remove only)

"BBE9E0F3-11F7-4424-9905-8E0153E872C1" = Family Feud

"BFAF1EEC-E987-415B-BCB8-80CDB0BC6CDF" = Blackhawk Striker 2 from Compaq (remove only)

"C43D84CD-EBFC-48D3-A330-7868C8AD415A" = Crystal Maze from Compaq (remove only)

"C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B" = Boggle Supreme from Compaq (remove only)

"CalorieKing Nutrition and Exercise Manager" = CalorieKing Nutrition and Exercise Manager (remove only)

"CalorieKing.com Diet Diary for PalmOS" = CalorieKing.com Diet Diary for PalmOS

"CCleaner" = CCleaner (remove only)

"com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1" = Picaboo X

"Coupon Companion" = Coupon Companion

"D84AC71A-75E8-4709-8BA5-4B46EAC00C5E" = Bejeweled 2 Deluxe from Compaq (remove only)

"DE87FA96-7840-420C-86F9-33F3B7B3CED1" = Super Granny from Compaq (remove only)

"DISCover" = DISCover

"DVD Shrink_is1" = DVD Shrink 3.2

"DVDFab 8_is1" = DVDFab 8.0.2.2 (01/10/2010)

"DVDx_is1" = DVDx

"E1A0F769-A43A-4DDB-9F73-12791E453557" = Puzzle Express from Compaq (remove only)

"E618FC78-EE4F-4243-8409-078EB5E0B1F6" = Bookworm Deluxe from Compaq (remove only)

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"EsetOnlineScanner" = ESET Online Scanner

"exPressit S.E. 2.2" = exPressit S.E. 2.2

"F05A08BF-E600-4FBD-A53A-3D47296B1275" = Lexibox Deluxe from Compaq (remove only)

"F19E8CDF-5EFD-45E0-9FAF-66CBAE84B1D9" = Slingo Deluxe from Compaq (remove only)

"FA6A73EB-40AB-4B58-851D-3892B3C10EF6" = SCRABBLE from Compaq (remove only)

"FileHippo.com" = FileHippo.com Update Checker

"FLVPlayer" = FLV Player 1.3.3

"Forte Agent" = Forté Agent

"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.95

"Free WMA MP3 Converter" = Free WMA MP3 Converter

"Google Chrome" = Google Chrome

"GSpot" = GSpot Codec Information Appliance

"HaaliMkx" = Haali Media Splitter

"HP Game Console" = HP Game Console and games

"HP Imaging Device Functions" = HP Imaging Device Functions 6.0

"HP Photo & Imaging" = HP Photosmart Premier Software 6.0

"HP Rhapsody" = HP Rhapsody

"HPOOVClient-5577497 Uninstaller" = Compaq Connections (remove only)

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"ie8" = Windows Internet Explorer 8

"InFlac" = InFlac 1.1.1

"InstallShield_{190BF7E6-59C5-45E2-B9CE-E8E7245A5B4D}" = TMPGEnc Plus 2.5

"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement

"InstallShield_{4545A088-CCEF-43C2-8840-B34B04594FA6}" = USB CDC Device Driver

"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up

"IsoBuster_is1" = IsoBuster 2.8

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Matroska Pack" = Matroska Pack

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Money2006b" = Microsoft Money 2006

"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"Netscape Browser" = Netscape Browser (remove only)

"NetSight" = Nielsen

"Nike+ Connect" = Nike+ Connect

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"Open Video Joiner_is1" = Open Video Joiner version 3.1

"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows

"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.9

"PG-1-278" = MultiLane version 1.0

"Photo Viewer_is1" = Photo Viewer 2.4

"Photo2DVD Studio_is1" = Photo2DVD Studio Build 4.8.0.1

"PS2" = PS2

"Python 2.2.3" = Python 2.2.3

"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)

"RealPlayer 12.0" = RealPlayer

"SaveVid Plug-in" = SaveVid Plug-in

"SPSS for Windows 11.5" = SPSS 11.5 for Windows

"Sqirlz Morph" = Sqirlz Morph

"SubtitleCreator" = SubtitleCreator

"SugarSync" = SugarSync Manager

"TuneUpMedia" = TuneUp Companion 2.4.6.4

"TurboTax 2008" = TurboTax 2008

"TurboTax 2009" = TurboTax 2009

"TurboTax 2010" = TurboTax 2010

"TurboTax 2011" = TurboTax 2011

"TurboTax 2012" = TurboTax 2012

"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006

"TurboTax Premier 2007" = TurboTax Premier 2007

"Tweak UI 2.10" = Tweak UI

"Video Cleaner" = River Past Video Cleaner

"VLC media player" = VLC media player 2.0.1

"VobSub" = VobSub v2.23 (Remove Only)

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Winamp" = Winamp

"WinAVIVideoConverter_is1" = WinAVIVideoConverter

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinMorph_is1" = WinMorph™ 3.01

"WinRAR archiver" = WinRAR 4.11 (32-bit)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)

"XviD_is1" = XviD 1.1 final uninstall

"XviD4PSP5_is1" = XviD4PSP 5.10.271.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 3/24/2013 7:07:05 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:07:05.752]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/24/2013 7:08:14 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = STI BrtSTI: [2013/03/24 16:08:14.752]: [00003808]: SendSKeySettingToDevice::

Snmp Load Error[-1] To[192.168.1.172]

Error - 3/31/2013 11:37:26 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:37:26.828]: [00002164]: ##### Fatal ERROR!!

Create STI-device failed! #####

Error - 3/31/2013 11:37:26 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:37:26.828]: [00002164]: Initialize TwdsMain

Class failed!

Error - 3/31/2013 11:38:12 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:38:12.000]: [00002164]: ##### Fatal ERROR!!

Create STI-device failed! #####

Error - 3/31/2013 11:38:12 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:38:12.000]: [00002164]: Initialize TwdsMain

Class failed!

Error - 3/31/2013 11:39:47 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:39:47.843]: [00002164]: ##### Fatal ERROR!!

Create STI-device failed! #####

Error - 3/31/2013 11:39:47 PM | Computer Name = HADDY | Source = Brother BrLog | ID = 1001

Description = TWN BrtTWN: [2013/03/31 20:39:47.843]: [00002164]: Initialize TwdsMain

Class failed!

Error - 4/1/2013 11:27:17 AM | Computer Name = HADDY | Source = Application Hang | ID = 1002

Description = Hanging application firefox.exe, version 19.0.2.4814, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 4/1/2013 11:27:50 AM | Computer Name = HADDY | Source = Application Hang | ID = 1002

Description = Hanging application Compaq Connections.exe, version 6.3.2.116, hang

module hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:46:53 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7024

Description = The Workstation service terminated with service-specific error 2250

(0x8CA).

Error - 3/29/2013 6:47:33 AM | Computer Name = HADDY | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Workstation service which

failed to start because of the following error: %%1066

Error - 3/30/2013 3:52:35 PM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

Error - 3/31/2013 4:01:17 AM | Computer Name = HADDY | Source = Workstation | ID = 5727

Description = Could not load RDR device driver.

< End of report >