google chrome keeps crashing, i used resmon to see what was making it crash (right click on google chrome, click analyse wait chain) and it said csrss.exe . So i opened task manager and saw it was using about 6000k memory and it had no description, and the name was just csrss.exe . I used a command promt to see how many csrss files i have and it said two, one in system32 and, one here
C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3
So i right clicked the csrss.exe in task manager and clicked open file location and it opened the folder location above. so do i have the wrong csrss.exe being used by my computer and is it a virus? or did Microsoft do a bad job of naming files, descriptions, locations etc.
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Thomas at 3:16:37.94 on Sun/02/Jan/2011
Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3071.1561 [GMT 0:00]
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\ArcSoft\TotalMedia Extreme\TMExtreme.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Winamp\Elevator.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Thomas\Desktop\antivirus\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uSearch Bar =
uStart Page = hxxp://www.enhanceviews.net/subscribers/subscribers_interface.php?button=Proceed
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=DSGJ&bmod=DSGJ
mStart Page = hxxp://www.bigseekpro.com/splitcam/{E563DC8B-C8B4-4AAA-842D-10A10E0ACF91}
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: AutorunsDisabled - No File
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [<NO NAME>]
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOST~1.LNK - C:\Program Files (x86)\WinTV\Ir.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: youtube.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: {A690E5D0-005A-45E4-AFEA-71CE94BEBF7F} = 208.67.222.222,208.67.220.220
TCP: 244584F6D65684572623D263734573 = 208.67.222.222,208.67.220.220
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
IFEO: pcha.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
mRun-x64: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81} - No File
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
IFEO-X64: pcha.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\2nevipx3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.enhanceviews.net/subscribers/subscribers_interface.php?button=Proceed
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\2nevipx3.default\extensions\allglassv2@ambroos.neowin.net\components\dwmxpcom.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Opera 10.60 Beta\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Thomas\AppData\Local\Flock\Update\1.2.213.0\npFlockOneClick8.dll
FF - plugin: C:\Users\Thomas\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Turn Off the Lights: stefanvandamme@stefanvd.net - %profile%\extensions\stefanvandamme@stefanvd.net
FF - Ext: Facebook PhotoZoom: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} - %profile%\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: All-Glass Firefox mod, based on Glasser: allglassv2@ambroos.neowin.net - %profile%\extensions\allglassv2@ambroos.neowin.net
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: browser.blink_allowed - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_open_feature.scrollbars - true
FF - user.js: dom.disable_window_open_feature.minimizable - true
FF - user.js: dom.disable_window_open_feature.menubar - true
FF - user.js: browser.tabs.tabMinWidth - 125
FF - user.js: browser.tabs.closeButtons - 1
============= SERVICES / DRIVERS ===============
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-5-5 55856]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 173984]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 cpuz133;cpuz133;C:\Windows\System32\drivers\cpuz133_x64.sys [2010-4-14 20968]
R2 KMService;KMService;C:\Windows\system32\srvany.exe --> C:\Windows\system32\srvany.exe [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-8-20 31088]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;C:\Windows\System32\drivers\hcwhdpvr.sys [2010-12-25 189952]
R3 jumi;%Jumi%;C:\Windows\System32\drivers\jumi.sys [2010-6-3 15160]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-10-23 155752]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]
R3 PCWinSoft;ScreenCamera HR;C:\Windows\System32\drivers\scrcamhrdrv_x64.sys [2010-12-16 243216]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-11 333928]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-7-11 38456]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-10 133104]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 51445112]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2009-8-27 438784]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-7-8 694888]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-26 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
=============== File Associations ===============
.txt=
=============== Created Last 30 ================
2011-01-01 20:24:30 -------- d-----w- C:\Windows\en
2011-01-01 20:13:37 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2011-01-01 20:13:37 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2011-01-01 20:13:36 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2011-01-01 20:13:35 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
2011-01-01 20:13:08 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4e6b54341cba9f003\MeshBetaRemover.exe
2011-01-01 14:26:26 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{8A4EC165-6820-4C64-B898-D88D26856A65}\mpengine.dll
2011-01-01 02:49:41 -------- d-----w- C:\Program Files (x86)\AutocompletePro
2011-01-01 02:49:18 -------- d-----w- C:\Program Files (x86)\SplitCam
2011-01-01 02:46:33 389120 ----a-w- C:\Windows\SysWow64\actskn43.ocx
2011-01-01 02:46:33 389120 ----a-w- C:\Windows\System32\actskn43.ocx
2011-01-01 01:07:18 -------- d-----w- C:\PROGRA~3\Insight Software Solutions
2011-01-01 01:07:08 -------- d-----w- C:\Program Files (x86)\Common Files\Insight Software Solutions
2011-01-01 01:06:59 -------- d-----w- C:\Program Files (x86)\ShortKeys 3
2010-12-29 13:44:44 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Dropbox
2010-12-26 07:02:07 -------- d-----w- C:\Users\Thomas\AppData\Local\IRGeek
2010-12-26 05:08:41 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2010-12-26 03:37:42 -------- d-----w- C:\Program Files (x86)\EnhanceViews Auto-Watcher
2010-12-25 12:37:51 -------- d-----w- C:\Program Files (x86)\Emicsoft Studio
2010-12-25 12:28:42 -------- d-----w- C:\Program Files (x86)\VideoReDoTVSuite4
2010-12-25 10:35:17 -------- d-----w- C:\Users\Thomas\AppData\Local\ArcSoft
2010-12-25 10:30:18 36921 ------w- C:\Windows\SysWow64\hcwutl32_priv.dll
2010-12-25 10:29:43 -------- d-----w- C:\Users\Thomas\AppData\Local\Programs
2010-12-25 10:29:09 161792 ----a-w- C:\Windows\SysWow64\drivers\ArcHlp.sys
2010-12-25 10:28:46 22784 ----a-w- C:\Windows\SysWow64\drivers\afc.sys
2010-12-25 10:28:12 -------- d--h--w- C:\PROGRA~3\ArcSoft
2010-12-25 10:28:10 61440 ----a-w- C:\Windows\SysWow64\MMCEDT.exe
2010-12-25 10:26:05 245408 ----a-w- C:\Windows\SysWow64\unicows.dll
2010-12-25 10:26:03 400128 ----a-w- C:\Windows\SysWow64\MSLUP60.dll
2010-12-25 10:26:03 256768 ----a-w- C:\Windows\SysWow64\MSLURT.dll
2010-12-25 10:24:46 299008 ----a-w- C:\Windows\SysWow64\hcwzblast.dll
2010-12-25 10:24:45 94280 ----a-w- C:\Windows\SysWow64\hcwblast.ocx
2010-12-25 10:24:45 69699 ----a-w- C:\Windows\SysWow64\hcwIRblast.dll
2010-12-25 10:22:49 164112 ----a-w- C:\Windows\SysWow64\temp.00D
2010-12-25 10:22:48 598288 ----a-w- C:\Windows\SysWow64\temp.00C
2010-12-25 10:14:34 -------- d-----w- C:\Program Files (x86)\Hauppauge
2010-12-25 10:14:31 189952 ----a-w- C:\Windows\System32\drivers\hcwhdpvr.sys
2010-12-24 22:21:00 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Sony Creative Software
2010-12-24 22:12:42 -------- d-----w- C:\Program Files\Sony
2010-12-24 20:13:36 -------- d-----w- C:\Users\Thomas\AppData\Local\WinZip
2010-12-24 19:24:54 -------- d-----w- C:\Users\Thomas\AppData\Roaming\IrfanView
2010-12-24 04:30:57 -------- d-----w- C:\Users\Thomas\AppData\Local\Stardock_Corporation
2010-12-24 04:29:28 -------- dc-h--w- C:\Users\Thomas\AppData\Local\~0
2010-12-24 04:28:51 -------- d-----w- C:\Users\Thomas\AppData\Local\PackageAware
2010-12-23 02:50:33 2594584 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-23 00:45:43 -------- d-----w- C:\Program Files\ATI Technologies
2010-12-22 01:46:54 3 ----a-w- C:\Windows\treeskp.sys
2010-12-22 01:46:54 3 ----a-w- C:\Windows\sbacknt.bin
2010-12-22 01:46:49 -------- d-----w- C:\Users\Thomas\AppData\Roaming\vghd
2010-12-21 20:30:32 709456 ----a-w- C:\Windows\isRS-000.tmp
2010-12-21 20:22:47 -------- d-----w- C:\_OTM
2010-12-19 18:30:48 -------- d-----w- C:\Program Files (x86)\AudioRetoucher
2010-12-19 04:50:56 -------- d-----w- C:\Users\Thomas\AppData\Roaming\ImTOO Software Studio
2010-12-19 04:49:34 -------- d-----w- C:\Program Files (x86)\ImTOO
2010-12-19 04:45:36 -------- d-----w- C:\PROGRA~3\boost_interprocess
2010-12-19 04:06:51 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2010-12-19 03:49:03 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2010-12-19 03:48:05 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Local
2010-12-19 02:38:57 -------- d-----w- C:\Program Files (x86)\DiskInternals
2010-12-19 00:03:29 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
2010-12-18 22:41:25 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2010-12-18 12:31:34 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2010-12-18 12:31:28 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2010-12-18 12:31:28 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2010-12-18 12:31:28 25920 ----a-w- C:\Windows\System32\authuitu.dll
2010-12-18 12:31:27 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2010-12-18 11:48:41 -------- d-----w- C:\Users\Thomas\AppData\Roaming\SUPERAntiSpyware.com
2010-12-18 11:48:41 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2010-12-18 11:48:35 -------- d-----w- C:\PROGRA~3\!SASCORE
2010-12-18 11:48:29 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2010-12-16 21:00:34 -------- d-----w- C:\Users\Thomas\AppData\Local\assembly
2010-12-16 19:50:21 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2010-12-16 17:26:25 28672 ----a-w- C:\Windows\SysWow64\PCWinSoftPBar.ocx
2010-12-16 17:26:24 53248 ----a-w- C:\Windows\SysWow64\BSwitch.ax
2010-12-16 17:26:24 221184 ----a-w- C:\Windows\SysWow64\prScrCamFXControls.ocx
2010-12-16 17:07:25 243216 ----a-w- C:\Windows\System32\drivers\scrcamhrdrv_x64.sys
2010-12-16 17:06:53 -------- d-----w- C:\Program Files (x86)\ScreenCamera
2010-12-15 13:53:58 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 13:53:58 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-15 13:53:57 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 13:53:55 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-15 13:51:50 -------- d-sh--w- C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-12-15 10:05:37 -------- d-----w- C:\Program Files\MAXON
2010-12-14 23:11:27 -------- d-----w- C:\Users\Thomas\AppData\Roaming\TeraCopy
2010-12-14 23:11:12 -------- d-----w- C:\Program Files\TeraCopy
2010-12-14 15:59:06 -------- d-----w- C:\Program Files (x86)\iCare Data Recovery
2010-12-13 21:54:38 -------- d-----w- C:\Program Files (x86)\ConduitEngine
2010-12-13 21:54:34 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2010-12-13 21:52:22 -------- d-----w- C:\Program Files (x86)\uTorrent
2010-12-13 21:52:02 -------- d-----w- C:\Users\Thomas\AppData\Roaming\uTorrent
2010-12-13 17:19:09 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2010-12-12 23:18:13 -------- d-----w- C:\Users\Thomas\AppData\Local\DVDVideoSoft_Ltd
2010-12-11 17:39:48 -------- d-----w- C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers
2010-12-11 17:38:07 -------- d-----w- C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2010-12-11 17:37:52 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2010-12-09 19:16:52 156672 ----a-w- C:\Windows\SysWow64\rmc_fixasf.exe
2010-12-09 19:16:51 237568 ----a-w- C:\Windows\SysWow64\rmc_rtspdl.dll
2010-12-09 19:14:17 323584 ----a-w- C:\Windows\SysWow64\AUDIOGENIE2.DLL
2010-12-09 18:41:34 -------- d-----w- C:\Windows\Replay Media Catcher
2010-12-09 18:41:34 -------- d-----w- C:\Program Files (x86)\Replay Media Catcher
2010-12-09 18:30:36 -------- d-----w- C:\Program Files (x86)\DownloadToolz
2010-12-09 16:47:29 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Sincell
2010-12-09 16:47:11 -------- d-----w- C:\PROGRA~3\Sincell
2010-12-09 16:46:36 -------- d-----w- C:\Program Files (x86)\Sincell
2010-12-07 00:53:14 -------- d-----w- C:\Users\Thomas\AppData\Roaming\FastStone
2010-12-07 00:51:22 -------- d-----w- C:\Program Files (x86)\FastStone Capture
2010-12-05 00:54:52 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-05 00:54:48 710976 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
==================== Find3M ====================
2010-12-20 18:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-02 08:25:22 86016 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2010-12-02 08:25:20 84992 ----a-w- C:\Windows\System32\frapsv64.dll
2010-11-29 17:38:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-11-29 17:38:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-11-12 18:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-12 00:44:54 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2010-11-10 02:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-11-10 02:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-11-09 03:55:57 1502208 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-11-09 03:52:06 2381824 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-08 22:57:04 353592 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-03 23:48:31 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
2010-11-03 23:48:31 151552 ----a-w- C:\Windows\KMService.exe
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-11-01 23:03:02 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-11-01 22:59:07 2381824 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-16 13:13:46 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
2010-10-16 13:13:26 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
2010-10-16 13:13:26 116328 ----a-w- C:\Windows\System32\nvmctray.dll
2010-10-16 13:13:24 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
2010-10-16 13:13:24 1881704 ----a-w- C:\Windows\System32\nvsvcr.dll
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-10-14 01:36:52 15451288 ----a-w- C:\Windows\SysWow64\xlive.dll
2010-10-14 01:36:50 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
============= FINISH: 3:17:40.69 ===============
Are those smilies meant to be their? i didnt add random smilies but if you hover over them you can see the original numbers. sorry if that makes it difficult but i have no idea why it put smilies in the chunk of text :4-dontkno
C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3
So i right clicked the csrss.exe in task manager and clicked open file location and it opened the folder location above. so do i have the wrong csrss.exe being used by my computer and is it a virus? or did Microsoft do a bad job of naming files, descriptions, locations etc.
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Thomas at 3:16:37.94 on Sun/02/Jan/2011
Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.3071.1561 [GMT 0:00]
AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\ArcSoft\TotalMedia Extreme\TMExtreme.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Winamp\Elevator.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Thomas\Desktop\antivirus\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Page =
uSearch Bar =
uStart Page = hxxp://www.enhanceviews.net/subscribers/subscribers_interface.php?button=Proceed
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=DSGJ&bmod=DSGJ
mStart Page = hxxp://www.bigseekpro.com/splitcam/{E563DC8B-C8B4-4AAA-842D-10A10E0ACF91}
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: AutorunsDisabled - No File
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [<NO NAME>]
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
mRun: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTOST~1.LNK - C:\Program Files (x86)\WinTV\Ir.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &D&ownload &with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: Free YouTube Download - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: youtube.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: {A690E5D0-005A-45E4-AFEA-71CE94BEBF7F} = 208.67.222.222,208.67.220.220
TCP: 244584F6D65684572623D263734573 = 208.67.222.222,208.67.220.220
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
IFEO: pcha.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
mRun-x64: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81} - No File
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
IFEO-X64: pcha.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
================= FIREFOX ===================
FF - ProfilePath - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\2nevipx3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.enhanceviews.net/subscribers/subscribers_interface.php?button=Proceed
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\2nevipx3.default\extensions\allglassv2@ambroos.neowin.net\components\dwmxpcom.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Opera 10.60 Beta\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Thomas\AppData\Local\Flock\Update\1.2.213.0\npFlockOneClick8.dll
FF - plugin: C:\Users\Thomas\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Turn Off the Lights: stefanvandamme@stefanvd.net - %profile%\extensions\stefanvandamme@stefanvd.net
FF - Ext: Facebook PhotoZoom: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b} - %profile%\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
FF - Ext: ImTranslator: {9AA46F4F-4DC7-4c06-97AF-5035170634FE} - %profile%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - %profile%\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Ext: All-Glass Firefox mod, based on Glasser: allglassv2@ambroos.neowin.net - %profile%\extensions\allglassv2@ambroos.neowin.net
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.homepage.dontask - true
FF - user.js: browser.blink_allowed - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: dom.disable_window_open_feature.scrollbars - true
FF - user.js: dom.disable_window_open_feature.minimizable - true
FF - user.js: dom.disable_window_open_feature.menubar - true
FF - user.js: browser.tabs.tabMinWidth - 125
FF - user.js: browser.tabs.closeButtons - 1
============= SERVICES / DRIVERS ===============
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-5-5 55856]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 173984]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 cpuz133;cpuz133;C:\Windows\System32\drivers\cpuz133_x64.sys [2010-4-14 20968]
R2 KMService;KMService;C:\Windows\system32\srvany.exe --> C:\Windows\system32\srvany.exe [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-12-14 2019648]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-8-20 31088]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;C:\Windows\System32\drivers\hcwhdpvr.sys [2010-12-25 189952]
R3 jumi;%Jumi%;C:\Windows\System32\drivers\jumi.sys [2010-6-3 15160]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-10-23 155752]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\System32\drivers\nvoclk64.sys [2009-9-15 42088]
R3 PCWinSoft;ScreenCamera HR;C:\Windows\System32\drivers\scrcamhrdrv_x64.sys [2010-12-16 243216]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-11 333928]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-11-29 11856]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-7-11 38456]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-10 133104]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 51445112]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2009-8-27 438784]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-7-8 694888]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-26 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
=============== File Associations ===============
.txt=
=============== Created Last 30 ================
2011-01-01 20:24:30 -------- d-----w- C:\Windows\en
2011-01-01 20:13:37 1164800 ----a-w- C:\Windows\SysWow64\UIRibbonRes.dll
2011-01-01 20:13:37 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll
2011-01-01 20:13:36 2983424 ----a-w- C:\Windows\SysWow64\UIRibbon.dll
2011-01-01 20:13:35 3860992 ----a-w- C:\Windows\System32\UIRibbon.dll
2011-01-01 20:13:08 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4e6b54341cba9f003\MeshBetaRemover.exe
2011-01-01 14:26:26 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{8A4EC165-6820-4C64-B898-D88D26856A65}\mpengine.dll
2011-01-01 02:49:41 -------- d-----w- C:\Program Files (x86)\AutocompletePro
2011-01-01 02:49:18 -------- d-----w- C:\Program Files (x86)\SplitCam
2011-01-01 02:46:33 389120 ----a-w- C:\Windows\SysWow64\actskn43.ocx
2011-01-01 02:46:33 389120 ----a-w- C:\Windows\System32\actskn43.ocx
2011-01-01 01:07:18 -------- d-----w- C:\PROGRA~3\Insight Software Solutions
2011-01-01 01:07:08 -------- d-----w- C:\Program Files (x86)\Common Files\Insight Software Solutions
2011-01-01 01:06:59 -------- d-----w- C:\Program Files (x86)\ShortKeys 3
2010-12-29 13:44:44 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Dropbox
2010-12-26 07:02:07 -------- d-----w- C:\Users\Thomas\AppData\Local\IRGeek
2010-12-26 05:08:41 -------- d-----w- C:\Program Files (x86)\Security Task Manager
2010-12-26 03:37:42 -------- d-----w- C:\Program Files (x86)\EnhanceViews Auto-Watcher
2010-12-25 12:37:51 -------- d-----w- C:\Program Files (x86)\Emicsoft Studio
2010-12-25 12:28:42 -------- d-----w- C:\Program Files (x86)\VideoReDoTVSuite4
2010-12-25 10:35:17 -------- d-----w- C:\Users\Thomas\AppData\Local\ArcSoft
2010-12-25 10:30:18 36921 ------w- C:\Windows\SysWow64\hcwutl32_priv.dll
2010-12-25 10:29:43 -------- d-----w- C:\Users\Thomas\AppData\Local\Programs
2010-12-25 10:29:09 161792 ----a-w- C:\Windows\SysWow64\drivers\ArcHlp.sys
2010-12-25 10:28:46 22784 ----a-w- C:\Windows\SysWow64\drivers\afc.sys
2010-12-25 10:28:12 -------- d--h--w- C:\PROGRA~3\ArcSoft
2010-12-25 10:28:10 61440 ----a-w- C:\Windows\SysWow64\MMCEDT.exe
2010-12-25 10:26:05 245408 ----a-w- C:\Windows\SysWow64\unicows.dll
2010-12-25 10:26:03 400128 ----a-w- C:\Windows\SysWow64\MSLUP60.dll
2010-12-25 10:26:03 256768 ----a-w- C:\Windows\SysWow64\MSLURT.dll
2010-12-25 10:24:46 299008 ----a-w- C:\Windows\SysWow64\hcwzblast.dll
2010-12-25 10:24:45 94280 ----a-w- C:\Windows\SysWow64\hcwblast.ocx
2010-12-25 10:24:45 69699 ----a-w- C:\Windows\SysWow64\hcwIRblast.dll
2010-12-25 10:22:49 164112 ----a-w- C:\Windows\SysWow64\temp.00D
2010-12-25 10:22:48 598288 ----a-w- C:\Windows\SysWow64\temp.00C
2010-12-25 10:14:34 -------- d-----w- C:\Program Files (x86)\Hauppauge
2010-12-25 10:14:31 189952 ----a-w- C:\Windows\System32\drivers\hcwhdpvr.sys
2010-12-24 22:21:00 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Sony Creative Software
2010-12-24 22:12:42 -------- d-----w- C:\Program Files\Sony
2010-12-24 20:13:36 -------- d-----w- C:\Users\Thomas\AppData\Local\WinZip
2010-12-24 19:24:54 -------- d-----w- C:\Users\Thomas\AppData\Roaming\IrfanView
2010-12-24 04:30:57 -------- d-----w- C:\Users\Thomas\AppData\Local\Stardock_Corporation
2010-12-24 04:29:28 -------- dc-h--w- C:\Users\Thomas\AppData\Local\~0
2010-12-24 04:28:51 -------- d-----w- C:\Users\Thomas\AppData\Local\PackageAware
2010-12-23 02:50:33 2594584 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-12-23 00:45:43 -------- d-----w- C:\Program Files\ATI Technologies
2010-12-22 01:46:54 3 ----a-w- C:\Windows\treeskp.sys
2010-12-22 01:46:54 3 ----a-w- C:\Windows\sbacknt.bin
2010-12-22 01:46:49 -------- d-----w- C:\Users\Thomas\AppData\Roaming\vghd
2010-12-21 20:30:32 709456 ----a-w- C:\Windows\isRS-000.tmp
2010-12-21 20:22:47 -------- d-----w- C:\_OTM
2010-12-19 18:30:48 -------- d-----w- C:\Program Files (x86)\AudioRetoucher
2010-12-19 04:50:56 -------- d-----w- C:\Users\Thomas\AppData\Roaming\ImTOO Software Studio
2010-12-19 04:49:34 -------- d-----w- C:\Program Files (x86)\ImTOO
2010-12-19 04:45:36 -------- d-----w- C:\PROGRA~3\boost_interprocess
2010-12-19 04:06:51 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2010-12-19 03:49:03 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2010-12-19 03:48:05 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Local
2010-12-19 02:38:57 -------- d-----w- C:\Program Files (x86)\DiskInternals
2010-12-19 00:03:29 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
2010-12-18 22:41:25 -------- d-----w- C:\Program Files (x86)\FileHippo.com
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2010-12-18 19:47:45 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2010-12-18 12:31:34 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2010-12-18 12:31:28 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2010-12-18 12:31:28 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2010-12-18 12:31:28 25920 ----a-w- C:\Windows\System32\authuitu.dll
2010-12-18 12:31:27 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2010-12-18 11:48:41 -------- d-----w- C:\Users\Thomas\AppData\Roaming\SUPERAntiSpyware.com
2010-12-18 11:48:41 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2010-12-18 11:48:35 -------- d-----w- C:\PROGRA~3\!SASCORE
2010-12-18 11:48:29 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2010-12-16 21:00:34 -------- d-----w- C:\Users\Thomas\AppData\Local\assembly
2010-12-16 19:50:21 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2010-12-16 17:26:25 28672 ----a-w- C:\Windows\SysWow64\PCWinSoftPBar.ocx
2010-12-16 17:26:24 53248 ----a-w- C:\Windows\SysWow64\BSwitch.ax
2010-12-16 17:26:24 221184 ----a-w- C:\Windows\SysWow64\prScrCamFXControls.ocx
2010-12-16 17:07:25 243216 ----a-w- C:\Windows\System32\drivers\scrcamhrdrv_x64.sys
2010-12-16 17:06:53 -------- d-----w- C:\Program Files (x86)\ScreenCamera
2010-12-15 13:53:58 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2010-12-15 13:53:58 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2010-12-15 13:53:57 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2010-12-15 13:53:55 112000 ----a-w- C:\Windows\System32\consent.exe
2010-12-15 13:51:50 -------- d-sh--w- C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-12-15 10:05:37 -------- d-----w- C:\Program Files\MAXON
2010-12-14 23:11:27 -------- d-----w- C:\Users\Thomas\AppData\Roaming\TeraCopy
2010-12-14 23:11:12 -------- d-----w- C:\Program Files\TeraCopy
2010-12-14 15:59:06 -------- d-----w- C:\Program Files (x86)\iCare Data Recovery
2010-12-13 21:54:38 -------- d-----w- C:\Program Files (x86)\ConduitEngine
2010-12-13 21:54:34 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2010-12-13 21:52:22 -------- d-----w- C:\Program Files (x86)\uTorrent
2010-12-13 21:52:02 -------- d-----w- C:\Users\Thomas\AppData\Roaming\uTorrent
2010-12-13 17:19:09 -------- d-----w- C:\Program Files (x86)\Glary Utilities
2010-12-12 23:18:13 -------- d-----w- C:\Users\Thomas\AppData\Local\DVDVideoSoft_Ltd
2010-12-11 17:39:48 -------- d-----w- C:\Users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers
2010-12-11 17:38:07 -------- d-----w- C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2010-12-11 17:37:52 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
2010-12-09 19:16:52 156672 ----a-w- C:\Windows\SysWow64\rmc_fixasf.exe
2010-12-09 19:16:51 237568 ----a-w- C:\Windows\SysWow64\rmc_rtspdl.dll
2010-12-09 19:14:17 323584 ----a-w- C:\Windows\SysWow64\AUDIOGENIE2.DLL
2010-12-09 18:41:34 -------- d-----w- C:\Windows\Replay Media Catcher
2010-12-09 18:41:34 -------- d-----w- C:\Program Files (x86)\Replay Media Catcher
2010-12-09 18:30:36 -------- d-----w- C:\Program Files (x86)\DownloadToolz
2010-12-09 16:47:29 -------- d-----w- C:\Users\Thomas\AppData\Roaming\Sincell
2010-12-09 16:47:11 -------- d-----w- C:\PROGRA~3\Sincell
2010-12-09 16:46:36 -------- d-----w- C:\Program Files (x86)\Sincell
2010-12-07 00:53:14 -------- d-----w- C:\Users\Thomas\AppData\Roaming\FastStone
2010-12-07 00:51:22 -------- d-----w- C:\Program Files (x86)\FastStone Capture
2010-12-05 00:54:52 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-12-05 00:54:48 710976 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
==================== Find3M ====================
2010-12-20 18:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-12-02 08:25:22 86016 ----a-w- C:\Windows\SysWow64\frapsvid.dll
2010-12-02 08:25:20 84992 ----a-w- C:\Windows\System32\frapsv64.dll
2010-11-29 17:38:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-11-29 17:38:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-11-12 18:53:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-11-12 00:44:54 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll
2010-11-10 02:54:18 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-11-10 02:28:46 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-11-09 03:55:57 1502208 ----a-w- C:\Windows\System32\inetcpl.cpl
2010-11-09 03:52:06 2381824 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-08 22:57:04 353592 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2010-11-03 23:48:31 8192 ----a-w- C:\Windows\SysWow64\srvany.exe
2010-11-03 23:48:31 151552 ----a-w- C:\Windows\KMService.exe
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-11-01 23:03:02 1448448 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2010-11-01 22:59:07 2381824 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-16 13:13:46 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
2010-10-16 13:13:26 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
2010-10-16 13:13:26 116328 ----a-w- C:\Windows\System32\nvmctray.dll
2010-10-16 13:13:24 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
2010-10-16 13:13:24 1881704 ----a-w- C:\Windows\System32\nvsvcr.dll
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-10-14 01:36:52 15451288 ----a-w- C:\Windows\SysWow64\xlive.dll
2010-10-14 01:36:50 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
============= FINISH: 3:17:40.69 ===============
Are those smilies meant to be their? i didnt add random smilies but if you hover over them you can see the original numbers. sorry if that makes it difficult but i have no idea why it put smilies in the chunk of text :4-dontkno