PDA

View Full Version : I Call



Jack421
2011-03-21, 02:49
I am having a problem with I call accessing the internet through my firewall! I also have a problem with the local access numbers friends who call them say the line is always busy! I tried emailing them with no success!

Found this while running Gmer!

---- Processes - GMER 1.0.15 ----

Process bash.exe (*** hidden *** )
Operating System is Windows Vista Service Pack 2 64x Avast, Spyware Blaster & Online Armour running! Other information can be seen provided in Three log files provided below!

Online Armour Firewall rules for I call are as follows.

port 9000 TCP Inbound

Port 80,443,49191,49292,51693 TCP Outbound

Port 9000-9001 UDP Inbound

Port 3478,49158,52331,533345,65127 UDP OutBound

Here is a forum I have more Log Files that may help solve problem!

http://www.vistax64.com/software/288689-i-call.html :mad:


DDS (Ver_10-12-12.02) - NTFSx86
Run by Megatron at 10:53:00.48 on Fri 03/18/2011
Internet Explorer: 9.0.8080.16413 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.958.242 [GMT -7:00]

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Online Armor Firewall *Enabled* {5841EF60-F43F-AE8D-642F-D79F12883626}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Prey\platform\windows\cronsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Online Armor\oaui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\AIMP2\AIMP2.exe
C:\Users\Megatron\Downloads\Misc\Report Instruments\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Foxit PDF Creator Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube Download - c:\users\megatron\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\megatron\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
LSP: c:\program files\trafficcompressor\TCompLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: {88671F84-611F-4E3A-A09C-6719F683C026} = 156.154.70.22,156.154.71.22
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~1\google\google~1\GoogleDesktopNetwork3.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\online~2\oaevent.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

================= FIREFOX ===================

FF - ProfilePath - c:\users\megatron\appdata\roaming\mozilla\firefox\profiles\klazitxq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Conduit Engine Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://mp3rocketsearch.com/?prt=mp3rockettb02ff&Keywords=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\megatron\appdata\roaming\mozilla\firefox\profiles\klazitxq.default\extensions\afom@idevfh\components\npAFOM.dll
FF - component: c:\users\megatron\appdata\roaming\mozilla\firefox\profiles\klazitxq.default\extensions\optout@dubfire.net\lib\winnt\ff3\AbineComponent.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\megatron\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\users\megatron\appdata\roaming\mozilla\firefox\profiles\klazitxq.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: TrafficCompressor Compressed Images: http://forums.spybot.info/misc.php?do=email_dev&email=dHJhZmZpY2NvbXByZXNzb3JAdGNvbXByZXNzb3IuY29t - c:\program files\trafficcompressor\Firefox
FF - Ext: avast! WebRep: http://forums.spybot.info/misc.php?do=email_dev&email=d3JjQGF2YXN0LmNvbQ== - c:\program files\alwil software\avast5\webrep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Fasterfox: {c36177c0-224a-11da-8cd6-0800200c9a91} - %profile%\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}
FF - Ext: Tweak Network: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA} - %profile%\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
FF - Ext: Vacuum Places Improved: http://forums.spybot.info/misc.php?do=email_dev&email=VmFjdXVtUGxhY2VzSW1wcm92ZWRAbHVsdGltb3VvbW8tZ21haWwuY29t - %profile%\extensions\VacuumPlacesImproved@lultimouomo-gmail.com
FF - Ext: Update Notifier: {95f24680-9e31-11da-a746-0800200c9a66} - %profile%\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
FF - Ext: TACO with Abine: http://forums.spybot.info/misc.php?do=email_dev&email=b3B0b3V0QGR1YmZpcmUubmV0 - %profile%\extensions\optout@dubfire.net
FF - Ext: FastestFox: http://forums.spybot.info/misc.php?do=email_dev&email=c21hcnRlcndpa2lAd2lraWF0aWMuY29t - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: fasTun Tool: http://forums.spybot.info/misc.php?do=email_dev&email=dG9vbEBmYXN0dW4uY29t - %profile%\extensions\tool@fastun.com
FF - Ext: AFOM Addon: afom@idevfh - %profile%\extensions\afom@idevfh
FF - Ext: Dust-Me Selectors: {3c6e1eed-a07e-4c80-9cf3-66ea0bf40b37} - %profile%\extensions\{3c6e1eed-a07e-4c80-9cf3-66ea0bf40b37}
FF - Ext: BetterCache: {f8454bbe-519f-4004-85c1-12d1b31988fc} - %profile%\extensions\{f8454bbe-519f-4004-85c1-12d1b31988fc}
FF - Ext: PlacesCleaner: http://forums.spybot.info/misc.php?do=email_dev&email=UGxhY2VzQ2xlYW5lckBzdG8udHc= - %profile%\extensions\PlacesCleaner@sto.tw
FF - Ext: SpellBound: http://forums.spybot.info/misc.php?do=email_dev&email=c3BlbGxib3VuZEBzb3VyY2Vmb3JnZS5uZXQ= - %profile%\extensions\spellbound@sourceforge.net
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
FF - Ext: User Agent Switcher: {e968fc70-8f95-4ab9-9e79-304de2a71ee1} - %profile%\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
FF - Ext: YouTube to MP3: http://forums.spybot.info/misc.php?do=email_dev&email=eW91dHViZTJtcDNAbW9uZGF5eC5kZQ== - %profile%\extensions\youtube2mp3@mondayx.de
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - %profile%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: keyword.enabled - 1
FF - user.js: keyword.URL - hxxp://mp3rocketsearch.com/?prt=mp3rockettb02ff&Keywords=
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-7 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-13 301528]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2011-1-20 202064]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2011-1-20 38856]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2011-1-20 25000]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2011-2-10 2855440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-12-13 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-12-13 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-13 42184]
R2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe [2010-12-20 19968]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 OAcat;Online Armor Helper Service;c:\program files\online armor\oacat.exe [2011-1-20 380784]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\oasrv.exe [2011-1-20 3652696]
R3 OAnet;OnlineArmor Service;c:\windows\system32\drivers\OAnet.sys [2011-1-20 29120]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-1-12 125672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2011-2-10 73728]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-12-17 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-12-23 30192]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2011c\RpcAgentSrv.exe [2011-1-21 93848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 Mp3Rocket Toolbar Helper;Mp3Rocket Toolbar Helper;c:\program files\mp3 rocket toolbar\mp3rocketsvc.exe --> c:\program files\mp3 rocket toolbar\MP3RocketSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

=============== File Associations ===============

.txt=GetDiz.Document

=============== Created Last 30 ================

2011-03-16 20:38:28 -------- d-----w- c:\users\megatron\appdata\roaming\IcoFX
2011-03-10 03:36:49 -------- d-----w- c:\users\megatron\appdata\roaming\Foxit Software
2011-03-09 04:52:10 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 04:52:09 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 04:52:09 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 04:52:09 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 04:50:20 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 04:50:18 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 01:08:39 -------- d-----w- c:\program files\Feedback Tool
2011-03-08 01:06:59 -------- d-----w- c:\users\megatron\appdata\local\OpenCandy
2011-03-08 01:06:46 -------- d-----w- c:\users\megatron\appdata\roaming\OpenCandy
2011-03-08 00:58:49 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-26 02:35:54 -------- d-----w- c:\users\megatron\appdata\roaming\iWin
2011-02-20 22:41:34 -------- d-----w- c:\users\megatron\appdata\roaming\FrostWire
2011-02-20 07:22:04 -------- d-----w- c:\program files\Event Log Explorer
2011-02-18 00:44:12 -------- d-----w- c:\program files\TrafficCompressor
2011-02-18 00:41:46 -------- d-----w- c:\program files\Conduit
2011-02-18 00:41:35 -------- d-----w- c:\program files\ConduitEngine
2011-02-18 00:41:19 -------- d-----w- c:\program files\uTorrentBar

==================== Find3M ====================

2011-03-18 17:38:20 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat
2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr
2011-02-18 00:38:57 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-11 04:12:37 762 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-01-24 03:01:19 0 ----a-w- c:\progra~2\xml5EA7.tmp
2011-01-24 03:01:19 0 ----a-w- c:\progra~2\xml5EA6.tmp
2011-01-24 03:01:19 0 ----a-w- c:\progra~2\xml5E67.tmp
2011-01-24 03:01:17 0 ----a-w- c:\progra~2\xml59E3.tmp
2011-01-24 02:06:01 0 ----a-w- c:\progra~2\xmlBE14.tmp
2011-01-24 02:06:01 0 ----a-w- c:\progra~2\xmlBDF4.tmp
2011-01-24 02:06:01 0 ----a-w- c:\progra~2\xmlBDF3.tmp
2011-01-24 02:06:00 0 ----a-w- c:\progra~2\xmlB9AE.tmp
2011-01-23 23:10:28 0 ----a-w- c:\progra~2\xml4A6C.tmp
2011-01-23 23:10:28 0 ----a-w- c:\progra~2\xml4A6B.tmp
2011-01-23 23:10:28 0 ----a-w- c:\progra~2\xml4A4A.tmp
2011-01-23 23:10:26 0 ----a-w- c:\progra~2\xml41C1.tmp
2011-01-23 15:42:05 0 ----a-w- c:\progra~2\xml9465.tmp
2011-01-23 15:42:05 0 ----a-w- c:\progra~2\xml9464.tmp
2011-01-23 15:42:05 0 ----a-w- c:\progra~2\xml9444.tmp
2011-01-23 15:42:04 0 ----a-w- c:\progra~2\xml91B3.tmp
2011-01-23 03:35:03 0 ----a-w- c:\progra~2\xml4D6.tmp
2011-01-23 03:35:03 0 ----a-w- c:\progra~2\xml4C5.tmp
2011-01-23 03:35:03 0 ----a-w- c:\progra~2\xml496.tmp
2011-01-23 03:34:54 0 ----a-w- c:\progra~2\xmlE458.tmp
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-15 09:54:02 249856 ----a-w- c:\windows\Setup1.exe
2011-01-15 09:54:00 73216 ----a-w- c:\windows\ST6UNST.EXE
2011-01-08 08:47:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28:49 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55:03 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-22 21:41:00 6814952 ----a-w- c:\windows\system32\SpoonUninstall.exe

============= FINISH: 10:56:56.32 ===============