Solved Had the Rootkit 0access virus, but now I get this

B

bud11dy

Posts: 33   +0
[FONT=Arial]Error code 0x80070424[/FONT]

[FONT=Arial]I used a program called Unhackme and Regrun warrior to remove it. I was happy it was gone, but then a few days later I went to steam something from my computer to my apple tv and it would not communicate with my computer. So I went up and was going to just share a file with my wife’s laptop and noticed that it would not let me share anything. After awhile I was checking other things my computer and I noticed that the firewall was turned off, defender is also turned off, updates not starting and action center not working at all with the security center turned off. I tried to start all the functions and encountered the above mentioned error code.[/FONT]

[FONT=Arial]I have started with the 5 steps[/FONT]

[FONT=Arial][FONT=Times New Roman] [/FONT][/FONT]

[FONT=Arial]Step 1: Antivirus scanning[/FONT][FONT=Arial]
I have Microsoft security essentials; I was just able to download the new definitions by going to the website and downloading it separately because I could not get it to update. But it is updated now.[/FONT]

[FONT=Arial]Step 2: Malwarebytes Anti-Malware[/FONT]
[FONT=Arial]I already[/FONT][FONT=Arial]had this on my computer and it was able to update with no problem. [/FONT]

[FONT=Arial]Step 3: GMER[/FONT]

[FONT=Arial]I ran this program and it did not find anything, but the log is below.[/FONT]
[FONT=Arial]Step 4: DDS[/FONT]

[FONT=Arial]Ran this program.[/FONT]
[FONT=Arial][FONT=Arial]Step 5: Logs[/FONT][/FONT]
[FONT=Arial]Next post[/FONT]
 
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.21.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Leon :: LEON-PC [administrator]
8/21/2012 4:54:46 AM
mbam-log-2012-08-21 (04-54-46).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225422
Time elapsed: 3 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)


GMER log was empty:




.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Leon at 13:14:08 on 2012-08-22
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.8329 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\crypserv.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\system32\lxducoms.exe
C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Users\Leon\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\Users\Leon\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Leon\Desktop\Virus removal help\hco9o6uu.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ohiostate.247sports.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: IDM integration (IDMIEHlprObj Class): {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: IEHlprObj Class: {8ca5ed52-f3fb-4414-a105-2e3491156990} - C:\Program Files (x86)\Pogo Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Ask Toolbar for Pogo: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - C:\Program Files (x86)\Google\Chrome Frame\Application\21.0.1180.83\npchrome_frame.dll
TB: Ask Toolbar for Pogo: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB: {37153479-1976-43C3-A1EE-557513977B64} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
uRun: [Google Update] "C:\Users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
mRun: [TaskTray]
mRun: [Malwarebytes' Anti-Malware] "j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\Leon\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\Leon\AppData\Local\Temp\_uninst_25156082.bat
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
uPolicies-explorer: NoFile = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoDFSTab = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-explorer: NoEncryptOnMove = 0 (0x0)
uPolicies-explorer: NoResolveTrack = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
mPolicies-explorer: NoFile = 0 (0x0)
mPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoDFSTab = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-explorer: NoEncryptOnMove = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 0 (0x0)
mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
dPolicies-explorer: NoFile = 0 (0x0)
dPolicies-explorer: HideClock = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoDFSTab = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-explorer: NoEncryptOnMove = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 0 (0x0)
dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://I.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxp://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{367D4C99-2C77-4799-A525-C75D9930EBE0} : DhcpNameServer = 192.168.1.254
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\21.0.1180.83\npchrome_frame.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\Pogo Games\iWinGamesHookIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO-X64: Ask Toolbar for Pogo: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\21.0.1180.83\npchrome_frame.dll
BHO-X64: ChromeFrame BHO - No File
TB-X64: Ask Toolbar for Pogo: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
TB-X64: {37153479-1976-43C3-A1EE-557513977B64} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [TaskTray]
mRun-x64: [Malwarebytes' Anti-Malware] "j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRunOnce-x64: [GrpConv] grpconv -o
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=APN10145&gct=hp
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=POGO&o=APN10145&locale=en_US&apn_uid=18a60966-a306-4305-bf68-472ec0f55ad9&apn_ptnrs=^A6C&apn_sauid=486DBF7F-E1F0-40BA-8F0B-84A8FFBA79AC&apn_dtid=^YYYYYY^YY^US&&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Leon\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100486
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.hardId - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15355
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.173:24:59
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 93987717;93987717;C:\Windows\system32\DRIVERS\93987717.sys --> C:\Windows\system32\DRIVERS\93987717.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);C:\Windows\system32\DRIVERS\tdrpm258.sys --> C:\Windows\system32\DRIVERS\tdrpm258.sys [?]
R0 WRkrn;WRkrn;C:\Windows\system32\drivers\WRkrn.sys --> C:\Windows\system32\drivers\WRkrn.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/04/28 06:09:51];C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\NavFilter\000.fcl [2012-1-11 146928]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-5-26 2480048]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-4-28 87336]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-4-28 75048]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-4-28 296232]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-31 13592]
R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 375208]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 MBAMService;MBAMService;J:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-5 655944]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-4-28 82928]
R2 PGMTrusted;PGMTrusted;C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [2012-1-4 519888]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-8-31 1692480]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-1-23 92592]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-4-27 2594584]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
RUnknown 1181522drv;1181522drv; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-4 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxduserv.exe [2011-11-25 29184]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-27 1262400]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2012-8-1 710504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-9 250568]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-4 136176]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-2 129976]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-08-22 13:00:01 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-08-22 12:59:27 460888 ----a-w- C:\Windows\System32\drivers\93987717.sys
2012-08-22 07:11:57 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4746E3C6-58AF-4DB1-9F61-6B369EAC665A}\mpengine.dll
2012-08-21 20:14:58 306688 ----a-w- C:\Windows\IsUninst.exe
2012-08-21 09:38:56 -------- d-----w- C:\Reg help
2012-08-19 22:07:52 -------- d-----w- C:\Users\Leon\AppData\Local\Ubisoft Game Launcher
2012-08-18 08:03:56 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0760393C-24F3-4828-A5A7-B17E8753C842}\gapaengine.dll
2012-08-18 08:03:47 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-18 08:02:55 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-08-18 08:02:53 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-08-18 07:58:23 39184 ----a-w- C:\Windows\System32\Partizan.exe
2012-08-18 07:56:10 -------- d-----w- C:\ProgramData\RegRun
2012-08-17 09:29:45 -------- d-----w- C:\BackSys
2012-08-17 08:05:10 39184 ----a-w- C:\Windows\SysWow64\Partizan.exe
2012-08-17 08:05:10 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2012-08-17 08:05:09 2 --shatr- C:\Windows\winstart.bat
2012-08-17 08:05:07 12800 ----a-w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
2012-08-17 08:05:06 -------- d-----w- C:\Program Files (x86)\UnHackMe
2012-08-16 04:27:20 -------- d-----w- C:\Program Files (x86)\Oberon Media
2012-08-15 12:01:07 -------- d-----w- C:\GameHouse Games
2012-08-14 14:03:45 -------- d-----w- C:\Users\Leon\AppData\Roaming\Pogo Games
2012-08-14 13:31:01 -------- d-----w- C:\Program Files (x86)\iWin.com
2012-08-14 13:28:33 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-08-14 13:28:13 -------- d-----w- C:\ProgramData\PogoDGC
2012-08-14 13:28:10 -------- d-----w- C:\Program Files (x86)\Pogo Games
2012-08-14 13:01:24 -------- d-----w- C:\Program Files (x86)\Gutterball Golden Pin Bowling
2012-08-13 14:37:28 -------- d-----w- C:\Users\Leon\AppData\Local\CRE
2012-08-13 13:50:35 -------- d-----w- C:\Users\Leon\AppData\Roaming\TuneUpMedia
2012-08-13 13:50:19 -------- d-----w- C:\ProgramData\Trymedia
2012-08-13 13:50:01 -------- d-----w- C:\Users\Leon\AppData\Roaming\OpenCandy
2012-08-10 01:00:10 -------- d-----w- C:\ProgramData\Media Center Programs
2012-08-10 01:00:04 88480 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2012-08-10 01:00:04 46400 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2012-08-09 23:09:26 -------- d-----w- C:\Ubisoft
2012-08-09 22:59:25 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-08-02 01:18:06 102832 ----a-w- C:\Windows\System32\WRusr.dll
2012-08-02 01:18:05 149688 ----a-w- C:\Windows\SysWow64\WRusr.dll
2012-08-02 01:18:05 110096 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2012-08-02 01:18:04 -------- d-----w- C:\Program Files\Webroot
2012-08-02 01:17:59 -------- d-----w- C:\ProgramData\WRData
2012-07-27 20:51:30 184248 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 20:51:30 184248 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-07-23 20:17:50 -------- d-----w- C:\Users\Leon\AppData\Local\ArcadeWeb
.
==================== Find3M ====================
.
2012-08-21 09:58:43 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 09:58:43 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-18 07:22:54 328704 ----a-w- C:\Windows\System32\services.exe
2012-07-13 10:24:20 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-07-13 10:24:20 34720 ----a-w- C:\Windows\System32\LMIport.dll
2012-07-13 10:24:19 80800 ----a-w- C:\Windows\System32\LMIinit.dll
2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-12 03:08:36 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-26 20:55:34 252512 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2012-05-26 20:55:31 1477728 ----a-w- C:\Windows\System32\drivers\tdrpm258.sys
2012-05-26 20:55:29 943712 ----a-w- C:\Windows\System32\drivers\timntr.sys
2012-05-26 20:55:23 271456 ----a-w- C:\Windows\System32\drivers\snapman.sys
.
============= FINISH: 13:14:33.61 ===============
 
Attach log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/20/2011 4:18:47 AM
System Uptime: 8/22/2012 9:51:35 AM (4 hours ago)
.
Motherboard: Dell Inc. | | 0Y2MRG
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 99.343 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
J: is FIXED (NTFS) - 1863 GiB total, 195.674 GiB free.
K: is CDROM (CDFS)
L: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP214: 8/22/2012 5:33:08 AM - Scheduled Checkpoint
RP215: 8/22/2012 9:59:04 AM - RegRun Virus Scan
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Acronis True Image Home
Activision(R)
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.6
AirParrot
Alcor Micro USB Card Reader
Angry Birds Space 1.0.0
ANNO 2070
Apple Application Support
Apple Software Update
Ask Toolbar
Ask Toolbar for Pogo Updater
Battlefield 3™
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Command & Conquer™ 4 Tiberian Twilight
CopyTrans Suite Remove Only
Coupon Printer for Windows
Cozi
CyberLink PowerDVD 12
D3DX10
DAEMON Tools Pro
Defenders of Ardania
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Driver Download Manager
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Product Registration
Dell Stage
Dell VideoStage
DirectX 9 Runtime
DivX Web Player
Driver Genius Professional Edition
Empire Earth III
GeoForms Screensaver by NVIDIA (remove only)
Google Chrome
Google Chrome Frame
Google Update Helper
GoToAssist Corporate
Gutterball Golden Pin Bowling
Hide IP Easy
Ice Age(TM) - Continental Drift - Arctic Games
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Internet Download Manager
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
LeapFrog Connect
LeapFrog Leapster Explorer Plugin
Lexmark Printable Web
LogMeIn
Malwarebytes Anti-Malware version 1.62.0.1300
Max Payne 3
Mesh Runtime
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Origin
PDF Settings CS5
PhotoShowExpress
Plex
Plex Media Server
Pogo Games (remove only)
QuickTime
Realtek High Definition Audio Driver
Rocket Bowl
Rockstar Games Social Club
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Saints & Sinners Bowling
Saints Row The Third
Seagate DiscWizard
SeaTools for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Sniper Elite V2
Sonic CinePlayer Decoder Pack
Spec Ops The Line
Steam
Stellar Phoenix Windows Data Recovery V4.1
Stronghold 3
swMSM
System Requirements Lab CYRI
THE SETTLERS - Rise of an Empire
The Settlers 7 - Paths to a Kingdom
The Witcher 2 - Assassins of Kings Enhanced Edition
THX TruStudio PC
TomTom HOME 2.8.3.2499
TomTom HOME Visual Studio Merge Modules
TouchCopy 11
Ubisoft Game Launcher
UnHackMe 5.99 release
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
VC80CRTRedist - 8.0.50727.762
Visual Studio C++ 10.0 Runtime
VLC media player 1.1.10
Way To Go Bowling (remove only)
Way To Go! Bowling
Webroot SecureAnywhere
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinSCP 4.3.6
Wondershare Video Converter Ultimate(Build 5.7.6.2)
World in Conflict Complete Edition
World of Tanks v.0.7.0
Xvid Video Codec
.
==== Event Viewer Messages From Past Week ========
.
8/22/2012 9:55:40 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
8/22/2012 9:55:40 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
8/22/2012 9:54:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
8/22/2012 9:53:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxduCATSCustConnectService service to connect.
8/22/2012 9:53:06 AM, Error: Service Control Manager [7000] - The lxduCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/22/2012 9:53:05 AM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
8/22/2012 1:48:03 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
8/22/2012 1:11:32 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
8/22/2012 1:11:32 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
8/21/2012 6:00:50 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 5:53:14 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 5:50:43 AM, Error: Service Control Manager [7000] - The atksgt service failed to start due to the following error: This driver has been blocked from loading
8/21/2012 5:50:43 AM, Error: Application Popup [875] - Driver atksgt.sys has been blocked from loading.
8/21/2012 4:58:07 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 4:51:04 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 4:47:42 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
8/21/2012 4:47:41 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
8/21/2012 4:47:41 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
8/21/2012 4:12:59 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 4:12:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 3:32:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/21/2012 3:31:58 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/20/2012 4:12:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/20/2012 4:12:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/19/2012 6:12:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/19/2012 4:12:57 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/19/2012 4:12:56 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/19/2012 1:49:38 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.2310.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/18/2012 4:08:30 AM, Error: Microsoft Antimalware [1119] - Microsoft Antimalware has encountered a critical error when taking action on malware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Virus:Win64/Sirefef.B&threatid=2147657891 Name: Virus:Win64/Sirefef.B ID: 2147657891 Severity: Severe Category: Virus Path: file:_C:\Windows\System32\SERVICES.EXE.del Detection Origin: Local machine Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Action: Clean Action Status: No additional actions required Error Code: 0x8007007f Error description: The specified procedure could not be found. Signature Version: AV: 1.131.2310.0, AS: 1.131.2310.0, NIS: 11.159.0.0 Engine Version: AM: 1.1.8601.0, NIS: 2.0.8001.0
8/18/2012 4:03:06 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80070424 Error description: The specified service does not exist as an installed service.
8/16/2012 1:19:51 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user LEON-PC\Leon SID (S-1-5-21-3191922543-261891716-3115826397-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

==================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
  • Like
Reactions: bud11dy
Rkill 2.3.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 08/22/2012 03:12:55 PM in x64 mode.
Windows Version: Windows 7 Service Pack 1
Checking for Windows services to stop.
* No malware services found to stop.
Checking for processes to terminate.
* C:\Windows\system32\crypserv.exe (PID: 2784) [WD-HEUR]
1 proccess terminated!
Checking Registry for malware related settings.
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!
* HKCU\SOFTWARE\Classes\exefile has been deleted!

Performing miscellaneous checks.
* ALERT: ZEROACCESS rootkit symptoms found!
* HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
* C:\Users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\ [ZA Dir]
* C:\Users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\@ [ZA File]
* C:\Users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\ [ZA Dir]
* C:\Users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\U\ [ZA Dir]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\ [ZA Dir]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\@ [ZA File]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\ [ZA Dir]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\00000004.@ [ZA File]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\201d3dde [ZA File]
* C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\U\ [ZA Dir]
Checking Windows Service Integrity:
* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic
* AppMgmt [Missing Service]
* CscService [Missing Service]
* iphlpsvc [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]
* WinDefend [Missing Service]
* wscsvc [Missing Service]
* wuauserv [Missing Service]
* BITS [Missing ImagePath]
* SharedAccess [Missing ImagePath]
* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Program finished at: 08/22/2012 03:13:05 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)
 
Thank you for the help. I have been a member since Feb, just never posted anything. Just get on mainly for information and then I got this virus and could take care of it myself. So I thought I would ask because everyone on here seems to want to help out. :)(y)


The aswMBR is still running.
 
Ok here is the aswMBR info: Oh that entry "16:07:42.592 File: C:\Users\Leon\Desktop\set6-bud11dy.exe **INFECTED** Win32:Malware-gen" is a cheat for a game that I play that I downloaded from a membership site that I am on called cheatshappen,

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-22 15:16:07
-----------------------------
15:16:07.639 OS Version: Windows x64 6.1.7601 Service Pack 1
15:16:07.639 Number of processors: 4 586 0x2A07
15:16:07.639 ComputerName: LEON-PC UserName: Leon
15:16:09.569 Initialize success
15:16:17.698 AVAST engine defs: 12082100
15:16:28.571 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:16:28.571 Disk 0 Vendor: WDC_WD10 19.0 Size: 953869MB BusType: 3
15:16:28.571 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
15:16:28.571 Disk 1 Vendor: ST2000DL CC32 Size: 1907729MB BusType: 3
15:16:28.602 Disk 0 MBR read successfully
15:16:28.602 Disk 0 MBR scan
15:16:28.602 Disk 0 Windows VISTA default MBR code
15:16:28.618 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
15:16:28.633 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13566 MB offset 81920
15:16:28.664 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940262 MB offset 27865088
15:16:28.711 Disk 0 scanning C:\Windows\system32\drivers
15:16:39.977 Service scanning
15:17:12.159 Modules scanning
15:17:12.674 Disk 0 trace - called modules:
15:17:12.690 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:17:12.690 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ce09060]
15:17:12.705 3 CLASSPNP.SYS[fffff88001fb343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a3cd050]
15:17:15.045 AVAST engine scan C:\Windows
15:17:18.914 AVAST engine scan C:\Windows\system32
15:20:24.133 AVAST engine scan C:\Windows\system32\drivers
15:20:38.036 AVAST engine scan C:\Users\Leon
16:07:42.592 File: C:\Users\Leon\Desktop\set6-bud11dy.exe **INFECTED** Win32:Malware-gen
16:19:19.206 AVAST engine scan C:\ProgramData
16:23:39.964 Scan finished successfully
21:22:54.633 Disk 0 MBR has been saved successfully to "C:\Users\Leon\Desktop\Virus removal help\MBR.dat"
21:22:54.633 The log file has been saved successfully to "C:\Users\Leon\Desktop\Virus removal help\aswMBR.txt"
 
We have some ZeroAccess rootkit leftovers.
Let's see if Combofix will cure it...

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
  • Like
Reactions: bud11dy
Ok here is the Combofix log:

ComboFix 12-08-22.03 - Leon 08/22/2012 21:54:28.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.6932 [GMT -4:00]
Running from: c:\users\Leon\Desktop\ComboFix_2.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Pogo Games\iWINgameshookie.dll
c:\programdata\boost_interprocess\20120822095135.125599
c:\programdata\boost_interprocess\20120822095135.125599\9334581e-7251-4ef7-a8ec-5bfe8e89ff68
c:\programdata\boost_interprocess\20120822095135.125599\plex_frame_mutex
c:\programdata\PCDr\5907\Downloads\f0fc9c9c-10ba-435b-8365-dadb523644ff.dll
c:\users\Leon\AppData\Roaming\InstallDir
c:\users\Leon\AppData\Roaming\Microsoft\Windows\ujTwPP.dat
c:\users\Leon\GoToAssistDownloadHelper.exe
c:\users\Thumbs\iThmbConv.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-23 to 2012-08-23 )))))))))))))))))))))))))))))))
.
.
2012-08-22 13:00 . 2012-08-22 13:00 -------- d-----w- c:\programdata\Kaspersky Lab
2012-08-22 07:11 . 2012-08-20 05:53 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4746E3C6-58AF-4DB1-9F61-6B369EAC665A}\mpengine.dll
2012-08-21 20:14 . 1998-10-29 20:45 306688 ----a-w- c:\windows\IsUninst.exe
2012-08-21 09:38 . 2012-08-21 09:39 -------- d-----w- C:\Reg help
2012-08-19 22:07 . 2012-08-19 22:08 -------- d-----w- c:\users\Leon\AppData\Local\Ubisoft Game Launcher
2012-08-18 08:03 . 2012-02-09 18:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0760393C-24F3-4828-A5A7-B17E8753C842}\gapaengine.dll
2012-08-18 08:03 . 2012-07-16 06:40 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-18 08:02 . 2012-08-18 08:02 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-18 08:02 . 2012-08-18 08:02 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-18 07:58 . 2012-08-18 07:58 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-08-18 07:56 . 2012-08-23 06:58 -------- d-----w- c:\programdata\RegRun
2012-08-17 09:29 . 2012-08-17 23:55 -------- d-----w- C:\BackSys
2012-08-17 08:05 . 2012-08-17 08:05 39184 ----a-w- c:\windows\SysWow64\Partizan.exe
2012-08-17 08:05 . 2012-08-17 08:05 35816 ----a-w- c:\windows\SysWow64\drivers\Partizan.sys
2012-08-17 08:05 . 2012-08-17 08:05 2 --shatr- c:\windows\winstart.bat
2012-08-17 08:05 . 2012-06-27 20:01 12800 ----a-w- c:\windows\SysWow64\drivers\UnHackMeDrv.sys
2012-08-17 08:05 . 2012-08-23 04:33 -------- d-----w- c:\program files (x86)\UnHackMe
2012-08-16 04:27 . 2012-08-16 04:29 -------- d-----w- c:\program files (x86)\Oberon Media
2012-08-15 12:01 . 2012-08-15 12:01 -------- d-----w- C:\GameHouse Games
2012-08-14 14:03 . 2012-08-14 14:03 -------- d-----w- c:\users\Leon\AppData\Roaming\Pogo Games
2012-08-14 13:31 . 2012-08-14 13:31 -------- d-----w- c:\program files (x86)\iWin.com
2012-08-14 13:28 . 2012-08-14 13:28 -------- d-----w- c:\program files (x86)\Ask.com
2012-08-14 13:28 . 2012-08-14 13:28 -------- d-----w- c:\programdata\PogoDGC
2012-08-14 13:28 . 2012-08-23 02:01 -------- d-----w- c:\program files (x86)\Pogo Games
2012-08-14 13:01 . 2012-08-14 13:01 -------- d-----w- c:\program files (x86)\Gutterball Golden Pin Bowling
2012-08-13 14:37 . 2012-08-13 14:37 -------- d-----w- c:\users\Leon\AppData\Local\CRE
2012-08-13 13:50 . 2012-08-14 01:25 -------- d-----w- c:\users\Leon\AppData\Roaming\TuneUpMedia
2012-08-13 13:50 . 2012-08-13 13:50 -------- d-----w- c:\programdata\Trymedia
2012-08-13 13:50 . 2012-08-13 13:50 -------- d-----w- c:\users\Leon\AppData\Roaming\OpenCandy
2012-08-10 01:00 . 2012-08-10 01:00 -------- d-----w- c:\programdata\Media Center Programs
2012-08-10 01:00 . 2012-08-21 10:05 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-08-10 01:00 . 2012-08-21 10:05 46400 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-08-09 23:09 . 2012-08-09 23:09 -------- d-----w- C:\Ubisoft
2012-08-09 22:59 . 2012-08-09 22:59 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-02 01:18 . 2012-08-21 08:53 102832 ----a-w- c:\windows\system32\WRusr.dll
2012-08-02 01:18 . 2012-08-21 08:53 149688 ----a-w- c:\windows\SysWow64\WRusr.dll
2012-08-02 01:18 . 2012-08-21 08:53 110096 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2012-08-02 01:18 . 2012-08-21 08:53 -------- d-----w- c:\program files\Webroot
2012-08-02 01:17 . 2012-08-22 12:59 -------- d-----w- c:\programdata\WRData
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:58 . 2012-04-09 19:54 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-21 09:58 . 2011-08-31 17:28 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-18 07:22 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-03 08:27 . 2011-11-25 22:53 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-13 10:24 . 2011-12-25 04:53 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-13 10:24 . 2011-12-25 04:53 34720 ----a-w- c:\windows\system32\LMIport.dll
2012-07-13 10:24 . 2011-12-25 04:53 80800 ----a-w- c:\windows\system32\LMIinit.dll
2012-07-03 17:46 . 2011-11-25 18:39 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-12 03:08 . 2012-07-11 07:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 03:44 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 03:38 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 03:38 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 03:41 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 03:38 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 03:38 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 03:41 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-19 10:33 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 10:33 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 10:33 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 10:33 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 10:33 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 10:33 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 10:33 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-19 10:32 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-19 10:32 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 07:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 07:00 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 07:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 07:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 07:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 07:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 03:28 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 03:28 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 03:28 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 03:28 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 03:28 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 03:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 03:28 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 03:28 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 03:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-26 20:55 . 2012-05-26 20:55 252512 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-05-26 20:55 . 2012-05-26 20:55 1477728 ----a-w- c:\windows\system32\drivers\tdrpm258.sys
2012-05-26 20:55 . 2012-05-26 20:55 943712 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-05-26 20:55 . 2011-11-20 22:49 271456 ----a-w- c:\windows\system32\drivers\snapman.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-05-04 19:43 1519272 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-22 880496]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-03-19 3478936]
"Plex Media Server"="c:\program files (x86)\Plex\Plex Media Server\Plex Media Server.exe" [2012-08-03 3066600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="j:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-08-21 710504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]
.
c:\users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
_uninst_25156082.lnk - c:\users\Leon\AppData\Local\Temp\_uninst_25156082.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0Partizan\0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 136176]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [2009-10-16 29184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 250568]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 136176]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2009-10-10 40320]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-02 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-22 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2012-05-26 1477728]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-08-21 110096]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-21 271424]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 49752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/04/28 06:09];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-01-12 02:57 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-05-26 2480048]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-13 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [2009-10-16 1039360]
S2 MBAMService;MBAMService;j:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S2 PGMTrusted;PGMTrusted;c:\program files (x86)\Pogo Games\PGMTrusted.exe [2012-01-04 519888]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-08-21 710504]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-05-26 252512]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-01-19 435240]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WHBEAZZV
*Deregistered* - WHbeAZzV
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 09:58]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 09:09]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 09:09]
.
2012-08-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000Core.job
- c:\users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 20:31]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000UA.job
- c:\users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 20:31]
.
2012-08-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-08-23 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 01:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://ohiostate.247sports.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=APN10145&gct=hp
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=POGO&o=APN10145&locale=en_US&apn_uid=18a60966-a306-4305-bf68-472ec0f55ad9&apn_ptnrs=^A6C&apn_sauid=486DBF7F-E1F0-40BA-8F0B-84A8FFBA79AC&apn_dtid=^YYYYYY^YY^US&&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100486
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.hardId - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15355
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.173:24
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
------- File Associations -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{37153479-1976-43c3-a1ee-557513977b64} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-TaskTray - (no file)
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{37153479-1976-43C3-A1EE-557513977B64} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3191922543-261891716-3115826397-1000_Classes\Wow6432Node\CLSID\{565dafb4-e43a-4a0f-955e-a877f9751fa0}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000005a
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3191922543-261891716-3115826397-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):ae,b7,62,3d,5f,32,49,d5,5e,9c,11,fd,d7,c3,98,c1,b7,ea,b0,f7,81,
12,27,ea,2a,f3,00,0e,36,2e,5f,fe,43,96,6d,be,fc,7e,04,25,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\crypserv.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\UnHackMe\hackmon.exe
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Completion time: 2012-08-23 03:01:26 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-23 07:01
.
Pre-Run: 106,120,982,528 bytes free
Post-Run: 112,099,741,696 bytes free
.
- - End Of File - - 3D7B99C361994BF6FBC1C9E7307DE3E7
 
Uninstall:
Ask Toolbar
Ask Toolbar for Pogo Updater
...typical foistware.

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code: 
File::
c:\windows\winstart.bat

Folder::
C:\Users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}
C:\Windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}
c:\program files (x86)\iWin.com

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
  • Like
Reactions: bud11dy
I didnt see this Uninstall:
Ask Toolbar
Ask Toolbar for Pogo Updater
But I did unistall it after I ran the combofix


ComboFix 12-08-22.03 - Leon 08/23/2012 16:02:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12270.10002 [GMT -4:00]
Running from: c:\users\Leon\Desktop\ComboFix_2.exe
Command switches used :: c:\users\Leon\Desktop\Virus removal help\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\winstart.bat"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\iWin.com
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\acc\f\acc-f-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\acc\m\acc-m-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\back\bg-0003.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0002-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0002-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0002-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0002-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0005-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0005-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0005-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0005-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0008-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0008-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0008-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0008-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0009-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0009-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0009-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\f2\fb-f-0009-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0002-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0002-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0002-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0016-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0016-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-fb\m\fb-m-0016-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\f\hd-f-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\f\hd-f-0001-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\f\hd-f-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\f\hd-f-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\m\hd-m-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\m\hd-m-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-hd\m\hd-m-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\f2\lb-f-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\f2\lb-f-0001-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\f2\lb-f-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\f2\lb-f-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\m\lb-m-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\m\lb-m-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-lb\m\lb-m-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-arm-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-arm-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-arm-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-arm-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-lbr.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\f\ub-f-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0001-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0001-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-arm-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-arm-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-arm-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-tn.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\body-ub\m\ub-m-0002-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\f\pogobowl-acc-f-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\f\pogobowl-acc-f-0002.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\f\pogobowl-acc-f-0003.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\m\pogobowl-acc-m-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\m\pogobowl-acc-m-0002.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\acc\m\pogobowl-acc-m-0003.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0001.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0002.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0003.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0004.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0005.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\back\pogobowl-bg-0006.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0002.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0003.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0004.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0005.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\fore\pogobowl-fg-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0002.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0003.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0004.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0005.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\f2\pogobowl-fbg-f-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0001.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0002.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0003.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0004.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0005.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\garm-fb\m\pogobowl-fbg-m-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair-face\pogobowl-fhr-m-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-back-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0001-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0002-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0002-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0002-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0002-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-back-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0003-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-back-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0004-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-back-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0005-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0006-back.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\f\pogobowl-hr-f-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0001-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0001-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0001-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0001-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0002-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0002-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0002-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0002-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0003-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0003-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0003-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0003-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-back-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0004-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0005-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0005-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0005-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0005-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\cdl\pogobowl\hair\m\pogobowl-hr-m-0006.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\f\fc-f-0001-br-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\f\fc-f-0001-tn-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\f\fc-f-0001-tn-n.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\f\fc-f-0001-wh-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\f\fc-f-0015-lbr-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\m\fc-m-0001-br-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\m\fc-m-0001-tn-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\m\fc-m-0001-tn-n.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\m\fc-m-0001-wh-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\face\m\fc-m-0013-tn-h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\garm-lb\f2\lbg-f-0002-lbl.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\garm-lb\m\lbg-m-0002-lbl.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\garm-ub\f\ubg-f-0002-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\garm-ub\m\ubg-m-0002-wh.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0001-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0002-back-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0002-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0002-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0003-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0005-back-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0005-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\f\hr-f-0007-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0001-bd.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0007-br.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0009-back-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0009-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0011-tn-gy.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\avatarimg\hair\m\hr-m-0012-bk.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\bass.dll
c:\program files (x86)\iWin.com\Way To Go Bowling\CadiApi.dll
c:\program files (x86)\iWin.com\Way To Go Bowling\Flash\EA-Pogo.swf
c:\program files (x86)\iWin.com\Way To Go Bowling\Flash\roomsel.swf
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_Arial10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_Arial10Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_ArialNarrow15.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualShd24Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd14.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd16.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd17.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd20.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd22.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd24.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd24Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd25Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd30Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_DomCasualStd36Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded11.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded12.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded13.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded14.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_HelveticaRounded8.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_Verdana10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_Verdana12Bold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\_Verdana8.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\Arial10.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\Arial10Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\ArialNarrow15.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualShd24Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd14.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd16.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd17.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd20.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd22.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd24.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd24Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd25Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd30Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\DomCasualStd36Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded10.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded11.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded12.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded13.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded14.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\HelveticaRounded8.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\Verdana10.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\Verdana12Bold.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Fonts\Verdana8.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\buynow.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\common.js
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\css\offline.css
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\disconnected-upsell.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\end.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\expired.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\alert32x32.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\bg_header.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\buttons\close-blue-28.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\buttons\continue-orange-132.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\buttons\yesiwantabackupcd-orange-197.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\common\header-bg.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\common\header-small-bg.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\common\loading.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\continuefreetrial-32.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\global\logo-invis.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\global\logo.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\global\page-bg-swirly.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\global\page-bg.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\global\page-header-small-bg.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\logo.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\misc\blue-bottom-triangle.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\misc\information.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\ous\divider.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\ous\hotel-bg.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\ous\hotel-iwin.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\ous\opal.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\ous\ous-promo-banner.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\plans\plan1.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\plans\plan2.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\images\plans\plan3.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\open.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\operationfailed.html
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\scripts\disconnected-upsell.js
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\scripts\prototype-1.6.js
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\styles\base.css
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\styles\disconnected-upsell.css
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\styles\shoppingcart.css
c:\program files (x86)\iWin.com\Way To Go Bowling\gamepage\success.html
c:\program files (x86)\iWin.com\Way To Go Bowling\glcfg.date
c:\program files (x86)\iWin.com\Way To Go Bowling\GLWorker.exe
c:\program files (x86)\iWin.com\Way To Go Bowling\icon.ico
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\AvatarBackground.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\avatarghost-f.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\avatarghost-m.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\AvatarSelectButtons.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\loading-30.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\loading-45.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Avatar\loading-65.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Badges\sm\0.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-bottom-left.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-bottom-mid.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-bottom-right.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-left.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-right.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-top-left.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-top-mid.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\browser-top-right.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\close.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Browser\earth-animation-40w-41h.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\abusebg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\abuseclose.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\abuseinput.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\abuseradio.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\ChatHeader.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\ChatShadow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Checkmark.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\ConnectedState.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Emoticons.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\HeartIcon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\InfoIcon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\jackpot-numbers.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\jackpot-x2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\MuteIcon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\playerselbg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Sidebar-Background.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Sidebar-ChatInput.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Sidebar-ChatInput.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\Sidebar-Interface.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Chat\splice.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\blank.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\Bottom.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\Frame.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\Side.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\SideBar.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Border\Top.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\box.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\button.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\dialoguebuttons.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\go.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\pin_setup_title.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\ready.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Dialogue\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\congratulations.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\game_summary.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\minirim.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\EndGame\winner.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Framerate\framerate.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Framerate\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\head_checkbox.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\head_namebox.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\head_titles_head_to_head.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\head_titles_number_of_players.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\head_titles_player_names.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HeadToHead\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\badge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\basic_gameplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowling_alleys.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowling_balls.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowlingalleys.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowlingalleys.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowlingballs.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\bowlingballs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\challenge_mode.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\gamemodes.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\gamemodes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\head_to_head_gameplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\Head2Head.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\jackpot.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\jackpot.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\jackpotx2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\mini.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\mini_avatar.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\multiplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\multiplay_mode.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\practice.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\practice_mode.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\ranks_&_badges.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\team_mode.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\Thebasics.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\Thebasics.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\Token.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\HowToPlay\tokens.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_arrow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_boomerang.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_bowling.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_bowling_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_lights_4x4.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_lights1.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_lights2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_small_arrow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_waytogo.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\anim_waytogo_old.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\changeuser.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\connect.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\coordinates.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\credittokens.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\disconnect.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\headtohead.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\howtoplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\info.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\main_menu_connected.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\main_menu_connected.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\miniboarder.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\minihousing.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\minimall.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\multiplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\new_item_indicator.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\noservice.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\officialrules.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\options.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\pogo.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\practice.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\proshopstats.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\quit.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\shelf.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\status.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\status_alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\teammultiplay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tokens.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tooltip_challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tooltip_hotseat.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tooltip_normal.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tooltip_practice.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\tooltip_team.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\MainMenu\unconnected_shelf.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_cheese_hole_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_a.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_c.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_d.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_e.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_f.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_g.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_h.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_i.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_j.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_k.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_l.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_neon_lights_m.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_roof_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_sign_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\50s_lights\50s_snack_shack_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman_lights\caveman_big_glow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman_lights\caveman_big_glow_bottom.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman_lights\caveman_sign.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman_lights\caveman_sign_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\caveman_lights\caveman_small_glow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_building_base_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_light_blue.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_light_green.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_light_red.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_light_white.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_light_yellow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_sign_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\disco_lights\disco_sign_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_building_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_bush_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_hedge_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_interior_green_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_roof_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_sign_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_sign_text_1.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_sign_text_2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_sign_text_3.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\garden_lights\garden_sign_text_4.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\lamp_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\lamp_lights_ground_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\lamp_posts.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\main_menu.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\main_menu_boomerang_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\main_menu_roof_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\main_menu_sign_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\main_menu_sign_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\parking_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate_lights\pirate_boat_side_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate_lights\pirate_boat_trim_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate_lights\pirate_rear_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate_lights\pirate_sign_text_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pirate_lights\pirate_water_highlight.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pro_shop.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pro_shop_lights\pro_shop_building_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pro_shop_lights\pro_shop_sign_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\pro_shop_lights\pro_shop_sign_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\sidewalk_hedge_light.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\star_sparkle.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\stars.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\versus.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\wacky_lanes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\wacky_lights\wacky_lanes_building_neon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\wacky_lights\wacky_lanes_roof_lights.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\wacky_lights\wacky_lanes_sign_bulbs.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Map\wacky_lights\wacky_lanes_sign_text.png
 
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\andy_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\annie_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\back_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\back_roll.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\back_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\ball_challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\bugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\captain_cutter.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\completed.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\coordinates.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\harry_hustler.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\joey_brooklyn.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\lilly_lane.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\location_challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\miss_maples.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\placard.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\poison_ivy.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\powder_puff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\select.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\select_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\select_roll.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\select_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\super_challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\Thumbs.db
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\trophy_left.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\trophy_right.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\turkey_lurkey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Opponents\ugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\lg_big_ball.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\lg_bumper_bowl.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\lg_extra_ball.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\lg_reset_pins.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\lg_super_sleeper.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\powerup_backing_bottom.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\powerup_backing_middle.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\powerup_backing_top.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\sm_big_ball.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\sm_bumper_bowl.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\sm_extra_ball.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\sm_reset_pins.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\PowerUps\sm_super_sleeper.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\baby_split.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\bed_post.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\christmas_tree.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\cincinnati.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\golden_gate.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\greek_church.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\header.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num1.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num10b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num1b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num2b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num3.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num3b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num4.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num4b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num5.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num5b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num6.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num6b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num7.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num7b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num8.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num8b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num9.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\num9b.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\picket_fence.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\pin.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\poison_ivy.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\sour_apples.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\stats.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\stats_points.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\strike.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Practice\tooltip_box.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\back.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\back_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\back_roll.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\back_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\ball_highlight.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\change_icon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\left_arrow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\light_on.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\lock.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\messagescreen.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_01.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_02.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_03.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_04.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_05.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_06.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_07.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_08.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_09.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_11.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_12.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_13.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_14.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_15.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_16.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_17.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_18.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_19.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_20.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_21.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_22.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_23.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_24.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_25.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_26.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_27.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_28.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_29.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_30.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_31.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_32.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_33.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_34.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_35.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_36.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_37.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_38.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_39.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_40.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_41.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_42.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_43.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_44.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_45.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_46.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_47.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_48.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_49.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers\font_50.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\numbers_font.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_alight_aim.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_alight_speed.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_alight_spin.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_50.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_blue.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_caveman.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_disco.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_garden.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_light_on.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_pirate.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_red.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_wacky.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_ball_yellow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_letters.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_rank.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\pro_shop_sidelight.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\right_arrow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\stat_badges.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ProShop\x.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\RoomSelect\challenge.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\RoomSelect\multi_play.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\10_frame_2rows.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\10_frame_overlay.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\andy_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\annie_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\avatar_frame.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\blue_highlight.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\blue_highlight_10th.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\captain_cutter.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\fixed_large_leader_font.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\harry_hustler.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\joey_brooklyn.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_bowl.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_emblem_gold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_emblem_silver.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_10th.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_font_big.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_font_small.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_sir.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_slider.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_slider_bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_slider_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_slider_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_sparkle.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_leader_time_leftl.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_opponents_turn.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_perfect_game.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_sleeper.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_spare.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_split.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_strike.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_strike_it_rich.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_times_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_try_again.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_turkey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_wtg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lg_your_turn.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\lilly_lane.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\miss_maples.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\missing_avatar.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\mr_ugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\mrs_ugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\poison_ivy.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\powder_puff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_down.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_inset_piece_animated.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_inset_piece_highlight.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_inset_piece_normal.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_leaderboard_tab.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_ngame_timer.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_sir_font.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_team_2_tab.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leader_team_scores_tab.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_leaderboard_hotseat.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_perfect_game.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_sir.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_sleeper.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_spare.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_split.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_strike.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_turkey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\sm_up.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\ScoreSheet\turkey_lurkey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge0.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge0_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge1.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge1_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge2.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge2_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge3.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge3_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge4.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge4_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge5.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badge5_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_annie.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_captain_cutter.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_joey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_lilly.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_miss_maples.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badgenames_ugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badges.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\badges_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\bg.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\checkbox.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Final\Stats\stats_text.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\FramerateAnalyzer\ButtonOK.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\FramerateAnalyzer\Checkbox.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\FramerateAnalyzer\Dialog.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\andy_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\annie_apple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\bugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\captain_cutter.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\GameSummaryHeader.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\harry_hustler.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\HighScoresHeader.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\LineGrey.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\RowCategories.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\RowHighlighted.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\RowPlain.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\Star.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\HighScore\YourScore.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\joey_brooklyn.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\lilly_lane.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\line.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\miss_maples.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\NameHolder.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\poison_ivy.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\powder_puff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\rim.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\spinner.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\spinner.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\SpinnerContents.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\SpinnerContents.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\Title.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\turkey_lurkey.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\GameSummary\ugga.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Loading\BackgroundGradient.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Loading\Copyright.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Loading\Copyright_.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Loading\LogoColor.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\Balloon.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\CheckBox.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\ControlBar.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\ControlBg.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\Line.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\LineGray.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\NextButton.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\PreviousButton.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\slider_ball.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\Title.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleAnimation.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleColors.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleHardware.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleLOD.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleMusic.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleReplays.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleReplays.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleScreen.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleSfx.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleTheme.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\Options\TitleTips.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ParticleFx\PixieDust1.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ParticleFx\PixieDust2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ParticleFx\PixieDust3.png
 
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank0.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank0_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank1.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank1_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank10_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank11.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank11_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank12.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank12_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank13.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank13_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank14.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank14_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank15.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank15_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank16.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank16_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank17.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank17_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank18.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank18_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank19.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank19_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank2.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank2_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank20.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank20_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank21.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank21_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank22.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank22_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank23.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank23_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank24.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank24_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank25.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank25_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank26.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank26_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank27.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank27_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank28.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank28_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank29.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank29_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank3.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank3_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank30.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank30_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank31.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank31_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank32.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank32_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank33.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank33_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank34.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank34_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank35.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank35_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank36.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank36_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank37.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank37_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank38.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank38_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank39.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank39_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank4.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank4_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank40.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank40_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank41.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank41_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank42.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank42_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank43.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank43_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank44.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank44_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank45.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank45_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank46.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank46_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank47.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank47_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank48.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank48_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank49.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank49_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank5.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank5_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank50.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank50_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank6.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank6_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank7.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank7_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank8.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank8_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank9.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\ranks\rank9_faded.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\roomsel\glow.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\roomsel\header.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\roomsel\playnow.gif
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\button.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\Checkbox.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\Dark.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\dialog.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\holder.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\items-alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\items-flat.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\login-aol.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\login-pogo.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Images\SignIn\watermark.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Microsoft.VC80.CRT.manifest
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Backdrop.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\BallReturn.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Gutter.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Lane_Main.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Lane_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\leaves.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\PinArea.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\PinLights.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\plants.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\single_pin_light.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Tar.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Gutter_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Lane_Main_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Lane_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\lanes_sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\leaves.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Leaves_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\pinarea.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\PinArea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\PinLights_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Plants_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\tar_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\textures\Tusks_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\0\Tusks.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\black.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Gutter_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Lane_Main_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Lane_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\lanes_sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\leaves.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Leaves_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\pinarea.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\PinArea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\PinLights_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Plants_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\tar_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\1\textures\Tusks_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\arrows.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Backdrop.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\BallReturn.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Gutter.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Lane_Main.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Lane_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\leaves.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\PinArea.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\PinLights.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Plants.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Steam_Ambient.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Tar.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\arrow_LightingMap.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\cave_ball_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire01.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire02.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire03.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire04.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire05.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire06.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire07.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire08.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire09.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire10.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire11.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire12.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire13.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire14.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire15.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\fire16.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\gutter_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_02_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_03_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_04_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_05_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_06_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_07_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_08_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_09_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Indicator_10_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Lane_Main_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Lane_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\lanes_sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\leaves.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Leaves_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\pinarea.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\PinArea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\PinLights_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Plants_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\ripple.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\tar_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\Tusks_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\textures\wave.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Tusks.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Caveman\2\Waves.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\arrows.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\backwall.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\BallReturn_Ropes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Disco_Ball.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Lanes_Ends.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\pinarea.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\arrows_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\backwall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\BallReturn_Ropes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\BallReturn_Ropes_left_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\BallReturn_Ropes_right_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\Disco_Ball_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\lanes_comp_ON.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\Lanes_Ends_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\pinarea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\side_lanes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\0\textures\side_pins_LightingMap.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\Approach_comp copy.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\arrows_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\backwall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\BallReturn_Ropes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\BallReturn_Ropes_left_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\BallReturn_Ropes_right_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\Disco_Ball_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\lanes_comp_ON.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\Lanes_Ends_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\pinarea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\side_lanes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\1\textures\side_pins_LightingMap.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\arrows.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\backwall.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\BallReturn_Ropes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Disco_Ball.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Lanes_Ends.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\pinarea.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\arrows.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\arrows_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\backwall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\ballreturn_left_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\ballreturn_right_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\ballreturn_ropes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\Disco_Ball_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\disco_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_02_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_03_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_04_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_05_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_06_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_07_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_08_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_09_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_10_LightingMap.png
 
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\laneglow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\lanes_comp_ON.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\Lanes_Ends_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\Lanes_Sides_comp_ON.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\pinarea_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\side_lanes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Disco\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\BackBoard.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\BallReturn.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\Jukebox.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\LaneDividers.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\Lanes.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\Lanes_Sides.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\PinBack.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\PinIndicatorLights.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\Sweep.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\50sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\BackBoard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\jukebox_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\LaneDividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\PinBack_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\PinIndicatorLights_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\0\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\50sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\BackBoard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\jukebox_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\LaneDividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\PinBack_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\1\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\BackBoard.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\BallReturn.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Jukebox.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\LaneDividers.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\PinBack.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\PinIndicatorLights.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\Sweep.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\50s_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\50sweep.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\BackBoard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\BallReturn_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_02_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_03_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_04_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_05_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_06_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_07_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_08_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_09_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Indicator_10_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\jukebox_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\LaneDividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\PinBack_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Fifties\2\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\approachDOTS.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\Backdrop.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\dust.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\Fence.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\flowers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\flowers_vines.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\foilage_back.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\foilage_front.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\Fountains.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\front_bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\light.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\outside_bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\outside_bushes_alpha.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\pinbushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\ripples.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Bushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\buttsnstuffdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\camerabushes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\camerabushes02.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\dust.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\dustALPHA01.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Fence_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Flowers_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\flowers_vines_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Fountains_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\front_bushes_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\lanedots_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\mask.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\outside_bushes_alpha_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\outside_bushes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\pinbushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\ripples_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\shrubdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\wall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\water_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\Water_Top_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\textures\waterglare.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\wall.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\0\weeds.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Bushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\buttsnstuffdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Fence_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Flowers_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\flowers_vines_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Fountains_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\front_bushes_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\lanedots_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\outside_bushes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\pinbushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\ripples_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\shrubdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\wall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\1\textures\water_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\approachDOTS.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Backdrop.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\dust.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Fence.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\flowers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\flowers_vines.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\foilage_back.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\foilage_front.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Fountains.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\FountainWater_Bottom.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\FountainWater_Top.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\front_bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\light.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\outside_bushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\outside_bushes_alpha.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\pinbushes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\ripples.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\approach.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Backdrop_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Bushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\buttsnstuffdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\camerabushes.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\camerabushes02.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\dust.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\dustALPHA01.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Fence_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Flowers_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\flowers_vines_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\fountain_water_alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Fountains_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\FountainWater_Bottom_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\FountainWater_Top_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\front_bushes_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\garden_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_02_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_03_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_04_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_05_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_06_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_07_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_08_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_09_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_10_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\lanedots_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\mask.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\outside_bushes_alpha_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\outside_bushes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\pinbushes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\ringdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\ripples_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\shrubdiff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\wall_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\water_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\Water_Top_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\waterglare.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\textures\weeds_LightingMap.png
 
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\wall.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\water.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\Water_Top.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\WaterHighlight.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Garden\2\weeds.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\leveldefinitions.xml
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Background.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Boat.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Boat_Base.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\indicator.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Lan.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Lane.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Lanes.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Main_Mast.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Masts.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\shark_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\sweep.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\approach_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\background_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Boat_Base_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Boat_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Lan_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\lane_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\lane_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\laneside_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Main_Mast_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\mast_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Masts_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\sweep_diff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Water_2_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Water_3_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\Water_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\textures\water_diff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Water.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Water_2.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\0\Water_3.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\approach_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\background_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Boat_Base_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Boat_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Lan_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\lane_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\lane_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\laneside_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Main_Mast_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\mast_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Masts_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Water_2_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Water_3_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\Water_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\1\textures\water_diff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Arrows.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Background.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Boat.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Boat_Base.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Lan.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Lane.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Lanes.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Main_Mast.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Masts.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\sweep.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\approach_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Arrows_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\background_Comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Boat_Base_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Boat_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\boatbits_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_02_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_03_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_04_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_05_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_06_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_07_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_08_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_09_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Indicator_10_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Lan_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\lane_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\lane_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Lanes_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\laneside_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Main_Mast_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\mast_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Masts_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\pirate_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\sweep_diff.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Water_2_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Water_3_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Water_comp.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\water_diff.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Waves_2_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\textures\Waves_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Water.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Water_2.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Water_3.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Waves.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Pirate\2\Waves_2.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\AlarmClock.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Backboard.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\BanisterEnds.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Chair.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Clock.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Clock_Door.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Dresser.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\EndTable.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Lamp.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Mitt.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\SofaChair.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Stove.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Sweep.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\AlarmClock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Backboard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\BanisterEnds_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Chair_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Clock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\dividers.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Dresser_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\EndTable_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Lamp_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\lane.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Mitt_Comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\SofaChair_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Stove_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\tv_clocktable.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\TV_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\vase_chair.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\textures\Vase_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\TV.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\0\Vase.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\AlarmClock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Backboard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\BanisterEnds_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Chair_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Clock_Door_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Clock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\desk_chest_clock.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\dividers.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Dresser_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\EndTable_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Lamp_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\lane.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Mitt_Comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\SofaChair_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Stove_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\tv_clocktable.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\TV_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\vase_chair.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\1\textures\Vase_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\AlarmClock.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Approach.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\arrows.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Backboard.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Ball_Return.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\BanisterEnds.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Camera.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Chair.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Clock.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Clock_Door.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Dividers.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Dresser.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\EndTable.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_01.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_02.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_03.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_04.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_05.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_06.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_07.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_08.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_09.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Indicator_10.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Lamp.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Lanes.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Lanes_Sides.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Mitt.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\side_pins.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\SofaChair.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Stove.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Sweep.X
 
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\AlarmClock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\alpha.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Approach_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\arrows_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Backboard_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\BanisterEnds_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Chair_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Clock_Door_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Clock_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\desk_chest_clock.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\dividers.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Dividers_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Dresser_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\EndTable_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\EnvironmentMap.dds
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Indicator_01_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\indicator_OFF.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\indicator_ON.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Lamp_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\lane.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Lanes_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Lanes_Sides_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Mitt_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\side_pins_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\SofaChair_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Stove_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Sweep_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\tv_clocktable.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\TV_comp.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\vase_chair.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\Vase_LightingMap.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\textures\wonky_pin.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\TV.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\Alleys\Wonky\2\Vase.X
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_0.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_1.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_2.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_3.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_4.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_5.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_6.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_7.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\ball_8.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\goldpin.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_0.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_1.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_2.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_3.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_4.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_5.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_coll_base.bin
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\pin_coll_base.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\silverpin.x
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\50s_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\50s_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\80s_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\blue_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\CannonFlash.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\CannonSmoke.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\cave_ball_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\disco_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\disco_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\garden_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\Garden_glitter.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\garden_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\gold.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\missing.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\pirate_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\pirate_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\red_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\shadow.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\silver.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\Smoke.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\Steam.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\TarSpray.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\TarSpraySECONDARY.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\WaterSpray.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\WaterSpraySECONDARY.png
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\wonky_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\wonky_ball_2.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\wonky_pin.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\Textures\yellow_ball.jpg
c:\program files (x86)\iWin.com\Way To Go Bowling\Models\GameElements\throwtarget.x
c:\program files (x86)\iWin.com\Way To Go Bowling\msvcp80.dll
c:\program files (x86)\iWin.com\Way To Go Bowling\msvcr80.dll
c:\program files (x86)\iWin.com\Way To Go Bowling\Oberon_EULA.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\POGO CADI Project.CAD
c:\program files (x86)\iWin.com\Way To Go Bowling\Pogo Games.lnk
c:\program files (x86)\iWin.com\Way To Go Bowling\Properties\bowling2_cdl.dat
c:\program files (x86)\iWin.com\Way To Go Bowling\Properties\Default.dat
c:\program files (x86)\iWin.com\Way To Go Bowling\Properties\StockAvatar.properties
c:\program files (x86)\iWin.com\Way To Go Bowling\Readme.txt
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\button.ogg
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\click.wav
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\dialog_button.ogg
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\dlog_appear.ogg
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\jackpot_reward.ogg
c:\program files (x86)\iWin.com\Way To Go Bowling\Sounds\slider_sound.wav
c:\program files (x86)\iWin.com\Way To Go Bowling\stdat.dat
c:\program files (x86)\iWin.com\Way To Go Bowling\Tools\dxwebsetup.exe
c:\program files (x86)\iWin.com\Way To Go Bowling\Tools\InstallFlash10.exe
c:\program files (x86)\iWin.com\Way To Go Bowling\Uninstall.exe
c:\program files (x86)\iWin.com\Way To Go Bowling\Way To Go! Bowling.ifn
c:\program files (x86)\iWin.com\Way To Go Bowling\Way To Go! Bowling.ifn.lnk
c:\program files (x86)\iWin.com\Way To Go Bowling\xmlparse.dll
c:\program files (x86)\iWin.com\Way To Go Bowling\xmltok.dll
c:\programdata\boost_interprocess\20120823030720.125599
c:\programdata\boost_interprocess\20120823030720.125599\9334581e-7251-4ef7-a8ec-5bfe8e89ff68
c:\programdata\boost_interprocess\20120823030720.125599\plex_frame_mutex
c:\users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}
c:\users\Leon\AppData\Local\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\@
c:\windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}
c:\windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\@
c:\windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\00000004.@
c:\windows\installer\{cdfbfaae-c187-f69e-5ab0-736f9b64c83d}\L\201d3dde
c:\windows\winstart.bat
.
 
.
((((((((((((((((((((((((( Files Created from 2012-07-23 to 2012-08-23 )))))))))))))))))))))))))))))))
.
.
2012-08-23 20:14 . 2012-08-23 20:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-08-23 20:14 . 2012-08-23 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-22 13:00 . 2012-08-22 13:00 -------- d-----w- c:\programdata\Kaspersky Lab
2012-08-22 07:11 . 2012-08-20 05:53 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4746E3C6-58AF-4DB1-9F61-6B369EAC665A}\mpengine.dll
2012-08-21 20:14 . 1998-10-29 20:45 306688 ----a-w- c:\windows\IsUninst.exe
2012-08-21 09:38 . 2012-08-21 09:39 -------- d-----w- C:\Reg help
2012-08-19 22:07 . 2012-08-19 22:08 -------- d-----w- c:\users\Leon\AppData\Local\Ubisoft Game Launcher
2012-08-18 08:03 . 2012-02-09 18:17 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0760393C-24F3-4828-A5A7-B17E8753C842}\gapaengine.dll
2012-08-18 08:03 . 2012-07-16 06:40 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-18 08:02 . 2012-08-18 08:02 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-18 08:02 . 2012-08-18 08:02 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-18 07:58 . 2012-08-18 07:58 39184 ----a-w- c:\windows\system32\Partizan.exe
2012-08-18 07:56 . 2012-08-23 20:17 -------- d-----w- c:\programdata\RegRun
2012-08-17 09:29 . 2012-08-17 23:55 -------- d-----w- C:\BackSys
2012-08-17 08:05 . 2012-08-17 08:05 39184 ----a-w- c:\windows\SysWow64\Partizan.exe
2012-08-17 08:05 . 2012-08-17 08:05 35816 ----a-w- c:\windows\SysWow64\drivers\Partizan.sys
2012-08-17 08:05 . 2012-06-27 20:01 12800 ----a-w- c:\windows\SysWow64\drivers\UnHackMeDrv.sys
2012-08-17 08:05 . 2012-08-23 04:33 -------- d-----w- c:\program files (x86)\UnHackMe
2012-08-16 04:27 . 2012-08-16 04:29 -------- d-----w- c:\program files (x86)\Oberon Media
2012-08-15 12:01 . 2012-08-15 12:01 -------- d-----w- C:\GameHouse Games
2012-08-14 14:03 . 2012-08-14 14:03 -------- d-----w- c:\users\Leon\AppData\Roaming\Pogo Games
2012-08-14 13:28 . 2012-08-14 13:28 -------- d-----w- c:\program files (x86)\Ask.com
2012-08-14 13:28 . 2012-08-14 13:28 -------- d-----w- c:\programdata\PogoDGC
2012-08-14 13:28 . 2012-08-23 02:01 -------- d-----w- c:\program files (x86)\Pogo Games
2012-08-14 13:01 . 2012-08-14 13:01 -------- d-----w- c:\program files (x86)\Gutterball Golden Pin Bowling
2012-08-13 14:37 . 2012-08-13 14:37 -------- d-----w- c:\users\Leon\AppData\Local\CRE
2012-08-13 13:50 . 2012-08-14 01:25 -------- d-----w- c:\users\Leon\AppData\Roaming\TuneUpMedia
2012-08-13 13:50 . 2012-08-13 13:50 -------- d-----w- c:\programdata\Trymedia
2012-08-13 13:50 . 2012-08-13 13:50 -------- d-----w- c:\users\Leon\AppData\Roaming\OpenCandy
2012-08-10 01:00 . 2012-08-10 01:00 -------- d-----w- c:\programdata\Media Center Programs
2012-08-10 01:00 . 2012-08-21 10:05 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-08-10 01:00 . 2012-08-21 10:05 46400 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-08-09 23:09 . 2012-08-09 23:09 -------- d-----w- C:\Ubisoft
2012-08-09 22:59 . 2012-08-09 22:59 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-08-02 01:18 . 2012-08-21 08:53 102832 ----a-w- c:\windows\system32\WRusr.dll
2012-08-02 01:18 . 2012-08-21 08:53 149688 ----a-w- c:\windows\SysWow64\WRusr.dll
2012-08-02 01:18 . 2012-08-21 08:53 110096 ----a-w- c:\windows\system32\drivers\WRkrn.sys
2012-08-02 01:18 . 2012-08-21 08:53 -------- d-----w- c:\program files\Webroot
2012-08-02 01:17 . 2012-08-22 12:59 -------- d-----w- c:\programdata\WRData
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:58 . 2012-04-09 19:54 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-21 09:58 . 2011-08-31 17:28 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-18 07:22 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-08-03 08:27 . 2011-11-25 22:53 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-13 10:24 . 2011-12-25 04:53 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-13 10:24 . 2011-12-25 04:53 34720 ----a-w- c:\windows\system32\LMIport.dll
2012-07-13 10:24 . 2011-12-25 04:53 80800 ----a-w- c:\windows\system32\LMIinit.dll
2012-07-03 17:46 . 2011-11-25 18:39 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-12 03:08 . 2012-07-11 07:04 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 03:44 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 03:38 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 03:38 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 03:41 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 03:38 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 03:38 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 03:41 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-19 10:33 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 10:33 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 10:33 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 10:33 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 10:33 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 10:33 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 10:33 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-19 10:32 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-19 10:32 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 12:49 . 2012-07-11 07:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 07:00 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 07:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 07:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 07:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 07:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 07:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 03:28 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 03:28 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:48 . 2012-07-11 03:28 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:45 . 2012-07-11 03:28 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 03:28 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 03:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 03:28 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 03:28 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 03:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-26 20:55 . 2012-05-26 20:55 252512 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-05-26 20:55 . 2012-05-26 20:55 1477728 ----a-w- c:\windows\system32\drivers\tdrpm258.sys
2012-05-26 20:55 . 2012-05-26 20:55 943712 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-05-26 20:55 . 2011-11-20 22:49 271456 ----a-w- c:\windows\system32\drivers\snapman.sys
 
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-23_06.58.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-08-23 07:11 68468 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-08-23 07:11 37108 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-11-20 22:36 . 2012-08-23 07:11 12960 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3191922543-261891716-3115826397-1000_UserData.bin
+ 2011-11-20 10:21 . 2012-08-23 19:33 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-20 10:21 . 2012-08-22 13:53 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-20 10:21 . 2012-08-23 19:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-11-20 10:21 . 2012-08-22 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-08-23 19:33 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-22 13:53 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-08-23 02:04 . 2012-08-23 04:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-08-23 20:16 . 2012-08-23 20:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-23 02:04 . 2012-08-23 04:34 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-23 20:16 . 2012-08-23 20:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-08-23 02:02 518104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-23 20:14 518104 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-11-20 22:31 . 2012-08-23 20:14 5888544 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3191922543-261891716-3115826397-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-05-04 19:43 1519272 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-05-04 1519272]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-22 880496]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-17 4527424]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-03-19 3478936]
"Plex Media Server"="c:\program files (x86)\Plex\Plex Media Server\Plex Media Server.exe" [2012-08-03 3066600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="j:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2011-11-12 268640]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-05-30 885760]
"WRSVC"="c:\program files\Webroot\WRSA.exe" [2012-08-21 710504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-05-04 1561768]
.
c:\users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
_uninst_25156082.lnk - c:\users\Leon\AppData\Local\Temp\_uninst_25156082.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0Partizan\0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 136176]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [2009-10-16 29184]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 250568]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-10-26 10496512]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-10-26 326656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 136176]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]
R3 LeapFrog-USBLAN;LeapFrog-USBLAN;c:\windows\system32\DRIVERS\btblan.sys [2009-10-10 40320]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-02 129976]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-04-10 25072]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-22 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2012-05-26 1477728]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys [2012-08-21 110096]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-21 271424]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-11-09 49752]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2012/04/28 06:09];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-01-12 02:57 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-05-26 2480048]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-01-12 87336]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-01-12 75048]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-01-12 296232]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-02-08 149640]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-13 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [2009-10-16 1039360]
S2 MBAMService;MBAMService;j:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2011-10-27 82928]
S2 PGMTrusted;PGMTrusted;c:\program files (x86)\Pogo Games\PGMTrusted.exe [2012-01-04 519888]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2009-10-16 606048]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
S2 WRSVC;WRSVC;c:\program files\Webroot\WRSA.exe [2012-08-21 710504]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-05-26 252512]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2012-01-19 435240]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
 
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 09:58]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 09:09]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-04 09:09]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000Core.job
- c:\users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 20:31]
.
2012-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000UA.job
- c:\users\Leon\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 20:31]
.
2012-08-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
2012-08-23 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-04-13 06:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 01:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://ohiostate.247sports.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?l=dis&o=APN10145&gct=hp
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=POGO&o=APN10145&locale=en_US&apn_uid=18a60966-a306-4305-bf68-472ec0f55ad9&apn_ptnrs=^A6C&apn_sauid=486DBF7F-E1F0-40BA-8F0B-84A8FFBA79AC&apn_dtid=^YYYYYY^YY^US&&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100486
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.hardId - 1822a25a0000000000009439e523de35
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15355
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.173:24
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-Way To Go Bowling - c:\program files (x86)\iWin.com\Way To Go Bowling\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3191922543-261891716-3115826397-1000_Classes\Wow6432Node\CLSID\{565dafb4-e43a-4a0f-955e-a877f9751fa0}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000005a
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-3191922543-261891716-3115826397-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):ae,b7,62,3d,5f,32,49,d5,5e,9c,11,fd,d7,c3,98,c1,b7,ea,b0,f7,81,
12,27,ea,2a,f3,00,0e,36,2e,5f,fe,43,96,6d,be,fc,7e,04,25,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\crypserv.exe
c:\program files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\UnHackMe\hackmon.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
.
**************************************************************************
.
Completion time: 2012-08-23 16:24:43 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-23 20:24
ComboFix2.txt 2012-08-23 07:01
.
Pre-Run: 111,917,797,376 bytes free
Post-Run: 111,701,508,096 bytes free
.
- - End Of File - - 9317A29489E7643DA71A8FA5FDAD4C24


Man, that was a long file. :)
 
:)

Looks good....

Any current issues?

================================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
  • Like
Reactions: bud11dy
Windows update will let me see how many updates I have, but gives me an error 80246008 Windows Update encountered an unknown error.
Microsoft Security definitions will not update.

Here is the OTL log:

OTL logfile created on: 8/24/2012 3:53:31 AM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Leon\Desktop\Virus removal help
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.15 Gb Available Physical Memory | 76.33% Memory free
23.96 Gb Paging File | 20.87 Gb Available in Paging File | 87.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.22 Gb Total Space | 103.90 Gb Free Space | 11.32% Space Free | Partition Type: NTFS
Drive J: | 1863.01 Gb Total Space | 195.67 Gb Free Space | 10.50% Space Free | Partition Type: NTFS

Computer Name: LEON-PC | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/08/24 03:52:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Leon\Desktop\Virus removal help\OTL.exe
PRC - [2012/08/03 05:41:48 | 001,444,584 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
PRC - [2012/08/03 05:41:48 | 000,033,512 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
PRC - [2012/08/03 05:41:46 | 003,066,600 | ---- | M] (Plex, Inc.) -- C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/13 03:32:56 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/06/27 16:01:36 | 000,595,216 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\UnHackMe\hackmon.exe
PRC - [2012/05/26 16:55:33 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012/05/22 04:22:51 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/03/19 10:45:58 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/01/23 00:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/01/20 05:11:18 | 002,594,584 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 05:11:14 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/01/12 09:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/01/12 09:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/01/12 09:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/01/04 10:40:48 | 000,519,888 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
PRC - [2011/11/12 12:04:12 | 000,268,640 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2011/11/12 11:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2011/10/17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/09/06 14:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 12:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 12:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/17 03:29:20 | 004,527,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
PRC - [2011/08/17 03:28:14 | 003,120,448 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2011/08/01 14:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/05/30 11:30:00 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2010/05/25 09:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/03 05:42:52 | 000,044,264 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
MOD - [2012/08/03 05:42:52 | 000,033,000 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
MOD - [2012/08/03 05:42:50 | 000,057,576 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
MOD - [2012/08/03 05:42:50 | 000,017,128 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
MOD - [2012/08/03 05:42:48 | 000,195,816 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
MOD - [2012/08/03 05:42:46 | 000,841,448 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
MOD - [2012/08/03 05:42:44 | 000,825,064 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
MOD - [2012/08/03 05:42:44 | 000,049,896 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
MOD - [2012/08/03 05:42:42 | 000,033,512 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_multiprocessing.pyd
MOD - [2012/08/03 05:42:40 | 000,365,800 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
MOD - [2012/08/03 05:42:38 | 000,093,928 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
MOD - [2012/08/03 05:42:36 | 000,590,056 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
MOD - [2012/08/03 05:42:34 | 000,134,376 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
MOD - [2012/08/03 05:42:34 | 000,017,128 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
MOD - [2012/08/03 05:42:30 | 000,141,544 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll
MOD - [2012/08/03 05:42:28 | 008,494,824 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll
MOD - [2012/08/03 05:42:28 | 000,628,968 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
MOD - [2012/08/03 05:42:24 | 000,587,080 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\sqlite3.dll
MOD - [2012/08/03 05:42:22 | 000,150,248 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
MOD - [2012/08/03 05:42:22 | 000,086,760 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
MOD - [2012/08/03 05:42:16 | 000,173,288 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
MOD - [2012/08/03 05:42:14 | 001,009,896 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
MOD - [2012/08/03 05:42:10 | 000,063,208 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
MOD - [2012/08/03 05:42:06 | 001,290,984 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll
MOD - [2012/08/03 05:41:56 | 000,952,552 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll
MOD - [2012/08/03 05:41:54 | 001,038,568 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll
MOD - [2012/08/03 05:41:54 | 000,271,624 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avutil-50.dll
MOD - [2012/08/03 05:41:52 | 001,254,672 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avformat-52.dll
MOD - [2012/08/03 05:41:50 | 005,827,912 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\avcodec-52.dll
MOD - [2012/08/03 05:41:48 | 000,033,512 | ---- | M] () -- C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
MOD - [2012/06/13 03:32:14 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/13 03:32:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:32:01 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/13 03:31:58 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/10 03:32:43 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012/05/10 03:29:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 03:28:23 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 03:28:20 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:28:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:28:17 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:28:13 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/09/14 09:19:06 | 008,500,224 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2011/09/14 09:19:06 | 002,348,544 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2011/08/18 12:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/05/30 11:30:00 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2011/05/30 11:25:10 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2011/05/30 11:25:10 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/08/21 04:53:29 | 000,710,504 | ---- | M] (Webroot) [Auto | Stopped] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/12/03 19:07:31 | 000,048,128 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2011/10/25 22:00:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/10/16 12:06:39 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2009/10/16 11:53:45 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/05/07 19:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\SysNative\Crypserv.exe -- (Crypkey License)
SRV - [2012/08/21 05:58:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 06:24:29 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/07/13 06:24:19 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/05/26 16:55:33 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/05/15 06:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/05/15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/02 13:26:09 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/21 03:29:00 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/01/23 00:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/01/20 05:11:18 | 002,594,584 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 05:11:14 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/12 09:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/01/12 09:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/01/12 09:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/01/04 10:40:48 | 000,519,888 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\Pogo Games\PGMTrusted.exe -- (PGMTrusted)
SRV - [2011/12/12 19:18:27 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2011/11/12 11:21:58 | 006,141,792 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2011/10/17 16:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/09/16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011/08/31 13:41:44 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 12:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/03/27 16:09:22 | 001,054,568 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/16 19:39:50 | 000,606,048 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/10/16 12:06:30 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)
SRV - [2009/10/16 11:53:45 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 06:05:33 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012/08/21 06:05:33 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012/08/21 04:53:29 | 000,110,096 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2012/07/13 06:24:20 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/05/26 16:55:34 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012/05/26 16:55:31 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258)
DRV:64bit: - [2012/05/26 16:55:29 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/05/26 16:55:23 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/04/18 13:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/04/10 15:04:32 | 000,025,072 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/07 22:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/01/19 00:30:42 | 000,435,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/12/03 19:07:30 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2011/12/03 19:07:21 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/11/21 05:23:13 | 000,271,424 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/11/20 18:49:36 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2011/10/25 23:05:10 | 010,496,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/25 21:21:58 | 000,326,656 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/10/17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/23 01:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/08/31 15:18:53 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/31 15:18:53 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/06 18:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/09 14:56:12 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/09 21:22:42 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/03/17 13:12:26 | 000,028,664 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Ckldrv.sys -- (NetworkX)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/08/17 04:05:10 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan)
DRV - [2012/01/11 22:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/04/28 06:09:51] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011/10/27 02:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2011/09/16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ohiostate.247sports.com/
IE - HKCU\..\SearchScopes,DefaultScope = {E7539D59-8603-4857-8493-ACA3AC80582F}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searc...SP_ss&mntrId=1822a25a0000000000009439e523de35
IE - HKCU\..\SearchScopes\{3E423CA8-C5E5-42D5-AFF7-ED3479C209FC}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2559647
IE - HKCU\..\SearchScopes\{92E4FF24-B48F-45C8-A830-66040A8B2C38}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=486DBF7F-E1F0-40BA-8F0B-84A8FFBA79AC
IE - HKCU\..\SearchScopes\{E7539D59-8603-4857-8493-ACA3AC80582F}: "URL" = http://www.google.com/search?q={sea...ng?}&oe={outputEncoding?}&rlz=1I7GGHP_enUS460
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=APN10145&gct=hp"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=POGO&o=APN10145&locale=en_US&apn_uid=18a60966-a306-4305-bf68-472ec0f55ad9&apn_ptnrs=^A6C&apn_sauid=486DBF7F-E1F0-40BA-8F0B-84A8FFBA79AC&apn_dtid=^YYYYYY^YY^US&&q="
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Leon\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Leon\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{98e34367-8df7-42b4-837b-20b892ff0849}: C:\ProgramData\PogoDGC\firefox [2012/08/14 09:28:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/02 13:26:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/21 15:40:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Leon\AppData\Roaming\IDM\idmmzcc5 [2012/08/23 16:27:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Leon\AppData\Roaming\IDM\idmmzcc5 [2012/08/23 16:27:34 | 000,000,000 | ---D | M]

[2012/07/23 16:17:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\Mozilla\Extensions
[2012/04/11 19:16:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2012/08/23 16:35:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\extensions
[2012/02/08 10:47:25 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\extensions\ffxtlbr@babylon.com
[2012/07/23 16:17:52 | 000,000,000 | ---D | M] ("ArcadeWeb") -- C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\extensions\text_links@arcadeweb.com
[2012/08/14 09:30:18 | 000,002,584 | ---- | M] () -- C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\2fxd3s89.default\searchplugins\askcom.xml
[2011/12/30 21:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/02 13:26:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/01/16 04:24:57 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/05/02 13:26:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/05/02 13:26:08 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========
 
CHR - homepage: http://easy-google-search.blogspot.com/
CHR - default_search_provider: Conduit (Enabled)
CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2402945
CHR - default_search_provider: suggest_url = http://search.conduit.com/,
CHR - homepage: http://easy-google-search.blogspot.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leon\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Leon\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Leon\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Leon\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpjidcokcfencofcmondgimdoobddnoe\2.3.15.509_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - Extension: YouTube = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Facebook Colour Changer = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpllmoilcakpgbeodibeifcfnndoheam\1.3.1_0\
CHR - Extension: Pandora to Spotify Playlist Converter = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgkmfkggcmoclhipfkabaemflflellek\0.4.1_0\
CHR - Extension: Google Search = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: PandoraControl Beta = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dckjilenognecmpjjpeckgekikdpchli\0.2.3_0\
CHR - Extension: FB Photo Zoom = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1206.11.1_0\
CHR - Extension: Facebook Background Changer = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnlfbokmiehpnhgdjlmedakkchfldmj\3.0.18_0\
CHR - Extension: Pandora = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: AdBlock = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Last.fm Scrobbler = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm\1.9_0\
CHR - Extension: Weather Window by WeatherBug = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\1.0.12_0\
CHR - Extension: Command & Conquer Tiberium Alliances = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe\1.0.6_0\
CHR - Extension: Typing Test - KeyHero = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.4.0_0\
CHR - Extension: FVD Video Downloader = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.2.9_0\
CHR - Extension: Fieldrunners = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: 3D Solar System Web = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd\0.32_0\
CHR - Extension: DSL speedtest = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_0\
CHR - Extension: 3Dnator! = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc\1.0.12_0\
CHR - Extension: Play (Grooveshark\u2122, Google Music\u2122, Pandora\u2122) = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocimhajpehjmepnegklahceceebnened\2.3_0\
CHR - Extension: iCloud Dashboard 2 = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojmdhklabgbnnkkilmkcfcemdhognifc\2.0.4.1_0\
CHR - Extension: iCloud = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjfjiepcafjlmaopmmdfcmdjldjfhlki\1.0.0_0\
CHR - Extension: Gmail = C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/23 16:17:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\21.0.1180.83\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] j:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Plex Media Server] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O4 - Startup: C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_25156082.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://I.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{367D4C99-2C77-4799-A525-C75D9930EBE0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\21.0.1180.83\npchrome_frame.dll (Google Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\615\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (ootExecute settings...)
O34 - HKLM BootExecute: (ount)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/23 16:27:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/22 21:53:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/22 21:53:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/22 21:53:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/22 21:53:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/22 21:53:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/08/22 21:52:39 | 004,736,524 | R--- | C] (Swearware) -- C:\Users\Leon\Desktop\ComboFix_2.exe
[2012/08/22 12:32:34 | 000,000,000 | ---D | C] -- C:\Users\Leon\Desktop\Virus removal help
[2012/08/22 09:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/08/21 05:38:56 | 000,000,000 | ---D | C] -- C:\Reg help
[2012/08/19 18:07:52 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Local\Ubisoft Game Launcher
[2012/08/19 18:07:50 | 000,000,000 | ---D | C] -- C:\Users\Leon\Documents\Settlers7
[2012/08/19 18:05:57 | 000,000,000 | ---D | C] -- C:\Users\Leon\Desktop\New Folder (3)
[2012/08/18 04:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/08/18 04:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/18 03:58:23 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2012/08/18 03:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2012/08/18 01:30:09 | 000,000,000 | ---D | C] -- C:\Users\Leon\Desktop\Warrior
[2012/08/17 05:29:45 | 000,000,000 | ---D | C] -- C:\BackSys
[2012/08/17 04:05:10 | 000,039,184 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\Partizan.exe
[2012/08/17 04:05:10 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2012/08/17 04:05:08 | 000,000,000 | ---D | C] -- C:\Users\Leon\Documents\RegRun2
[2012/08/17 04:05:07 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2012/08/17 04:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2012/08/17 04:05:07 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2012/08/17 04:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2012/08/16 00:30:31 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
[2012/08/16 00:27:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oberon Media
[2012/08/15 08:01:07 | 000,000,000 | ---D | C] -- C:\GameHouse Games
[2012/08/14 10:03:45 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Pogo Games
[2012/08/14 09:31:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC
[2012/08/14 09:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PogoDGC
[2012/08/14 09:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pogo Games
[2012/08/14 09:28:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pogo Games
[2012/08/14 09:01:32 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gutterball Golden Pin Bowling
[2012/08/14 09:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gutterball Golden Pin Bowling
[2012/08/13 10:37:28 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Local\CRE
[2012/08/13 09:50:35 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\TuneUpMedia
[2012/08/13 09:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2012/08/13 09:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse
[2012/08/13 09:50:01 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\OpenCandy
[2012/08/11 08:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
[2012/08/09 21:07:21 | 000,000,000 | ---D | C] -- C:\Users\Leon\Documents\THE SETTLERS - Rise of an Empire
[2012/08/09 21:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2012/08/09 19:09:26 | 000,000,000 | ---D | C] -- C:\Ubisoft
[2012/08/09 19:08:36 | 000,000,000 | ---D | C] -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2012/08/09 18:59:25 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012/08/01 21:18:06 | 000,102,832 | ---- | C] (Webroot) -- C:\Windows\SysNative\WRusr.dll
[2012/08/01 21:18:05 | 000,149,688 | ---- | C] (Webroot) -- C:\Windows\SysWow64\WRusr.dll
[2012/08/01 21:18:05 | 000,110,096 | ---- | C] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys
[2012/08/01 21:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2012/08/01 21:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\WRData
[2012/07/27 16:31:43 | 000,701,499 | ---- | C] (CheatHappens) -- C:\Users\Leon\Desktop\sr3-bud11dy.exe
[2012/07/26 15:41:38 | 000,000,000 | ---D | C] -- C:\Users\Leon\Desktop\Fair
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/24 03:41:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000UA.job
[2012/08/24 03:38:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/24 03:38:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/24 03:29:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/23 16:35:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/23 16:35:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/23 16:27:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/23 16:25:54 | 1059,942,398 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/23 16:17:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/23 16:16:46 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/08/23 06:41:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3191922543-261891716-3115826397-1000Core.job
[2012/08/22 21:52:33 | 004,736,524 | R--- | M] (Swearware) -- C:\Users\Leon\Desktop\ComboFix_2.exe
[2012/08/22 09:00:00 | 000,001,008 | ---- | M] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_25156082.lnk
[2012/08/22 08:58:50 | 000,000,512 | ---- | M] () -- C:\Users\Leon\Documents\MBR.dat
[2012/08/21 18:50:22 | 000,849,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/21 18:50:22 | 000,708,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/21 18:50:22 | 000,142,788 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/21 17:41:39 | 000,002,447 | ---- | M] () -- C:\Users\Leon\Desktop\Google Chrome.lnk
[2012/08/21 15:40:12 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/21 06:05:33 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012/08/21 06:05:33 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012/08/21 04:53:29 | 000,149,688 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll
[2012/08/21 04:53:29 | 000,110,096 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys
[2012/08/21 04:53:29 | 000,102,832 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll
[2012/08/18 04:03:06 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/18 04:02:55 | 000,863,382 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/18 03:58:23 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2012/08/18 01:37:10 | 000,000,537 | -H-- | M] () -- C:\regrun.war
[2012/08/17 04:05:10 | 000,039,184 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\Partizan.exe
[2012/08/17 04:05:10 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2012/08/17 04:05:09 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2012/08/17 04:05:09 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2012/08/17 04:05:07 | 000,000,905 | ---- | M] () -- C:\Users\Leon\Desktop\UnHackMe.lnk
[2012/08/16 00:30:31 | 000,002,130 | ---- | M] () -- C:\Users\Leon\Desktop\Way To Go! Bowling.lnk
[2012/08/16 00:30:31 | 000,001,142 | ---- | M] () -- C:\Users\Leon\Desktop\Pogo Games.lnk
[2012/08/14 09:31:21 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Way To Go Bowling.lnk
[2012/08/14 09:28:12 | 000,001,880 | ---- | M] () -- C:\Users\Leon\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Pogo Games.lnk
[2012/08/14 09:28:12 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\Play Pogo Games.lnk
[2012/08/14 09:01:32 | 000,002,050 | ---- | M] () -- C:\Users\Leon\Desktop\Gutterball Golden Pin Bowling.lnk
[2012/08/13 09:50:04 | 000,000,143 | ---- | M] () -- C:\Users\Leon\Desktop\More Games at GameHouse.com.url
[2012/08/13 08:07:51 | 000,001,866 | ---- | M] () -- C:\Users\Leon\Desktop\Rocket Bowl.lnk
[2012/08/11 08:29:39 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/08/09 21:07:09 | 000,000,760 | ---- | M] () -- C:\Users\Leon\Desktop\THE SETTLERS - Rise of an Empire - Shortcut.lnk
[2012/08/09 19:08:36 | 000,000,334 | ---- | M] () -- C:\Users\Leon\Desktop\Ghost Recon Online (NCSA-Live).appref-ms
[2012/08/09 14:04:58 | 000,291,904 | ---- | M] () -- C:\Users\Leon\Desktop\set6-bud11dy.exe
[2012/08/05 14:13:29 | 000,003,584 | ---- | M] () -- C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/05 03:37:34 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/27 09:30:44 | 000,701,499 | ---- | M] (CheatHappens) -- C:\Users\Leon\Desktop\sr3-bud11dy.exe
[2012/07/27 03:51:35 | 000,095,338 | ---- | M] () -- C:\Users\Leon\Documents\LSutton_Resume.pdf
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/22 21:53:17 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/22 21:53:17 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/22 21:53:17 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/22 21:53:17 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/22 21:53:17 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/22 09:00:00 | 000,001,008 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_25156082.lnk
[2012/08/22 08:58:50 | 000,000,512 | ---- | C] () -- C:\Users\Leon\Documents\MBR.dat
[2012/08/21 16:15:00 | 000,002,944 | ---- | C] () -- C:\Windows\SKLANG.INI
[2012/08/18 04:02:57 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/08/17 05:27:29 | 000,000,537 | -H-- | C] () -- C:\regrun.war
[2012/08/17 04:05:09 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2012/08/17 04:05:09 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2012/08/17 04:05:07 | 000,000,905 | ---- | C] () -- C:\Users\Leon\Desktop\UnHackMe.lnk
[2012/08/16 00:30:31 | 000,002,130 | ---- | C] () -- C:\Users\Leon\Desktop\Way To Go! Bowling.lnk
[2012/08/16 00:30:31 | 000,001,142 | ---- | C] () -- C:\Users\Leon\Desktop\Pogo Games.lnk
[2012/08/14 09:31:21 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Way To Go Bowling.lnk
[2012/08/14 09:28:12 | 000,001,880 | ---- | C] () -- C:\Users\Leon\Application Data\Microsoft\Internet Explorer\Quick Launch\Play Pogo Games.lnk
[2012/08/14 09:28:12 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\Play Pogo Games.lnk
[2012/08/14 09:01:32 | 000,002,050 | ---- | C] () -- C:\Users\Leon\Desktop\Gutterball Golden Pin Bowling.lnk
[2012/08/13 09:50:04 | 000,000,143 | ---- | C] () -- C:\Users\Leon\Desktop\More Games at GameHouse.com.url
[2012/08/09 21:07:09 | 000,000,760 | ---- | C] () -- C:\Users\Leon\Desktop\THE SETTLERS - Rise of an Empire - Shortcut.lnk
[2012/08/09 21:05:58 | 000,291,904 | ---- | C] () -- C:\Users\Leon\Desktop\set6-bud11dy.exe
[2012/08/09 21:00:04 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2012/08/09 21:00:04 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2012/08/09 19:08:36 | 000,000,334 | ---- | C] () -- C:\Users\Leon\Desktop\Ghost Recon Online (NCSA-Live).appref-ms
[2012/08/08 18:05:57 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/05 14:09:10 | 000,003,584 | ---- | C] () -- C:\Users\Leon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/27 05:39:12 | 000,000,110 | ---- | C] () -- C:\Users\Leon\Desktop\More Trainers @ GameCopyWorld.url
[2012/07/27 03:51:35 | 000,095,338 | ---- | C] () -- C:\Users\Leon\Documents\LSutton_Resume.pdf
[2012/07/14 15:31:57 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/06/13 20:47:04 | 000,000,068 | ---- | C] () -- C:\Windows\spwdr.INI
[2012/06/13 20:46:20 | 000,000,077 | ---- | C] () -- C:\Windows\Crypkey.ini
[2012/06/13 20:46:17 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2012/06/13 20:46:17 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2012/06/13 20:46:17 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2012/06/13 20:46:15 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\StellarProfile.dll
[2012/05/15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/26 12:42:39 | 000,000,319 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/16 04:17:01 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/01/16 04:17:01 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/01/09 19:17:50 | 000,000,600 | ---- | C] () -- C:\Users\Leon\AppData\Roaming\winscp.rnd
[2011/11/25 19:33:02 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2011/11/25 19:33:02 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2011/11/25 19:33:02 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2011/11/25 19:32:47 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2011/11/25 19:32:47 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2011/11/25 19:32:47 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2011/11/25 19:32:47 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2011/11/25 19:32:47 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2011/11/25 19:32:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2011/11/25 19:32:47 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2011/11/25 19:32:47 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2011/11/25 19:32:46 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2011/11/25 19:32:46 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2011/11/25 19:32:46 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2011/11/25 19:32:46 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2011/11/25 19:32:46 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2011/11/25 19:32:46 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2011/10/25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/10/25 21:38:38 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/10/25 21:38:38 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/09/12 18:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/08/31 15:23:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/31 13:42:10 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/08/31 13:42:10 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/08/31 13:42:10 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/08/31 13:42:07 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/08/31 13:42:07 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/02/10 12:10:51 | 000,863,382 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/05/26 17:01:43 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Acronis
[2012/01/16 04:24:56 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Babylon
[2012/02/05 19:44:59 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\calibre
[2012/07/16 21:53:22 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/07/17 20:38:55 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/03/13 02:24:29 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Command and Conquer 4
[2011/11/21 05:32:21 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\DAEMON Tools Pro
[2012/08/23 15:56:34 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\DMCache
[2011/11/22 20:46:55 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Fanda Games
[2011/11/20 06:22:38 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Fingertapps
[2012/05/02 08:42:09 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\HideIPEasy
[2012/08/17 04:44:03 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\IDM
[2011/11/20 06:22:19 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Leadertech
[2011/12/06 10:41:38 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Lexmark Productivity Studio
[2012/08/13 09:50:03 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\OpenCandy
[2012/02/20 11:01:51 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Origin
[2011/11/20 15:03:17 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\PCDr
[2012/08/14 10:03:45 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Pogo Games
[2012/02/26 08:33:18 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\redsn0w
[2012/03/23 19:47:05 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Rovio
[2012/05/27 00:35:46 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Seas0nPass
[2012/01/24 19:16:00 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Sierra Entertainment
[2012/04/09 18:05:10 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\SystemRequirementsLab
[2011/12/03 07:35:53 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Thinstall
[2012/04/11 19:16:17 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\TomTom
[2012/08/13 21:25:01 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\TuneUpMedia
[2011/11/27 05:32:39 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Ubisoft
[2012/08/24 04:00:56 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\uTorrent
[2012/01/02 10:10:11 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\wargaming.net
[2011/12/23 15:42:57 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\WindSolutions
[2012/04/08 07:22:23 | 000,000,000 | ---D | M] -- C:\Users\Leon\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/08/11 08:29:39 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2009/07/14 01:08:49 | 000,029,678 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/08/23 16:16:46 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 187 bytes -> C:\ProgramData\Temp:2D0C22DC
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:D32974C3
< End of report >
 
Extras:

OTL Extras logfile created on: 8/24/2012 3:53:31 AM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Leon\Desktop\Virus removal help
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 9.15 Gb Available Physical Memory | 76.33% Memory free
23.96 Gb Paging File | 20.87 Gb Available in Paging File | 87.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.22 Gb Total Space | 103.90 Gb Free Space | 11.32% Space Free | Partition Type: NTFS
Drive J: | 1863.01 Gb Total Space | 195.67 Gb Free Space | 10.50% Space Free | Partition Type: NTFS

Computer Name: LEON-PC | User Name: Leon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = internetshortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- J:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- J:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"AntivirusOverride" = 0
"AntiSpywareDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{14B4C916-4EB8-42AC-9F24-71B7B02FFBA5}C:\program files (x86)\plex\plex media server\plexdlnaserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\plex\plex media server\plexdlnaserver.exe |
"TCP Query User{72E16170-00DF-4CC1-82E9-BFAD899412CC}C:\program files (x86)\plex\plex media server\plexscripthost.exe" = protocol=6 | dir=in | app=c:\program files (x86)\plex\plex media server\plexscripthost.exe |
"TCP Query User{F7A3814B-B286-4AB2-95EE-A5AEDFBDF56A}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{FE9791A5-AC0A-4E53-BB0D-F11D5DEA42D4}C:\program files (x86)\plex\plex media server\plex media server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\plex\plex media server\plex media server.exe |
"UDP Query User{1FEF0947-013E-4C8D-8FD0-4B1224E4115B}C:\program files (x86)\plex\plex media server\plex media server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\plex\plex media server\plex media server.exe |
"UDP Query User{72DF2CE3-C49C-4BD8-A43A-4B562FA9BE80}C:\program files (x86)\plex\plex media server\plexdlnaserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\plex\plex media server\plexdlnaserver.exe |
"UDP Query User{8B25DEDF-2E16-4F7D-BEE3-49BEAB2412F3}C:\program files (x86)\plex\plex media server\plexscripthost.exe" = protocol=17 | dir=in | app=c:\program files (x86)\plex\plex media server\plexscripthost.exe |
"UDP Query User{CB160C1D-89BD-4598-871C-2E6BEB5BDD53}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Broadcom Wireless Utility" = Broadcom Wireless Utility
"Dell Support Center" = Dell Support Center
"DW WLAN Card" = DW WLAN Card
"File Governor_is1" = File Governor v1.5.1
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.10 beta 3 (64-bit)
 
You must log in or register to reply here.

Similar threads

adel87
Pixma mp550 printer won`t turn on
Replies
0
Views
561
adel87
adel87
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
1K
eriksnyman1
E
Shawn Knight
Casio baked a step tracker into this retro wristwatch
Replies
4
Views
539
mbk34
M

Latest posts

Back