Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

missing BHO.DLL and 1e3sh.exe error

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

missing BHO.DLL and 1e3sh.exe error

Unread postby calynbana » October 6th, 2012, 12:35 pm

suspected malware, error msg pops up on every boot

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_35
Run by Christina at 12:11:29 on 2012-10-06
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.2046.858 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\dlbucoms.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\AVG\AVG2012\avgemcx.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2012\avgidsagent.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Search Guard Plus\SearchGuardPlus.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\Dell Photo AIO Printer 942\DLBUmon.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
uStart Page = hxxp://www.google.ca/
uDefault_Page_URL = hxxp://sympatico.msn.ca/default.aspx?lang=en-ca
uSearch Bar =
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:25461
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
uURLSearchHooks: SearchHelper Class: {91c18ed5-5e1c-4ae5-a148-a861de8c8e16} - c:\program files\sgpsa\mtwb3sh.dll
uURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPag0.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPag0.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: ShopperReports: {100eb1fd-d03e-47fd-81f3-ee91287f9465} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.15.10\bh\BabylonToolbar.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPag0.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: FacePaint.Plugin: {a15c7d2d-9a4c-4c9a-9bd4-cc4815b28ebc} - mscoree.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {F0626A63-410B-45E2-99A1-3F2475B2D695} - No File
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers client\YontooIEClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: FacePaint Toolbar: {cccc7d2d-9a4c-4c9a-9bd4-cc4815b28ccc} - mscoree.dll
TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPag0.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.15.10\BabylonToolbarTlbr.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTo0.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\12.2.5.32\AVG Secure Search_toolbar.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
EB: ShopperReports – Price Comparison: {a7cddcdc-beeb-4685-a062-978f5e07ceee} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
EB: FacePaint Toolbar: {cccc7d2d-9a4c-4c9a-9bd4-cc4815b28ccc} - mscoree.dll
uRun: [fsm]
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HWSetup] \HWSetup.exe hwSetUP
mRun: [NDSTray.exe] NDSTray.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [Skytel] Skytel.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [FBSSA] c:\program files\sgpsa\ie3sh.exe
mRun: [c:\windows\system32\v0260ext.ax] c:\windows\system32\regsvr32.exe /s c:\windows\system32\V0260Ext.ax
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe"
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [RogersServicepointAgent.exe] "c:\program files\rogers online protection\rogers servicepoint agent\RogersServicepointAgent.exe" /AUTORUN
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [DLBUCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLBUtime.dll,_RunDLLEntry@16
mRun: [dlbumon.exe] "c:\program files\dell photo aio printer 942\dlbumon.exe"
mRun: [MemoryCardManager] "c:\program files\dell photo aio printer 942\memcard.exe"
dRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\christ~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
uPolicies-system: DisableTaskMgr =
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
IE: {C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} - c:\program files\shopperreports3\bin\3.0.517.0\ShopperReports.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - hxxp://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1755C248-82BD-4E62-9131-238F664F0007} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{53EDBA1B-E333-4612-98D7-50EB97FE9D02} : DhcpNameServer = 206.248.154.22 206.248.154.170
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.2.6\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/ig?hl=en&source=webhp
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\program files\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}\components\FFExternalAlert.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}\components\RadioWMPCore.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\christina\appdata\roaming\mozilla\firefox\profiles\39qs6nj9.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\12.2.6\npsitesafety.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: c:\program files\rogers online protection\rogers servicepoint agent\nprpspa.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_278.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-7-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-8-24 301920]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-14 27496]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-9-24 913792]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-25 21504]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-11-2 4408616]
R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files\common files\avg secure search\vtoolbarupdater\12.2.6\ToolbarUpdater.exe [2012-9-3 722528]
R2 WTouchService;WTouch Service;c:\program files\wtouch\WTouchService.exe [2009-11-2 112936]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-8-25 157776]
R3 WacomVTHid;Virtual Touch Driver;c:\windows\system32\drivers\WacomVTHid.sys [2009-11-2 13224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-29 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2011-5-6 13224]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-20 113120]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\drivers\V0260Vid.sys [2011-7-10 178913]
S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2009-11-2 15656]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-10-02 01:15:02 -------- d-----w- c:\users\christina\appdata\local\Graboid Inc
2012-10-02 01:14:58 -------- d-----w- c:\programdata\Graboid Inc
2012-10-02 01:12:52 -------- d-----w- c:\programdata\Package Cache
2012-10-01 02:57:43 -------- d-----r- C:\Sandbox
2012-10-01 02:56:52 -------- d-----w- c:\program files\Sandboxie
2012-09-25 00:38:28 -------- d-----w- c:\programdata\IObit
2012-09-25 00:38:16 -------- d-----w- c:\users\christina\appdata\roaming\IObit
2012-09-25 00:38:09 -------- d-----w- c:\program files\IObit
2012-09-25 00:34:59 -------- d-----w- c:\program files\CCleaner
2012-09-23 12:41:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-23 12:41:03 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-09-23 12:41:03 194048 ----a-w- c:\program files\internet explorer\IEShims.dll
2012-09-23 12:41:03 140936 ----a-w- c:\program files\internet explorer\sqmapi.dll
2012-09-23 12:41:01 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-09-23 12:41:00 194560 ----a-w- c:\program files\internet explorer\ieproxy.dll
2012-09-23 12:41:00 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-09-23 12:40:57 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-09-23 12:40:56 748680 ----a-w- c:\program files\internet explorer\iexplore.exe
2012-09-23 12:40:56 387584 ----a-w- c:\program files\internet explorer\jsdbgui.dll
2012-09-23 12:40:55 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2012-09-23 12:40:54 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-09-22 19:41:13 -------- d-----w- c:\program files\Dl_cats
2012-09-22 19:40:31 118272 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\dlbuPP5C.DLL
2012-09-21 21:34:16 -------- d-----w- c:\users\christina\appdata\local\Macromedia
2012-09-21 21:33:22 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-16 18:28:08 605968 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
2012-09-15 17:59:18 -------- d-----w- c:\users\christina\appdata\local\{F0645317-CC2E-400C-A5CE-AD52BC147F00}
.
==================== Find3M ====================
.
2012-09-21 21:33:22 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-06 00:52:57 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-06 00:52:57 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-03 12:29:30 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-08-24 19:43:18 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-07-26 07:21:30 237408 ----a-w- c:\windows\system32\drivers\avgldx86.sys
.
============= FINISH: 12:13:51.56 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 20/06/2008 8:01:18 AM
System Uptime: 06/10/2012 11:19:53 AM (1 hours ago)
.
Motherboard: TOSHIBA | | ISKAA
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | U2E1 | 1667/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 174 GiB total, 62.19 GiB free.
D: is FIXED (NTFS) - 6 GiB total, 5.821 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
32 Bit HP CIO Components Installer
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced SystemCare 5
AIO_Scan
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
µTorrent
AVG 2012
Babylon
Babylon toolbar
Bamboo
Bing Bar
blinkx beat
Bonjour
BufferChm
CA Yahoo! Anti-Spy (remove only)
Camera Assistant Software for Toshiba
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CD/DVD Drive Acoustic Silencer
Copy
Corel Painter Essentials 4
Creative Live! Cam Vista IM Driver (1.11.02.00)
CustomerResearchQFolder
D3DX10
Dell Photo AIO Printer 942
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Setup
DJ_AIO_ProductContext
DJ_AIO_Software
DJ_AIO_Software_min
DVD MovieFactory for TOSHIBA
EA Download Manager
eSupportQFolder
F4100
F4100_doccd
F4100_Help
FacePaint Plugin
FrostWire 4.21.1
GameXN GO
Graboid Video 3.45
Graboid Video 3.45 Setup
Highlight Viewer (Windows Live Toolbar)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 9.0
HP Deskjet All-In-One Software 9.0
HP Driver Diagnostics
HP Imaging Device Functions 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Smart Web Printing
HP Solution Center 9.0
HP Update
HPProductAssistant
HPSSupply
Intel Matrix Storage Manager
Intel(R) PROSet/Wireless Software
iTunes
Java Auto Updater
Java(TM) 6 Update 35
Java(TM) SE Runtime Environment 6
Junk Mail filter update
LiveUpdate Notice (Symantec Corporation)
Map Button (Windows Live Toolbar)
MarketResearch
McAfee Security Scan Plus
mCore
Mesh Runtime
Messenger Companion
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft WSE 3.0 Runtime
Microsoft XML Parser
mMHouse
MobileMe Control Panel
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Norton Security Scan
OnlinePlay 1.0
PageRage Toolbar
PDF Settings
PSSWCORE
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
reminder
Rogers Servicepoint Agent 2.0.21
Rogers Yahoo! Applications
RPS CRT
Safari
Sandboxie 3.74 (32-bit)
Scan
Search Guard Plus (My Web Tattoo)
Search Guard Plus Updater (My Web Tattoo)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Segoe UI
ShopperReports
Skins
Skype Toolbars
Skype™ 5.10
Smart Menus (Windows Live Toolbar)
Software Informer 1.0 BETA
SolutionCenter
Sony Ericsson Update Service
Status
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
The Sims™ 2 Deluxe
The Sims™ 3
TIPCI
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Hardware Setup
TOSHIBA Recovery Disc Creator
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
uTorrentBar Toolbar
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
VLC media player 1.0.1
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
WinZip 11.1
Yontoo Layers Client 1.10.01
YouTube FLV to AVI easy converter 5.9.40
.
==== Event Viewer Messages From Past Week ========
.
06/10/2012 11:23:05 AM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
06/10/2012 11:21:57 AM, Error: Service Control Manager [7000] - The Security Services Driver (x86) service failed to start due to the following error: The system cannot find the file specified.
06/10/2012 11:21:57 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
05/10/2012 6:36:24 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 001DE09A2E4D has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
calynbana
Banned Member
 
Posts: 4
Joined: October 6th, 2012, 12:10 pm
Advertisement
Register to Remove

Re: missing BHO.DLL and 1e3sh.exe error

Unread postby askey127 » October 6th, 2012, 1:00 pm

Hi calynbana,
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P programs uTorrent and Frostwire in the removal instructions below, so we are not wasting our time.
If you have used this, and your computer is infected, you can be fairly confident this is a principal reason.

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like µTorrent, Bittorrent, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".
------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Uninstall a program under the Programs heading.
Right click each Entry, as follows, one by one, if it exists, choose Uninstall/Change, and give permission to Continue:

Yontoo Layers Client 1.10.01
ShopperReports
uTorrentBar Toolbar
ShopperReports
Search Guard Plus (My Web Tattoo)
Search Guard Plus Updater (My Web Tattoo)
PageRage Toolbar
McAfee Security Scan Plus
Java(TM) SE Runtime Environment 6
FrostWire 4.21.1
Babylon
Babylon toolbar
µTorrent

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • For WinXP, double click on the OTL icon to run it.
  • For Vista or Win7, right click the icon and choose "Run as administrator".
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so.
    When the scan starts, OTL may appear to be frozen while it runs. Please be patient.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear as a running Notepad document the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 13903
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: missing BHO.DLL and 1e3sh.exe error

Unread postby calynbana » October 6th, 2012, 2:55 pm

Problems uninstalling ShopperReports - AVG detected a "potentially unwanted program" and I am unable to install in via the orthodox method of uninstalling the error msg for AVG is as follows:

Processnames:C:\CHRIST~1\AppData\Local\Temp\SHO100.exe
Process ID: 6840
Action Result: Object does not exist or is accessible

OTL logfile created on: 06/10/2012 2:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christina\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.41% Memory free
4.23 Gb Paging File | 2.74 Gb Available in Paging File | 64.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/07/20 08:21:15 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\Rogers Online Protection
[2010/09/16 14:20:59 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\WTouch
[2012/08/14 06:57:47 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\AVG2012
[2011/08/31 16:37:10 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\FrostWire
[2012/04/22 20:00:32 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\go
[2012/09/24 20:38:21 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\IObit
[2010/09/19 17:45:25 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Ludia
[2010/09/19 17:40:11 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\OpenCandy
[2010/12/27 21:27:39 | 000,000,000 | -HSD | M] -- C:\Users\Christina\AppData\Roaming\Personal Internet Security 2011
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Rogers Online Protection
[2012/10/06 13:16:18 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Samsung
[2010/10/02 21:07:11 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\ShopperReports3
[2008/06/22 22:52:41 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Software Informer
[2010/12/10 00:10:53 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\TOSHIBA
[2008/12/25 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Ulead Systems
[2010/09/19 17:41:52 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Uniblue
[2009/11/02 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\WTouch
[2010/11/26 14:55:12 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\Rogers Online Protection
[2010/11/26 14:54:57 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\WTouch
[2010/11/27 13:21:15 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\Rogers Online Protection
[2009/11/15 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\WTouch

========== Purity Check ==========



< End of report >

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173.63 Gb Total Space | 62.62 Gb Free Space | 36.06% Space Free | Partition Type: NTFS
Drive D: | 5.88 Gb Total Space | 5.82 Gb Free Space | 99.01% Space Free | Partition Type: NTFS

Computer Name: CHRISTINA-PC | User Name: Christina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/06 14:16:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christina\Downloads\OTL.exe
PRC - [2012/09/28 20:18:24 | 000,842,680 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012/09/28 20:18:10 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012/09/28 20:18:08 | 000,965,560 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies\Kies.exe
PRC - [2012/09/26 20:58:32 | 000,580,096 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
PRC - [2012/09/03 08:28:04 | 000,722,528 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/03 08:28:00 | 000,947,808 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/08/25 16:27:58 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2012/08/25 16:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/05/28 15:56:36 | 000,288,128 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
PRC - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2009/07/15 12:13:06 | 003,662,632 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/07/15 12:13:04 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/07/15 12:13:02 | 004,408,616 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/02/27 14:13:52 | 003,228,912 | ---- | M] (Rogers) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
PRC - [2008/06/20 07:14:00 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2008/02/08 11:10:00 | 000,394,856 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/09/19 14:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/09/03 06:39:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/05/22 19:32:52 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2007/05/17 19:03:24 | 004,813,312 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2007/04/10 19:40:28 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/03/29 13:39:18 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2007/02/28 18:38:18 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbucoms.exe
PRC - [2007/02/28 18:37:56 | 000,304,624 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
PRC - [2007/02/28 18:37:44 | 000,431,600 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Dell Photo AIO Printer 942\DLBUmon.exe
PRC - [2007/01/09 02:23:04 | 000,191,552 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2006/11/15 01:02:36 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2006/11/15 00:19:42 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006/11/06 20:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
PRC - [2006/11/02 08:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/05 00:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/06 13:08:04 | 012,841,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\cf9feed554bc016243ba6a00aea4b894\Kies.Theme.ni.dll
MOD - [2012/10/06 13:08:02 | 000,608,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\5c76b83b60b325a08d1a32053808bed5\DevicePodcast.ni.dll
MOD - [2012/10/06 13:07:59 | 000,369,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\a199e264e9caaeb5166ec1fda316637c\DevicePhoto.ni.dll
MOD - [2012/10/06 13:07:59 | 000,292,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\30e50457e3107d4857e7a45b6a970000\DeviceVideo.ni.dll
MOD - [2012/10/06 13:07:57 | 000,465,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\58388832e5e30bad42bb917da7a7a29f\VideoManager.ni.dll
MOD - [2012/10/06 13:07:57 | 000,301,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\caa8b9b589d83c6ca8fffbe253fa76cf\DeviceMusic.ni.dll
MOD - [2012/10/06 13:07:55 | 001,500,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\7b0a1d296e08fb809e74a1cd5d79399e\PodcastService.ni.dll
MOD - [2012/10/06 13:07:54 | 000,615,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\779d64068c1559174cb55d45346cd0d9\PhotoManager.ni.dll
MOD - [2012/10/06 13:07:52 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\c73b89d0a9223a068c883c1631214dac\Podcaster.ni.dll
MOD - [2012/10/06 13:07:36 | 005,844,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\e3194f8cb297c135bf06778149f7b9d2\DeviceHost.ni.dll
MOD - [2012/10/06 13:07:26 | 000,036,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ab289c3ef885cea505d7c6ee65d8fe11\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012/10/06 13:07:18 | 001,869,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\7d2a087208441a3b3e9a1b590174ed4a\Phonebook.ni.dll
MOD - [2012/10/06 13:07:06 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\36b7f6cdca03be2b2c0b0f02742558f2\CPKTMusicPlugin.ni.dll
MOD - [2012/10/06 13:07:04 | 000,941,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\d58652b3ce3e2e8c4745571f17a2d51b\MusicManager.ni.dll
MOD - [2012/10/06 13:07:00 | 000,320,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\7720274979068d017f942362b0b35d4f\EBookManager.ni.dll
MOD - [2012/10/06 13:06:56 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\4649eccd9eb6e833a50f4fd99d140a5d\BATPlugin.ni.dll
MOD - [2012/10/06 13:06:54 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\85f0d3b7c15ea89f8880a59ee05741fd\AllShareController.ni.dll
MOD - [2012/10/06 13:06:50 | 000,507,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\eae978f31103207e6d393ec713d2d7c6\Kies.Common.MediaDB.ni.dll
MOD - [2012/10/06 13:06:50 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\a7ab3563a3d5791c54b8ab74d5af7ab5\Kies.Common.StoreManager.ni.dll
MOD - [2012/10/06 13:06:49 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\12469c2abcd6388af01f04108d8e1878\ASF_cSharpAPI.ni.dll
MOD - [2012/10/06 13:06:48 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\c809657c9b4348bfca86a6e979bc75d3\Kies.Common.AllShare.ni.dll
MOD - [2012/10/06 13:06:46 | 000,282,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bdd4c746b6d6999292554e15dc68e5db\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012/10/06 13:06:45 | 000,189,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7fa48c71c6c163f34da035acb39c5edc\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012/10/06 13:06:43 | 000,566,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\5a707c274cc7884ac97adad268ab56a7\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012/10/06 13:06:43 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\a2d843ae73da1a0821eb0a7be1527c69\Interop.DevFileServiceLib.ni.dll
MOD - [2012/10/06 13:06:42 | 000,569,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3fe35a76e9153297535df7f037322dee\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012/10/06 13:06:39 | 001,056,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\984b3592207d631e374cc860793d65c9\Kies.Common.DeviceService.ni.dll
MOD - [2012/10/06 13:06:39 | 000,907,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6d0a187a097222ec359e447e6ac136af\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012/10/06 13:06:39 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2c4cfd237e193f1b25ea0d07dfd21310\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012/10/06 13:06:35 | 002,198,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\557f7410c3dc37f1accf8b4c8770f47f\Kies.Common.Multimedia.ni.dll
MOD - [2012/10/06 13:06:35 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\575a049dfe13964db34d62b6f1bdad5f\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012/10/06 13:06:35 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\2cf68dad9c88a16fd18460345d855124\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012/10/06 13:06:34 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\9dc3e0ae616c7239c74ce82a970ca743\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012/10/06 13:06:34 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\f99a371a3a4fa5d23596db01eb485315\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012/10/06 13:06:28 | 000,198,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\6cfefc80492129da151a2ffd3ddddc92\Kies.Common.MainUI.ni.dll
MOD - [2012/10/06 13:06:26 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\edcbab5e79007b0176a58e11a6845bb7\Kies.Common.DBManager.ni.dll
MOD - [2012/10/06 13:06:25 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\116f694385a15386804af59028de6f7f\CabLib.ni.dll
MOD - [2012/10/06 13:06:22 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\05bb994a26c14365800d96f93bd2d5c1\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012/10/06 13:06:22 | 000,271,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\a4d3257e432dc0fdf90a72dbb6b723e5\Kies.Common.Util.ni.dll
MOD - [2012/10/06 13:06:21 | 001,844,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\c3c4e8f06ebe46023a34babd04a1aba8\Kies.UI.ni.dll
MOD - [2012/10/06 13:06:20 | 001,459,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\9acd7bd2a115a3ebcf9df90ce77b21b3\Kies.Locale.ni.dll
MOD - [2012/10/06 13:06:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\6ad4d34fc12ce9dfbd2c406e202e8a46\Interop.DeviceSearchLib.ni.dll
MOD - [2012/10/06 13:06:18 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\91b7d36d2db3471317563773d3ace3c4\Kies.MVVM.ni.dll
MOD - [2012/10/06 13:06:15 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\8d959268f6c6a3a4f1d3da78ebcfa50a\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012/10/06 13:06:13 | 001,198,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\f40896dc0bdd0c608091be0d9175e828\Kies.Interface.ni.dll
MOD - [2012/10/06 13:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\0e56badd6e20e2dc81c45cdff2326f6b\System.ServiceProcess.ni.dll
MOD - [2012/10/06 13:05:43 | 000,771,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\313422d72f54628fc052bc054b0725ec\System.Runtime.Remoting.ni.dll
MOD - [2012/10/06 13:05:34 | 001,688,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\c946d63514a5a1f1c4f04b347594e5da\Kies.ni.exe
MOD - [2012/10/06 13:05:33 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f91c92735c4a913143a0914c8cb531f2\System.Xaml.ni.dll
MOD - [2012/10/06 12:56:42 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\063174e87d258ef1db040cbfbdd4cd31\PresentationFramework.ni.dll
MOD - [2012/10/06 12:56:05 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\984f8802a334d2ae862b66bf71332c10\PresentationCore.ni.dll
MOD - [2012/10/06 12:56:00 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d131eefaea0ca120aaf11568d8e44cad\System.Configuration.ni.dll
MOD - [2012/10/06 12:55:39 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\697786bb51408d41d980263d90a56d03\WindowsBase.ni.dll
MOD - [2012/10/06 12:55:32 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\500ffaf6258746eaf0bfc333ab534a51\System.Core.ni.dll
MOD - [2012/10/06 12:55:27 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b54a85f8f8f5ac297357c80b95834a90\System.Xml.ni.dll
MOD - [2012/10/06 12:55:15 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\360d70391adff56f1d029b1a538d2431\System.ni.dll
MOD - [2012/10/06 12:55:04 | 014,415,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\97d737762adec957a2d7c80fafb4703a\mscorlib.ni.dll
MOD - [2012/09/03 08:29:32 | 000,564,832 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/03 08:29:30 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/03 08:28:00 | 000,947,808 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/06/16 19:17:58 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/16 19:17:26 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\b26d1c6ae98a3fafd08a70f2d719af08\TCrdMain.ni.exe
MOD - [2012/06/16 18:39:45 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/16 18:33:28 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/06/16 18:31:52 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll
MOD - [2012/06/16 18:29:36 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll
MOD - [2012/06/14 17:07:57 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
MOD - [2012/06/05 22:07:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/06/05 22:06:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012/05/21 21:10:29 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/21 21:07:27 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
MOD - [2012/05/21 21:05:45 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012/05/21 21:05:36 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/21 21:04:58 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2008/06/20 08:00:33 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2819.40561__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:33 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2819.40767__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:33 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2819.40521__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:33 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2819.40573__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:33 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2819.40760__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:33 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2819.40720__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2819.40553__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:33 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:33 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2819.40540__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:32 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2819.40794__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:11 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2819.40801__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:11 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2819.40534__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2819.40761__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,794,624 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2819.40671__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2819.40585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2819.40541__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2819.40747__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:10 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2819.40728__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2819.40579__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2819.40690__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:10 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2819.40733__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:10 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:10 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2819.40727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2819.40788__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2819.40590__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:10 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2819.40689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:09 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2819.40664__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:09 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2819.40709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:09 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2819.40657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/06/20 08:00:09 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2819.40591__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2008/06/20 08:00:09 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2819.40662__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2819.40670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2819.40708__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/06/20 08:00:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/06/20 08:00:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/06/20 08:00:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/06/20 08:00:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/06/20 08:00:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/06/20 08:00:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/06/20 08:00:08 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2756.30548__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2756.30538__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/06/20 08:00:08 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/06/20 08:00:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2756.30593__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2756.30535__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/06/20 08:00:08 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2756.30635__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/06/20 08:00:08 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2756.30541__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/06/20 08:00:08 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2756.30592__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2756.30590__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/06/20 08:00:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2756.30550__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2756.30543__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2756.30554__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2756.30578__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2756.30588__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2756.30552__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/06/20 08:00:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2756.30577__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2756.30568__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2756.30567__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2756.30565__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2756.30558__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2756.30537__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008/06/20 08:00:07 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/06/20 08:00:07 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2756.30555__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/06/20 08:00:07 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2756.30551__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/06/20 08:00:02 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2819.40823__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/06/20 08:00:01 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2819.40529__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/06/20 08:00:01 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2819.40548__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/06/20 08:00:01 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2819.40773__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008/06/20 08:00:01 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2819.40781__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/06/20 08:00:01 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2819.40514__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/06/20 08:00:01 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2819.40514__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/06/20 08:00:01 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2819.40779__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/06/20 08:00:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2819.40512__90ba9c70f846762e\APM.Server.dll
MOD - [2008/06/20 08:00:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2819.40513__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/06/20 08:00:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2756.30545__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/06/20 08:00:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2756.30555__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/06/20 08:00:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2756.30554__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/06/20 08:00:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2756.30543__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/06/20 08:00:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2819.40780__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/06/20 08:00:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/06/20 08:00:01 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2756.30589__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/06/20 08:00:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2756.30556__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/06/20 08:00:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2756.30556__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/06/20 08:00:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2756.30578__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008/06/20 08:00:01 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2819.40513__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2007/09/21 03:43:46 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007/05/31 13:12:32 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007/05/17 19:03:24 | 004,813,312 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007/04/23 13:38:08 | 000,009,216 | ---- | M] () -- C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll
MOD - [2007/02/28 18:37:56 | 000,304,624 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
MOD - [2007/01/22 02:19:00 | 000,069,632 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\DLBUcfg.dll
MOD - [2006/12/01 21:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2006/11/09 21:27:00 | 000,090,112 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006/11/08 21:08:30 | 000,009,216 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2006/11/06 20:14:44 | 000,034,352 | ---- | M] () -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
MOD - [2006/10/10 14:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 14:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005/09/20 07:40:30 | 000,122,880 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbudrec.dll


========== Services (SafeList) ==========

SRV - [2012/09/03 08:28:04 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/08/25 16:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/08/20 09:23:29 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/26 12:04:52 | 000,913,792 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/11/16 12:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2009/07/15 12:13:04 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/07/15 12:13:02 | 004,408,616 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2008/08/05 15:04:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/19 14:01:12 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/03/29 13:39:20 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/28 18:38:18 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbucoms.exe -- (dlbu_device)
SRV - [2006/11/14 23:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/05 00:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 21:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\TpChoice.sys -- (TpChoice)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\rp_skt32.sys -- (RPSKT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Gravity\RO\npkycryp.sys -- (npkycryp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (am6ecvha)
DRV - [2012/09/03 08:29:30 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/08/25 16:27:54 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/07/26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/06/27 04:37:56 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2012/06/27 04:37:56 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus)
DRV - [2012/06/27 04:37:56 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/05/06 18:00:39 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/05/06 18:00:39 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/10/04 18:20:58 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/05/20 18:14:32 | 000,013,224 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVTHid.sys -- (WacomVTHid)
DRV - [2009/05/20 15:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/05/18 17:00:30 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/04/11 00:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009/01/30 17:29:50 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2008/06/10 10:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/11/09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/09/21 03:56:22 | 003,077,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/09/19 13:59:12 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2007/04/16 13:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/04/03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s616bus.sys -- (s616bus)
DRV - [2007/02/16 15:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/15 20:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2007/01/24 01:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 03:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/04 06:45:48 | 000,178,913 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\V0260Vid.sys -- (V0260VID)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/08/29 20:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/07/28 19:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2005/02/01 15:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Gravity\RO\npkcrypt.sys -- (npkcrypt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
IE - HKU\.DEFAULT\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan.com/?prt=QUESTSCAN165&keywords={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
IE - HKU\S-1-5-18\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan.com/?prt=QUESTSCAN165&keywords={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}

IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sympatico.msn.ca/default.aspx?lang=en-ca
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - No CLSID value found
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes,DefaultScope = {19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{185F775A-BB69-4122-8A15-C398223BDF18}: "URL" = http://ca.search.yahoo.com/search/dir?ei=UTF-8&p={searchTerms}&fr=yessv
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{19F2B849-4ADE-4d4b-85F9-C31C643DBDE9}: "URL" = http://fastbrowsersearch.com/results/results.aspx?q={searchTerms}&c=web&s=DSP&v=9
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan.com/?prt=QstscanPB&keywords={searchTerms}
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{724D7786-751F-4AAA-9ED2-2EC20548A696}: "URL" = http://ca.search.yahoo.com/search/news?ei=UTF-8&p={searchTerms}&fr=yessv
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={EAAB287D-0A22-4799-994C-43C99F5EEE90}&mid=ee940e4ddbbb47d0b333d1527e53ee7d-7b28aa979972c584653a7051471e71288f2f686d&lang=en&ds=AVG&pr=fr&d=2012-08-14 06:46:15&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{A0A156CC-B7BC-4898-9018-C708C98CACD0}: "URL" = http://ca.video.search.yahoo.com/search ... i=UTF-8&p={searchTerms}&fr=yessv
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{C0A1539D-FAEB-4EA4-9BA6-CD64593285FB}: "URL" = http://www.fastbrowsersearch.com/result ... ts.aspx?q={searchTerms}&c=web&s=DSP&v=19&tid={49D4AC4B-8334-4a3f-94E6-543C3CAF4445}
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{C45E9439-841B-4A7A-B90D-0A4A48C092DF}: "URL" = http://ca.search.yahoo.com/search/images?ei=UTF-8&p={searchTerms}&fr=yessv
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=FRW
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://ca.search.yahoo.com/search?p={searchTerms}&fr=yessv
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\SearchScopes\{F156E7ED-89A6-4BBE-8860-F8D3925D8602}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MS8TDF&pc=MS8TDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:25461
IE - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = dad

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ig?hl=en&source=webhp"
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: smarterwiki@wikiatic.com:4.7.7
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.17
FF - prefs.js..extensions.enabledItems: {27E679CC-6AAB-4B2A-BB87-096FE4178464}:1.0
FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {F0E1168A-B4B5-484C-B77E-0D28E6B64096}:1.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.3.3
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.2
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: plugin@yontoo.com:1.10.01
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {6e73f6b7-b9ab-44b8-b744-6393e3c2e351}:0.5
FF - prefs.js..extensions.enabledItems: {9565115d-c7d6-46d3-bd63-b67b481a4368}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.3.3
FF - prefs.js..extensions.enabledItems: ShopperReports@ShopperReports.com:3.0.517.0
FF - prefs.js..extensions.enabledItems: {31F37877-0076-4d26-8FD4-D9A7223FFC06}:1.0
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\nprpspa.dll (Rogers)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com: C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2010/11/22 02:46:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files\ClickPotatoLite\bin\10.0.622.0\firefox\extensions
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{31F37877-0076-4d26-8FD4-D9A7223FFC06}: C:\Program Files\FacePaint\FacePaintFF\{31F37877-0076-4d26-8FD4-D9A7223FFC06} [2010/10/07 11:17:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/09/03 08:29:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/20 09:23:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/05 20:39:15 | 000,000,000 | ---D | M]

[2010/09/16 18:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christina\AppData\Roaming\Mozilla\Extensions
[2012/08/24 12:09:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\extensions
[2012/02/17 13:21:08 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/02/17 13:32:24 | 000,000,000 | ---D | M] (Springpad Extension) -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\extensions\ext@sprng.me
[2012/02/17 13:12:56 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\extensions\personas@christopher.beard.xpi
[2012/02/17 12:46:51 | 000,322,566 | ---- | M] () (No name found) -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\extensions\smarterwiki@wikiatic.com.xpi
[2011/01/05 00:44:19 | 000,000,863 | ---- | M] () -- C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\39qs6nj9.default\searchplugins\conduit.xml
[2012/09/05 20:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/16 21:50:40 | 000,000,000 | ---D | M] (QueryExplorer) -- C:\Program Files\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
[2010/11/22 02:46:54 | 000,000,000 | ---D | M] (ResultBar) -- C:\Program Files\Mozilla Firefox\extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}
[2011/04/24 13:33:00 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/05 20:53:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011/07/26 19:14:00 | 000,000,000 | ---D | M] (QuestScan) -- C:\Program Files\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}
[2012/08/20 09:23:33 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/11/16 16:47:42 | 000,087,344 | ---- | M] (Pinball Corporation.) -- C:\Program Files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll
[2012/09/03 08:27:58 | 000,003,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2010/11/22 02:34:57 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/08/20 09:23:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/20 09:23:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
calynbana
Banned Member
 
Posts: 4
Joined: October 6th, 2012, 12:10 pm

Re: missing BHO.DLL and 1e3sh.exe error

Unread postby calynbana » October 6th, 2012, 2:56 pm

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcciaadkjghlekmecfilhfakgmmgheei\1.1_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7280_0\
CHR - Extension: No name found = C:\Users\Christina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/10/04 00:35:54 | 000,000,743 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (ShopperReports) - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BrowserHelper Class) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - C:\Program Files\SGPSA\SearchAssistant.dll (Make The Web Better, LLC)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (FacePaint.Plugin) - {A15C7D2D-9A4C-4c9a-9BD4-CC4815B28EBC} - mscoree.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (FacePaint Toolbar) - {CCCC7D2D-9A4C-4C9A-9BD4-CC4815B28CCC} - mscoree.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {9565115D-C7D6-46D3-BD63-B67B481A4368} - No CLSID value found.
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [C:\Windows\system32\V0260Ext.ax] C:\Windows\System32\V0260Ext.ax (Creative Technology Ltd.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [DLBUCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLBUtime.DLL ()
O4 - HKLM..\Run: [dlbumon.exe] C:\Program Files\Dell Photo AIO Printer 942\dlbumon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] \HWSetup.exe hwSetUP File not found
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKU\S-1-5-18..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~1 File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater] cmd.exe /C RD /S /Q C:\PROGRA~1\SEARCH~2 File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater1] cmd.exe /C RD /S /Q C:\PROGRA~2\SEARCH~2 File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus1] cmd.exe /C RD /S /Q C:\PROGRA~2\SEARCH~1 File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] SGPSA] cmd.exe /C RD /S /Q C:\PROGRA~1\SGPSA File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] SGPSA1] cmd.exe /C RD /S /Q C:\PROGRA~2\SGPSA File not found
O7 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr =
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_35.dll (Sun Microsystems, Inc.)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O9 - Extra Button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.517.0\ShopperReports.dll (SmartShopper Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab (HPDDClientExec Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1755C248-82BD-4E62-9131-238F664F0007}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53EDBA1B-E333-4612-98D7-50EB97FE9D02}: DhcpNameServer = 206.248.154.22 206.248.154.170
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Christina\Documents\My Scans\2009-06 (Jun)\designs.jpg
O24 - Desktop BackupWallPaper: C:\Users\Christina\Documents\My Scans\2009-06 (Jun)\designs.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4c17d3cc-43ef-11de-be79-001b38b7078e}\Shell - "" = AutoRun
O33 - MountPoints2\{4c17d3cc-43ef-11de-be79-001b38b7078e}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/06 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2012/10/06 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012/10/06 13:16:31 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Local\Samsung
[2012/10/06 13:16:18 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Roaming\Samsung
[2012/10/06 13:16:05 | 000,000,000 | ---D | C] -- C:\Users\Christina\Documents\samsung
[2012/10/06 13:03:08 | 000,123,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdm.sys
[2012/10/06 13:03:08 | 000,098,560 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bus.sys
[2012/10/06 13:03:08 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_mdfl.sys
[2012/10/06 13:03:08 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_cmnt.sys
[2012/10/06 13:03:08 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_cm.sys
[2012/10/06 13:03:08 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_whnt.sys
[2012/10/06 13:03:08 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_wh.sys
[2012/10/06 13:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2012/10/06 13:01:20 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2012/10/06 13:00:32 | 000,020,032 | ---- | C] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys
[2012/10/06 13:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012/10/06 13:00:31 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2012/10/06 12:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012/10/06 12:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2012/10/06 12:51:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/10/06 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Local\Downloaded Installations
[2012/10/01 21:15:02 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Local\Graboid Inc
[2012/10/01 21:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Graboid Inc
[2012/10/01 21:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/09/30 22:57:43 | 000,000,000 | R--D | C] -- C:\Sandbox
[2012/09/30 22:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2012/09/30 22:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2012/09/26 20:57:16 | 000,330,240 | ---- | C] ((주)마크애니) -- C:\Windows\MASetupCaller.dll
[2012/09/26 20:57:16 | 000,090,112 | ---- | C] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx
[2012/09/26 20:57:14 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax
[2012/09/26 20:57:14 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll
[2012/09/26 20:57:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll
[2012/09/26 20:57:14 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax
[2012/09/26 20:57:14 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll
[2012/09/26 20:57:14 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll
[2012/09/26 20:57:14 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe
[2012/09/26 20:57:14 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll
[2012/09/26 20:57:14 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll
[2012/09/26 20:57:14 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax
[2012/09/26 20:57:14 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax
[2012/09/26 20:57:14 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll
[2012/09/26 20:57:14 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\System32\MK_Lyric.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll
[2012/09/26 20:57:14 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll
[2012/09/26 20:57:14 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll
[2012/09/26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll
[2012/09/26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll
[2012/09/26 20:57:14 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll
[2012/09/26 20:57:14 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe
[2012/09/24 20:42:56 | 000,000,000 | ---D | C] -- C:\Users\Christina\Desktop\montessori planes development_files
[2012/09/24 20:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/09/24 20:38:16 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Roaming\IObit
[2012/09/24 20:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012/09/24 20:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/09/24 20:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/09/24 20:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/09/23 08:41:04 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/09/23 08:41:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/09/23 08:41:01 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/09/23 08:41:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/09/23 08:41:01 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/09/23 08:40:57 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/09/23 08:40:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/09/23 08:40:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/09/22 15:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dl_cats
[2012/09/21 17:34:16 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Local\Macromedia
[2012/09/21 17:33:22 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/09/15 13:59:18 | 000,000,000 | ---D | C] -- C:\Users\Christina\AppData\Local\{F0645317-CC2E-400C-A5CE-AD52BC147F00}
[2012/09/11 10:21:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/08 09:41:26 | 000,000,000 | ---D | C] -- C:\Users\Christina\Desktop\Art of the Personal Essay
[2 C:\Users\Christina\Desktop\*.tmp files -> C:\Users\Christina\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/06 14:18:43 | 000,000,084 | ---- | M] () -- C:\Users\Christina\Desktop\MalWare Removal • View topic - missing BHO.DLL and 1e3sh.exe error.URL
[2012/10/06 14:07:00 | 000,000,218 | ---- | M] () -- C:\Windows\tasks\TS.job
[2012/10/06 14:06:42 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 14:06:42 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/06 14:06:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/06 14:06:22 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/06 13:51:19 | 000,207,242 | ---- | M] () -- C:\Users\Christina\Desktop\Zeke.jpg
[2012/10/06 13:15:58 | 000,001,784 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012/10/06 13:01:34 | 000,001,808 | ---- | M] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/10/06 12:52:48 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/06 12:52:48 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/06 11:24:54 | 096,750,624 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/10/02 09:20:01 | 000,040,932 | ---- | M] () -- C:\Users\Christina\Desktop\picture 3.jpg
[2012/10/02 09:15:33 | 000,044,531 | ---- | M] () -- C:\Users\Christina\Desktop\picture 2.jpg
[2012/10/02 09:14:11 | 000,071,144 | ---- | M] () -- C:\Users\Christina\Desktop\picture.jpg
[2012/10/02 07:23:45 | 000,001,488 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/10/01 21:14:18 | 000,001,081 | ---- | M] () -- C:\Users\Christina\Desktop\Graboid Video.lnk
[2012/09/30 22:56:52 | 000,000,899 | ---- | M] () -- C:\Users\Christina\Desktop\Sandboxed Web Browser.lnk
[2012/09/30 22:56:52 | 000,000,899 | ---- | M] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/09/30 16:23:53 | 000,002,627 | ---- | M] () -- C:\Users\Christina\Desktop\Microsoft Office Word 2007.lnk
[2012/09/30 14:32:50 | 000,000,482 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Christina.job
[2012/09/26 20:57:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll
[2012/09/26 20:57:16 | 000,330,240 | ---- | M] ((주)마크애니) -- C:\Windows\MASetupCaller.dll
[2012/09/26 20:57:16 | 000,090,112 | ---- | M] ((주)마크애니) -- C:\Windows\MAMCityDownload.ocx
[2012/09/26 20:57:16 | 000,030,568 | ---- | M] () -- C:\Windows\MusiccityDownload.exe
[2012/09/26 20:57:14 | 000,974,848 | ---- | M] () -- C:\Windows\System32\cis-2.4.dll
[2012/09/26 20:57:14 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax
[2012/09/26 20:57:14 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll
[2012/09/26 20:57:14 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll
[2012/09/26 20:57:14 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DIFxAPI.dll
[2012/09/26 20:57:14 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax
[2012/09/26 20:57:14 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll
[2012/09/26 20:57:14 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll
[2012/09/26 20:57:14 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe
[2012/09/26 20:57:14 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll
[2012/09/26 20:57:14 | 000,143,360 | ---- | M] () -- C:\Windows\System32\3DAudio.ax
[2012/09/26 20:57:14 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll
[2012/09/26 20:57:14 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax
[2012/09/26 20:57:14 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax
[2012/09/26 20:57:14 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll
[2012/09/26 20:57:14 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax
[2012/09/26 20:57:14 | 000,081,920 | ---- | M] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | M] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\System32\MK_Lyric.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | M] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/09/26 20:57:14 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll
[2012/09/26 20:57:14 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll
[2012/09/26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll
[2012/09/26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll
[2012/09/26 20:57:14 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll
[2012/09/26 20:57:14 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe
[2012/09/26 20:57:12 | 000,821,824 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll
[2012/09/26 20:57:12 | 000,020,032 | ---- | M] (Devguru Co., Ltd) -- C:\Windows\System32\drivers\dgderdrv.sys
[2012/09/25 21:45:10 | 000,165,528 | ---- | M] () -- C:\Users\Christina\Desktop\Do-You-Seriously-Think-God-Cant-Use-You.jpg
[2012/09/24 20:42:56 | 000,003,221 | ---- | M] () -- C:\Users\Christina\Desktop\montessori planes development.htm
[2012/09/24 20:38:16 | 000,001,049 | ---- | M] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/09/24 20:37:47 | 000,263,598 | ---- | M] () -- C:\Users\Christina\Documents\cc_20120924_203725.reg
[2012/09/22 19:05:17 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.lnk
[2012/09/22 15:41:52 | 000,013,757 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf
[2012/09/21 18:29:10 | 000,078,873 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/09/21 17:33:22 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/09/21 17:33:22 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/09/12 09:52:49 | 000,000,598 | ---- | M] () -- C:\Users\Christina\Desktop\clock - Shortcut.lnk
[2012/09/12 09:46:27 | 000,011,914 | ---- | M] () -- C:\Users\Christina\Desktop\copy-pasta-300x178.jpg
[2012/09/11 10:21:38 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/09/06 22:40:20 | 000,243,829 | ---- | M] () -- C:\Users\Christina\Desktop\nats.pdf
[2012/09/06 21:55:40 | 000,016,099 | ---- | M] () -- C:\Users\Christina\Desktop\MANDATORY FOR RILEYS OSAP.pdf
[2 C:\Users\Christina\Desktop\*.tmp files -> C:\Users\Christina\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/06 14:18:43 | 000,000,084 | ---- | C] () -- C:\Users\Christina\Desktop\MalWare Removal • View topic - missing BHO.DLL and 1e3sh.exe error.URL
[2012/10/06 13:53:39 | 000,207,242 | ---- | C] () -- C:\Users\Christina\Desktop\Zeke.jpg
[2012/10/06 13:15:58 | 000,001,784 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2012/10/06 13:01:34 | 000,001,808 | ---- | C] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2012/10/02 09:20:00 | 000,040,932 | ---- | C] () -- C:\Users\Christina\Desktop\picture 3.jpg
[2012/10/02 09:15:33 | 000,044,531 | ---- | C] () -- C:\Users\Christina\Desktop\picture 2.jpg
[2012/10/02 09:14:04 | 000,071,144 | ---- | C] () -- C:\Users\Christina\Desktop\picture.jpg
[2012/10/01 21:14:18 | 000,001,081 | ---- | C] () -- C:\Users\Christina\Desktop\Graboid Video.lnk
[2012/09/30 22:57:13 | 000,000,899 | ---- | C] () -- C:\Users\Christina\Desktop\Sandboxed Web Browser.lnk
[2012/09/30 22:57:13 | 000,000,899 | ---- | C] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2012/09/30 22:57:11 | 000,001,488 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/09/26 20:57:16 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/09/26 20:57:14 | 000,143,360 | ---- | C] () -- C:\Windows\System32\3DAudio.ax
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/09/25 21:45:08 | 000,165,528 | ---- | C] () -- C:\Users\Christina\Desktop\Do-You-Seriously-Think-God-Cant-Use-You.jpg
[2012/09/24 20:42:55 | 000,003,221 | ---- | C] () -- C:\Users\Christina\Desktop\montessori planes development.htm
[2012/09/24 20:38:16 | 000,001,049 | ---- | C] () -- C:\Users\Christina\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 5.lnk
[2012/09/24 20:37:28 | 000,263,598 | ---- | C] () -- C:\Users\Christina\Documents\cc_20120924_203725.reg
[2012/09/22 19:05:16 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\Dell Printer Supplies - Inkjet.lnk
[2012/09/12 09:52:49 | 000,000,598 | ---- | C] () -- C:\Users\Christina\Desktop\clock - Shortcut.lnk
[2012/09/12 09:46:25 | 000,011,914 | ---- | C] () -- C:\Users\Christina\Desktop\copy-pasta-300x178.jpg
[2012/09/06 22:40:20 | 000,243,829 | ---- | C] () -- C:\Users\Christina\Desktop\nats.pdf
[2012/09/06 21:55:39 | 000,016,099 | ---- | C] () -- C:\Users\Christina\Desktop\MANDATORY FOR RILEYS OSAP.pdf
[2012/08/27 22:57:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbuinpa.dll
[2012/08/27 22:57:30 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBUhcp.dll
[2012/08/27 22:57:30 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBUinst.dll
[2012/08/27 22:57:29 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbuiesc.dll
[2012/08/27 22:57:28 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbuusb1.dll
[2012/08/27 22:57:28 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbuutil.dll
[2012/08/27 22:57:27 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbuserv.dll
[2012/08/27 22:57:27 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbupmui.dll
[2012/08/27 22:57:27 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbuprox.dll
[2012/08/27 22:57:27 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbupplc.dll
[2012/08/27 22:57:26 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbulmpm.dll
[2012/08/27 22:57:26 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbuih.exe
[2012/08/27 22:57:26 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbuinsb.dll
[2012/08/27 22:57:26 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbuins.dll
[2012/08/27 22:57:26 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbujswr.dll
[2012/08/27 22:57:26 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbuinsr.dll
[2012/08/27 22:57:25 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbuhbn3.dll
[2012/08/27 22:57:25 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbucoms.exe
[2012/08/27 22:57:25 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbucub.dll
[2012/08/27 22:57:25 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbucu.dll
[2012/08/27 22:57:25 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbucur.dll
[2012/08/27 22:57:24 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbucomc.dll
[2012/08/27 22:57:24 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbucomm.dll
[2012/08/27 22:57:24 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbucfg.exe
[2012/08/27 22:57:23 | 000,069,632 | ---- | C] () -- C:\Windows\System32\DLBUcfg.dll
[2012/08/27 22:51:44 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbucnv4.dll
[2012/08/27 22:51:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbuvs.dll
[2012/08/27 22:51:43 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbucoin.dll
[2012/08/23 08:23:11 | 000,027,520 | ---- | C] () -- C:\Users\Christina\AppData\Local\dt.dat
[2011/11/01 21:10:05 | 000,116,839 | ---- | C] () -- C:\Windows\hpqins00.dat
[2011/09/28 21:29:56 | 000,304,640 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/09/28 21:29:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/05/12 15:00:16 | 000,001,940 | ---- | C] () -- C:\Users\Christina\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/04/29 22:12:56 | 000,000,173 | ---- | C] () -- C:\Users\Christina\AppData\Local\rahistory.xml
[2011/04/24 13:34:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/02/15 22:01:53 | 000,002,283 | ---- | C] () -- C:\Users\Christina\video games.m3u
[2008/09/17 19:41:45 | 000,015,159 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/06/24 17:03:01 | 000,000,680 | ---- | C] () -- C:\Users\Christina\AppData\Local\d3d9caps.dat
[2008/06/23 18:02:33 | 000,000,632 | RHS- | C] () -- C:\Users\Christina\ntuser.pol
[2008/06/20 20:18:30 | 000,013,824 | ---- | C] () -- C:\Users\Christina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini========== ZeroAccess Check ==========

[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/07/20 08:21:15 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\Rogers Online Protection
[2010/09/16 14:20:59 | 000,000,000 | ---D | M] -- C:\Users\caitlin\AppData\Roaming\WTouch
[2012/08/14 06:57:47 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\AVG2012
[2011/08/31 16:37:10 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\FrostWire
[2012/04/22 20:00:32 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\go
[2012/09/24 20:38:21 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\IObit
[2010/09/19 17:45:25 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Ludia
[2010/09/19 17:40:11 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\OpenCandy
[2010/12/27 21:27:39 | 000,000,000 | -HSD | M] -- C:\Users\Christina\AppData\Roaming\Personal Internet Security 2011
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Rogers Online Protection
[2012/10/06 13:16:18 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Samsung
[2010/10/02 21:07:11 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\ShopperReports3
[2008/06/22 22:52:41 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Software Informer
[2010/12/10 00:10:53 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\TOSHIBA
[2008/12/25 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Ulead Systems
[2010/09/19 17:41:52 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\Uniblue
[2009/11/02 18:20:25 | 000,000,000 | ---D | M] -- C:\Users\Christina\AppData\Roaming\WTouch
[2010/11/26 14:55:12 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\Rogers Online Protection
[2010/11/26 14:54:57 | 000,000,000 | ---D | M] -- C:\Users\mom and dad\AppData\Roaming\WTouch
[2010/11/27 13:21:15 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\Babylon
[2009/10/04 21:19:55 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\Rogers Online Protection
[2009/11/15 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Tyler\AppData\Roaming\WTouch

========== Purity Check ==========



< End of report >
calynbana
Banned Member
 
Posts: 4
Joined: October 6th, 2012, 12:10 pm

Re: missing BHO.DLL and 1e3sh.exe error

Unread postby calynbana » October 6th, 2012, 2:56 pm

OTL Extras logfile created on: 06/10/2012 2:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christina\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.41% Memory free
4.23 Gb Paging File | 2.74 Gb Available in Paging File | 64.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 173.63 Gb Total Space | 62.62 Gb Free Space | 36.06% Space Free | Partition Type: NTFS
Drive D: | 5.88 Gb Total Space | 5.82 Gb Free Space | 99.01% Space Free | Partition Type: NTFS

Computer Name: CHRISTINA-PC | User Name: Christina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusOverride" = 
"FirewallOverride" = 
"UpdatesDisableNotify" = 
"AntiVirusDisableNotify" = 
"FirewallDisableNotify" = 
"FirstRunDisabled" = 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D499C9-DCDF-4ECC-A15D-CECC119300E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0B5C8040-1067-4D5E-B0B7-B136CBDE1CA8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{191592CD-774E-474C-ACEF-8B6ABB6059EC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DCBA7C2-DDA3-4C98-ABFC-5166D57EFD28}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{406CF0E8-9D00-4920-A0EB-86C6CF482466}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45FC196F-A8E3-4B23-8EF7-73228638A0F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5007AD85-0C93-45F0-B78A-0BDB5B9F41ED}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{62248B00-CEFD-4035-9DF1-293D2358EE4B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6333C474-E05D-4651-8641-2E1829DC7363}" = lport=2869 | protocol=6 | dir=in | app=system |
"{67A8916E-AAC8-4339-9CF2-61180C82D698}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B05D1C5C-AA1E-4C1A-9B06-C81F1C20EE4D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C2ED98DE-F2C0-4518-9EF9-3030BEC50F09}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C765373B-B20C-4D8C-9BB1-F678273A7300}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CAC5FE03-1240-4EDB-A8F1-849280EFD5EC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CBD674DC-F00D-4D54-AE18-85AB22E827B6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D90BE18C-269C-45F6-AED6-24264326B8CD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FDB9DF0A-D961-4618-BC61-37926C54A22C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09AE98B9-51EE-49B9-98AC-719066F68F06}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 942\dlbumon.exe |
"{0D9714AD-56FA-40F2-9A50-8357FE99C935}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{0E59177C-ADC2-414E-B915-7CDAB44D8030}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{0EFE2FFD-DF76-45E4-A862-3A68AF2ECF39}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{11E5AF6B-AA1B-48AE-A3EA-59C37C8A154C}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{1652C041-A257-4BC0-924B-575B73F6AC14}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 942\dlbumon.exe |
"{20BF1B21-F287-4D24-ABC8-EC445D724432}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{221309BE-EFD9-484F-95D6-740F34732D70}" = protocol=17 | dir=in | app=c:\program files\ea games\the sims 2 deluxe\ep2\tsbin\sims2ep2.exe |
"{23D90C7D-0596-4517-B62A-C10611392385}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{249E704B-0351-4FD3-BFD2-CCE8617C503C}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
"{26202F79-5151-4181-959D-B1CD9617A200}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{26F6E705-5744-4655-AE5D-2D59B50A3259}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{35A576C3-3AEC-4E04-BEDA-D3679B218594}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3B01D1D8-1006-4D0A-987D-7CAFAA2CA2ED}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{40B30B42-3C1C-44BD-B82F-DB5422D12ABA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{42CD09C5-4EC6-4C35-89D8-B5D1A37188F5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbupswx.exe |
"{444A2459-0D67-4BA3-98EF-79814343BF41}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{4813D8A1-B6F2-4282-84FD-5869EF79D298}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48753908-6731-454D-8E5B-51D9B5AFD984}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{48802079-4FE2-44D0-9024-F613C711E5AA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4C2952E4-1F94-4E88-B832-470BD86B0645}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D51468A-564B-41D4-AB73-AB5478C726C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FDC63AF-AA8C-45F0-86BB-219A95B37D4B}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{5CAD248C-1DD3-4A92-BA1D-F1647A1C1765}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{5FCFE9B3-FB50-4909-99ED-AE71784D162D}" = protocol=17 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{6375161A-7923-46C8-B153-233F98163B8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{658A618B-9AD7-48E1-92F9-ACAAFBEA4BCD}" = protocol=6 | dir=out | app=system |
"{66BABB19-590F-4412-9BA6-C75AECF28393}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{68163CF2-EDCC-4509-BE7F-4ACD6759F55E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{75F89F95-6A1A-40C7-BA10-2EE74230E57A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7608BD5E-FBB9-4328-BC47-50D75F08711B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{7C455B53-C815-41F6-AE92-41E2C3C4568C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{856B340C-887B-4C41-8EFE-61F02639809F}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{8944CA40-393F-4ADE-9F96-999D6FCA47D4}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{8D34DED9-8972-4E3E-9023-340F1B549B01}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8D3D2CAF-6AB8-43E1-BCE4-E89E81A8714C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F256998-7A34-4620-8A35-2DD72021140A}" = protocol=6 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{917DD796-0A5B-4B1C-8C75-B2742841E66B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{95F41A4A-6855-4A11-90D5-F5E8F31111C0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9648D15D-BB3E-469E-9C56-D22453B22300}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{9CB03FD2-5894-4256-9009-4137B6931390}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9D30232B-1DE5-4DDE-8070-0A8BAA2D6AAF}" = protocol=6 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{A6F792F5-E556-4EC4-9702-1FA33E0E693F}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{AC44F74B-949F-4C86-BE1E-192AFCCA96F0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{AC78B347-4AD3-4743-9DFB-B5F10F9E9265}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
"{AFCBDE6C-42EA-4840-BFB5-6F2C13234C9C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{B6BE652D-E4D1-48C3-9254-ED704B7DFD11}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{B79D9928-4D50-4DD2-BA69-250FF5B715DB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{B9F60544-D02C-4187-8076-B726FEB05F6C}" = protocol=6 | dir=in | app=c:\program files\ea games\the sims 2 deluxe\ep2\tsbin\sims2ep2.exe |
"{C132E549-C591-4011-8694-39FE189F3C40}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C1AB42C1-2C0E-4153-9BF5-C96F3B8006B0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C26CBB2D-A817-4FA7-9A67-5732629A16AB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{C742EB26-8ADA-4FFE-A551-983A2EDB7D64}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{C7EFB5AB-5BC8-4DEB-BA78-391FE3A27DBA}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbupswx.exe |
"{C9F8D96F-810C-4626-A0E0-5473303FC4E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA2BDF69-76D8-4F91-9418-308921107C71}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{D42433BD-EE1D-4815-9935-AEAD715D1C97}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{DC839DD1-2208-4D49-BB91-63BE8EE5F606}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DFD1654C-0E05-46F8-B1C0-57A04B19069A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E734FA07-3126-4631-B736-4059A7DA080F}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 942\dlbuaiox.exe |
"{E78ACCB1-A972-46F0-BA64-EE0C01D72FC0}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 942\dlbuaiox.exe |
"{E7AA5B0D-0A78-468D-9750-95D089F2A73C}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{E8877051-8DCA-48B7-947C-A2B33FD01318}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ECF1576E-7858-4653-908E-E4BC8F4D92F2}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F21CCF83-B7C0-4211-807E-423B1545F154}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F84FCEB9-C0E9-4B4B-8546-62015F40919F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F9F9A81E-4DEB-46F0-A605-89E89D753814}" = protocol=17 | dir=in | app=c:\windows\system32\dlbucoms.exe |
"{FAE13BE4-8E6A-496E-8E25-E03AA3A6312C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1458608D-1E88-4BE4-8E09-A16CA48E8C1C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{E8342910-5D1F-49DF-98FE-4F51FC89535B}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{040D3C87-C028-4213-50C5-7A41C02A84CF}" = CCC Help Dutch
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0827A30F-B349-4247-C003-1EDEEA3F75A0}" = Catalyst Control Center Localization Finnish
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A00AE5F-E08E-787E-48C0-BABE8B1B4C84}" = CCC Help Polish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA13800-EF17-741F-08BA-53F26908C8A8}" = ccc-utility
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14B78489-B0E7-4B36-FFFD-9E6BB1C9B14E}" = Catalyst Control Center Graphics Full New
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1945916C-660A-F916-3EDE-5E31C17D97EB}" = CCC Help Turkish
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2202F1B7-3749-BFCD-6794-18C50307D3CA}" = Catalyst Control Center Graphics Previews Vista
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{25E37249-2688-07EA-A892-C4F53EB86B22}" = CCC Help German
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{298BE1F8-4A40-8BE7-BBD9-4C7171389C16}" = Catalyst Control Center Localization Norwegian
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2D0C679F-6D2E-3DB6-7FAF-8092F94B4FDF}" = CCC Help Chinese Standard
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{2F9C86AE-85C2-B9D4-BF10-59BE20C42914}" = CCC Help Swedish
"{316CDA1E-4760-4772-94B0-0FFC56D85700}" = RPS CRT
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{3932745C-7335-6F80-25DB-2ADCED63B287}" = Catalyst Control Center Localization Russian
"{3A6396DC-F35E-1083-5DCB-512BBB723D3B}" = Catalyst Control Center Localization Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE3EA90-E186-11B1-17A7-D1C133FBA951}" = CCC Help Russian
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{3D8E04DE-4944-CC6E-77A9-C83666F93EB8}" = Catalyst Control Center Localization French
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{4223EFD6-5466-DE65-D829-1E29626FA757}" = CCC Help Korean
"{4478F10E-BB85-C351-A8DD-2D8E26086ECC}" = Catalyst Control Center Localization Swedish
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E5901EE-4746-88ED-3771-915CCCFB17D2}" = Catalyst Control Center Core Implementation
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51A0008E-46AF-2800-9F82-1726ABDEBD31}" = CCC Help Finnish
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{61FB1C6D-6200-5659-0C3C-7ABDAC982442}" = ATI Catalyst Install Manager
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65D4DAA8-3611-4322-8E69-27880AFD90EC}" = reminder
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{761A0675-6067-9405-E24F-839F3506D0A6}" = Catalyst Control Center Localization Italian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C4C5272-983F-BDC5-1223-03814D4D393E}" = CCC Help French
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80BBE326-A06D-EB99-C804-DAC994C2CDCE}" = CCC Help English
"{80D23E2E-09A5-C202-DB22-2363D5DF7880}" = Catalyst Control Center Localization Chinese Standard
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{848F3E88-B442-06C0-B0C5-1DB8F1AEFD0C}" = Catalyst Control Center Graphics Full Existing
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{84FC6FDC-D076-BCB0-BC67-891A548AB4CA}" = ccc-core-static
"{85948378-92EB-3B9E-1698-6650A3D2DB91}" = Catalyst Control Center Localization Korean
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8950A48A-D79E-EA03-2A84-6DADE70931FB}" = CCC Help Thai
"{89AB9D60-9C0D-21CE-0170-B20C220E5855}" = Catalyst Control Center Localization Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CC28EDD-B675-1273-63D2-1603B4F80544}" = CCC Help Portuguese
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9164E441-F732-5756-A4FB-99BC67A72ECC}" = CCC Help Spanish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9725E06F-F21B-7751-F53D-B799EC9CC4D8}" = Catalyst Control Center Localization Hungarian
"{9B980CB3-A949-350B-C0C3-04BAE888ED16}" = Catalyst Control Center Localization Chinese Traditional
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = The Sims™ 2 Deluxe
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D986E6C-E3FA-17C5-11D4-C1B6B65B1284}" = Catalyst Control Center Graphics Light
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{a8695008-d36e-42fa-9454-716644426bee}" = Graboid Video 3.45 Setup
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B308C894-4CC2-59C9-A5EE-EE22C8862AAB}" = CCC Help Italian
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B5DBDD11-97A1-BBF4-D2D7-B381A4010F6C}" = Catalyst Control Center Localization Turkish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B6605725-5BDB-9684-EE19-D9ABE687B360}" = CCC Help Chinese Traditional
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE6817F6-6CC1-9934-3DE4-BADA9471BCBD}" = Catalyst Control Center Graphics Previews Common
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C29DDB10-D329-163C-F381-5208FA737D9C}" = Catalyst Control Center Localization Polish
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C66ABB8B-82F6-D42D-A930-DEC5C3AAF2AF}" = CCC Help Czech
"{C864C994-2957-4FE3-A72B-36C5E507B4AA}" = FacePaint Plugin
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CED167D4-6300-EE0D-8A18-7EADAFBE3AF3}" = CCC Help Greek
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7883A10-E32D-01AC-BA5C-32AB8D949AAC}" = Catalyst Control Center Localization Czech
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB1440A2-8DE5-8ACF-4FD7-4DE42128CF5A}" = Catalyst Control Center Localization German
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE90CBC0-049D-E8E2-DD63-B4E048772F90}" = Catalyst Control Center Localization Dutch
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1346C42-2B96-B06C-5F3B-99BA1DE914A3}" = Catalyst Control Center Localization Japanese
"{E14C2F99-A741-DD7D-86BA-125232B43B0F}" = CCC Help Japanese
"{E1A63F75-1F72-4450-980D-434496FFC646}" = Corel Painter Essentials 4
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4B430AF-1029-ED12-608E-D8EF7981BADC}" = Catalyst Control Center Localization Spanish
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E5D1C4D5-1ECD-E689-FFCF-96D1FE7697FC}" = Skins
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E80B263C-7DAA-4F6B-CC38-F841BCDE9B03}" = CCC Help Danish
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EE168625-C2DA-89DE-1BC3-961A0449B322}" = Catalyst Control Center Localization Greek
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CFD809-20E4-33B6-9B17-C0907C6D3DE3}" = CCC Help Hungarian
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F3474283-A0BB-72A0-97C0-E4EB5C8C6730}" = CCC Help Norwegian
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FB397904-F751-EC9D-02F9-03EE099B4D64}" = Catalyst Control Center Localization Danish
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"AVG" = AVG 2012
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative VF0260" = Creative Live! Cam Vista IM Driver (1.11.02.00)
"Dell Photo AIO Printer 942" = Dell Photo AIO Printer 942
"DivX Setup.divx.com" = DivX Setup
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Graboid Video" = Graboid Video 3.45
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NSS" = Norton Security Scan
"OnlinePlay" = OnlinePlay 1.0
"Pen Tablet Driver" = Bamboo
"PROHYBRIDR" = 2007 Microsoft Office system
"ProInst" = Intel(R) PROSet/Wireless Software
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 2.0.21
"Sandboxie" = Sandboxie 3.74 (32-bit)
"ShopperReportsSA" = ShopperReports
"Software Informer_is1" = Software Informer 1.0 BETA
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Update Service" = Sony Ericsson Update Service
"VLC media player" = VLC media player 1.0.1
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Applications" = Rogers Yahoo! Applications
"YouTube FLV to AVI easy converter_is1" = YouTube FLV to AVI easy converter 5.9.40

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1953813223-4097476647-15117336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"blinkx beat" = blinkx beat
"Game Organizer" = GameXN GO

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 04/10/2012 10:06:04 AM | Computer Name = Christina-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 04/10/2012 10:58:56 AM | Computer Name = Christina-PC | Source = EventSystem | ID = 4621
Description =

Error - 04/10/2012 6:58:19 PM | Computer Name = Christina-PC | Source = Application Error | ID = 1000
Description = Faulting application ie3sh.exe, version 8.5.9.1, time stamp 0x4a94296d,
faulting module BHO.DLL, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception
code 0xc0000135, fault offset 0x00009f5d, process id 0x12e8, application start time
0x01cda283b5a882f4.

Error - 04/10/2012 10:12:56 PM | Computer Name = Christina-PC | Source = EventSystem | ID = 4621
Description =

Error - 05/10/2012 6:36:53 AM | Computer Name = Christina-PC | Source = Application Error | ID = 1000
Description = Faulting application ie3sh.exe, version 8.5.9.1, time stamp 0x4a94296d,
faulting module BHO.DLL, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception
code 0xc0000135, fault offset 0x00009f5d, process id 0x1370, application start time
0x01cda2e54f366d28.

Error - 05/10/2012 7:21:08 AM | Computer Name = Christina-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 05/10/2012 7:21:08 AM | Computer Name = Christina-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 06/10/2012 11:21:43 AM | Computer Name = Christina-PC | Source = Application Error | ID = 1000
Description = Faulting application ie3sh.exe, version 8.5.9.1, time stamp 0x4a94296d,
faulting module BHO.DLL, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception
code 0xc0000135, fault offset 0x00009f5d, process id 0x1300, application start time
0x01cda3d63ac182f8.

Error - 06/10/2012 2:07:00 PM | Computer Name = Christina-PC | Source = TabletServicePen | ID = 0
Description =

Error - 06/10/2012 2:07:17 PM | Computer Name = Christina-PC | Source = Application Error | ID = 1000
Description = Faulting application ie3sh.exe, version 8.5.9.1, time stamp 0x4a94296d,
faulting module BHO.DLL, version 6.0.6002.18541, time stamp 0x4ec3e3d5, exception
code 0xc0000135, fault offset 0x00009f5d, process id 0x1354, application start time
0x01cda3ed67b48f62.

[ Media Center Events ]
Error - 07/10/2009 5:26:22 PM | Computer Name = Christina-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 14/12/2010 2:08:14 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 79
seconds with 0 seconds of active time. This session ended with a crash.

Error - 31/12/2010 8:14:47 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 510
seconds with 0 seconds of active time. This session ended with a crash.

Error - 18/01/2011 3:13:40 AM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 38146
seconds with 3300 seconds of active time. This session ended with a crash.

Error - 05/03/2011 3:12:51 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 2980 seconds with 1680 seconds of active time. This session ended with a
crash.

Error - 15/03/2011 10:33:31 AM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 69135
seconds with 4800 seconds of active time. This session ended with a crash.

Error - 12/05/2011 2:00:17 AM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52784
seconds with 3900 seconds of active time. This session ended with a crash.

Error - 07/11/2011 7:26:16 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27645
seconds with 180 seconds of active time. This session ended with a crash.

Error - 04/01/2012 3:14:55 AM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6184
seconds with 120 seconds of active time. This session ended with a crash.

Error - 25/03/2012 9:52:52 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14830
seconds with 1560 seconds of active time. This session ended with a crash.

Error - 01/09/2012 9:21:52 PM | Computer Name = Christina-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5608
seconds with 900 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 05/10/2012 6:37:17 AM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 05/10/2012 6:38:27 AM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 05/10/2012 10:14:38 AM | Computer Name = Christina-PC | Source = DCOM | ID = 10010
Description =

Error - 06/10/2012 11:21:57 AM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 06/10/2012 11:21:57 AM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 06/10/2012 11:23:05 AM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 06/10/2012 2:04:12 PM | Computer Name = Christina-PC | Source = DCOM | ID = 10010
Description =

Error - 06/10/2012 2:07:43 PM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 06/10/2012 2:07:43 PM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 06/10/2012 2:08:15 PM | Computer Name = Christina-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >
calynbana
Banned Member
 
Posts: 4
Joined: October 6th, 2012, 12:10 pm

Re: missing BHO.DLL and 1e3sh.exe error

Unread postby NonSuch » October 6th, 2012, 4:05 pm

This is not the first time you have posted for help on our forum. Your topic is being closed for one (or more) of the following reasons:

  1. Repeated use of P2P software, despite warnings of their use and requests for removal.
  2. Repeated or continuing use of cracked, illegal or pirated software.
  3. Use of outdated or unpatched versions of Windows, after previously agreeing to update as a condition for receiving help on our forum.
  4. Returning for help with no anti-virus software installed, despite being advised to install.
  5. Posting for help for many different computers, repair tech.
  6. Continuing to post in multiple malware removal forums for the same computer issue.
  7. Repeatedly failing to reply to your topic within the requisite time frames.

This topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27301
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: pgmigg and 31 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware