Lots of crashes with mozalloc.dll

Users and developers helping users with generic and technical Pale Moon issues on all operating systems.

Moderator: trava90

Forum rules
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-06, 09:54

KERNELBASE.dll should not be linked into the process for Pale Moon. Two options, one being malware as dark_moon pointed out, and another possibility (according to Microsoft) is that your Windows user profile got corrupted - kernelbase.dll errors have quite a few hits in search engines.
Create a new user profile in Windows (Control panel -> user accounts) and see if the new Windows profile still gives you the errors you have now.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-06, 18:03

dark_moon wrote:Hmm i found some bad infos about your sites. Look here:(edited)

Malware infected sites. Scan your pc
You can aswell post a hijackthis log

Please remove the sites and tell me if you read this, cause then i remove the sites too.
Hi

These are just entries in the Fanboy Adblock list and the specific text visible in the report is from Adblock's elemhide.css.
The hang was caused by Adblock's Element hider helper.
Kernelbase.dll might be worse news.
Last edited by blind12 on 2013-03-06, 19:43, edited 1 time in total.

dark_moon

Re: Lots of crashes with mozalloc.dll

Unread post by dark_moon » 2013-03-06, 18:09

Hmm ok. Please remove the postet sites

But a malware scan would be nice and the hijackthis log too.

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-07, 17:31

Hi, on a side note, what can cause no updating of session etc? Even if I don't crash but exit properly, the session later restored is *very* old. It should be updated very frequently right?
I notice that I've changed the browser.sessionstore.interval to 60 seconds, probably for smoother video, instead of 10 but sessions restored are truly ancient.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-07, 21:07

Sessions are stored at regular intervals (the default for Pale moon is 60 seconds, by the way, and not 10 like Firefox...) so if the sessions you get restored are really ancient then it's not saved to disk for the new session. Are you sure Pale Moon isn't being "sandboxed" or running in a "protected" environment? That could explain both the crashes and your sessions not being stored, as well as odd Windows API dlls being loaded like kernelbase.dll that normally aren't present as loaded modules for the application. You may want to check if AVG hasn't inadvertently left behind some parts of its suite causing these issues... And I do recommend trying to create a new Windows user profile to see if that helps your case any.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 16:24

Malwarebytes never finds a thing.
Neither does Avast aswMBR.

I havent done a Hijack scan but I did OldTimerListit scans. These scans were done after I disabled tons of HP, Java and other bloatware, Google, Java and Flash updaters etc from autostarting. The laptop runs much cooler now.

OTL part 1
OTL logfile created on: 7.03.2013 22:51:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\00-soft\00-Security
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000425 | Country: Eesti | Language: ETI | Date Format: d.MM.yyyy

3,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,49% Memory free
6,00 Gb Paging File | 5,08 Gb Available in Paging File | 84,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 44,25 Gb Total Space | 3,55 Gb Free Space | 8,03% Space Free | Partition Type: NTFS
Drive G: | 30,28 Gb Total Space | 0,36 Gb Free Space | 1,18% Space Free | Partition Type: NTFS

Computer Name: HP_8510W_2 | User Name: Jörgen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.02.22 19:58:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\00-soft\00-Security\Pchelp malware removal 01- Diagnostic scan - OTL.exe
PRC - [2013.02.10 15:29:16 | 000,534,160 | ---- | M] (QFX Software Corporation) -- C:\Program Files\KeyScrambler\KeyScrambler.exe
PRC - [2013.01.22 08:18:37 | 001,057,616 | ---- | M] (BitTorrent Inc.) -- C:\Users\Jörgen\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2012.12.24 12:19:52 | 000,117,424 | ---- | M] () -- C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe
PRC - [2012.12.16 13:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012.12.12 10:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Program Files\PDF24\pdf24.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.11.21 10:56:56 | 000,162,696 | ---- | M] () -- C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
PRC - [2012.09.17 20:05:18 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.09.17 20:05:18 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.09.17 20:04:23 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010.11.16 15:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.02.25 14:18:20 | 000,076,856 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009.05.19 18:27:24 | 000,110,592 | ---- | M] () -- C:\ProgramData\DatacardService\DCSHOST.exe
PRC - [2009.05.14 06:50:00 | 003,466,488 | ---- | M] (C. Ghisler & Co.) -- C:\Program Files\wincmd\TOTALCMD.EXE
PRC - [2007.01.01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.03 07:52:31 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.03.03 07:52:13 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 04:08:23 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 04:07:46 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 04:07:26 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 04:07:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 04:07:21 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 04:07:12 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.09.17 20:07:21 | 001,732,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3545.37153__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:21 | 000,339,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3545.37128__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:21 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3545.37155__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:21 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3545.37148__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3545.37139__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,782,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3545.37190__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,692,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3545.37216__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:20 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3545.37254__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:20 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3545.37221__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:20 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3545.37235__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:20 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3545.37207__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3545.37155__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3545.37253__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3545.37208__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:20 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3545.37189__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3545.37229__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3545.37139__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3545.37200__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3545.37207__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3545.37255__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3545.37253__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3545.37187__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,950,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3545.37292__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3545.37230__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3545.37202__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3545.37157__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3545.37188__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3545.37182__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3545.37198__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3545.37162__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2012.09.17 20:07:19 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3545.37196__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.09.17 20:07:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3545.37187__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3545.37161__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3545.37189__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3545.37196__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.09.17 20:07:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3545.37198__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.09.17 20:07:19 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.09.17 20:07:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.09.17 20:07:19 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.09.17 20:07:18 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3545.37247__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.09.17 20:07:18 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.09.17 20:07:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3545.37245__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.09.17 20:07:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.09.17 20:07:18 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3545.37261__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.09.17 20:07:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.09.17 20:07:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.09.17 20:07:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.09.17 20:07:18 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3545.37123__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.09.17 20:07:17 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3545.37134__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.09.17 20:07:17 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3545.37147__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.09.17 20:07:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3545.37125__90ba9c70f846762e\APM.Server.dll
MOD - [2012.09.17 20:07:17 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3545.37127__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.09.17 20:07:17 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3545.37125__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.09.17 20:07:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.09.17 20:07:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3545.37123__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.09.17 20:07:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.09.17 20:07:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.09.17 20:07:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.09.17 20:07:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.09.17 20:07:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.09.17 20:07:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012.09.17 20:07:17 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3545.37246__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.06.10 15:30:18 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.05.14 06:50:00 | 000,123,536 | ---- | M] () -- C:\Program Files\wincmd\WCMZIP32.DLL


========== Services (SafeList) ==========

SRV - [2013.02.27 00:04:32 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.24 12:19:52 | 000,117,424 | ---- | M] () [Auto | Running] -- C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe -- (HiSuiteOuc.exe)
SRV - [2012.12.16 13:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.11.21 10:56:56 | 000,162,696 | ---- | M] () [Auto | Running] -- C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe -- (HuaweiHiSuiteService.exe)
SRV - [2012.10.04 22:57:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.09.24 22:04:36 | 000,203,776 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Elisa M-internet\UpdateDog\ouc.exe -- (Elisa M-internet. RunOuc)
SRV - [2012.09.17 20:05:18 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.17 20:04:23 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012.06.26 23:33:24 | 000,219,600 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ID-kaart\SmartCardRemoval.exe -- (SmartCardRemoval)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.09.09 16:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.03.28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.19 18:27:24 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCSHOST.exe -- (DCSHost.exe)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - [2013.02.06 23:27:50 | 000,208,920 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2012.12.16 13:25:16 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012.09.24 22:04:36 | 000,208,896 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012.09.24 22:04:36 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012.09.24 22:04:36 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012.09.24 22:04:36 | 000,072,832 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012.09.17 20:05:19 | 000,103,952 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2012.09.17 20:05:18 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.08.30 07:52:28 | 000,969,192 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2012.06.11 10:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.05.29 23:03:00 | 000,014,688 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atrfiltr.sys -- (atrfiltr)
DRV - [2012.01.09 16:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.02.25 14:19:26 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2010.02.25 14:18:58 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.07.20 14:05:16 | 000,049,152 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rismc32.sys -- (rismc32)
DRV - [2009.07.14 01:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009.07.08 12:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009.07.08 12:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2009.06.25 15:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = about:blank
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\..\SearchScopes,BrowserMngrDefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\..\SearchScopes,DefaultScope = {0579FB2A-A0FC-4A45-B378-AF4501D57D0B}
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\..\SearchScopes\{0579FB2A-A0FC-4A45-B378-AF4501D57D0B}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@RIA/esteid-firefox-plugin: C:\Program Files\ID-kaart\npesteid-firefox-plugin.dll (RIA)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jörgen\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jörgen\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{aa84ce40-4253-a00a-8cd6-0800200f9a66}: C:\Program Files\ID-kaart\Firefox PKCS11 Loader\ [2012.09.27 08:36:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.1.1\extensions\\Components: C:\Program Files\Mozilla Pale Moon\components [2013.03.01 13:19:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.1.1\extensions\\Plugins: C:\Program Files\Mozilla Pale Moon\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 19.0.1\extensions\\Components: C:\Program Files\Mozilla Pale Moon\components [2013.03.01 13:19:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 19.0.1\extensions\\Plugins: C:\Program Files\Mozilla Pale Moon\plugins

[2013.03.02 01:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörgen\AppData\Roaming\Mozilla\Extensions
[2012.09.11 21:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - homepage: http://search.babylon.com/?affID=109217 ... 1f3b15071d
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://search.babylon.com/?affID=109217 ... 1f3b15071d
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\J\u00F6rgen\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\J\u00F6rgen\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\J\u00F6rgen\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\J\u00F6rgen\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\J\u00F6rgen\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: SingleFile Core = C:\Users\Jörgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma\0.3.4_0\
CHR - Extension: SingleFile Core = C:\Users\Jörgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jemlklgaibiijojffihnhieihhagocma\0.3.6_0\
CHR - Extension: SingleFile = C:\Users\Jörgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle\0.3.4_0\
CHR - Extension: SingleFile = C:\Users\Jörgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle\0.3.6_0\

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (EstEIDIEPluginBHO Class) - {2A4E94A4-B275-491A-9E32-CD7A26FC7C3B} - C:\Program Files\ID-kaart\esteid-plugin-ie.dll (RIA)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe (QFX Software Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000..\Run: [uTorrent] C:\Users\Jörgen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\S-1-5-21-1192358187-4228306993-1132545701-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{407F19DD-6E5E-456C-BD65-0504AD84F5AE}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D34B9FC1-AD0B-444B-92A8-8C09E63B3413}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F9B650-826F-44F8-916F-1A2AD90DAB57}: NameServer = 194.204.0.1 194.204.18.244
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\notepad.exe: Debugger - C:\Program Files\Notepad2\Notepad2.exe ()
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\TOOLS\PROCEXP.EXE (Sysinternals - http://www.sysinternals.com)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Program Files\EudoraPro\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{04e88441-073b-11e2-b752-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{04e88441-073b-11e2-b752-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0f50bd43-faa9-11e1-b11e-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{0f50bd43-faa9-11e1-b11e-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0fdb956e-fa97-11e1-a46a-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{0fdb956e-fa97-11e1-a46a-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{0fdb957f-fa97-11e1-a46a-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{0fdb957f-fa97-11e1-a46a-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6140bbb4-0bf1-11e2-b0bb-001e101f1f81}\Shell - "" = AutoRun
O33 - MountPoints2\{6140bbb4-0bf1-11e2-b0bb-001e101f1f81}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{6140bbe1-0bf1-11e2-b0bb-001e101f1f81}\Shell - "" = AutoRun
O33 - MountPoints2\{6140bbe1-0bf1-11e2-b0bb-001e101f1f81}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{693ebff8-04af-11e2-9192-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{693ebff8-04af-11e2-9192-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{693ec006-04af-11e2-9192-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{693ec006-04af-11e2-9192-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{9bc59ee1-0b8a-11e2-be92-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{9bc59ee1-0b8a-11e2-be92-001e101f9843}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{a9e12c73-0eba-11e2-bfca-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{a9e12c73-0eba-11e2-bfca-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aaf8b83a-00cf-11e2-a929-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{aaf8b83a-00cf-11e2-a929-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{aaf8b84c-00cf-11e2-a929-001a4b80aa60}\Shell - "" = AutoRun
O33 - MountPoints2\{aaf8b84c-00cf-11e2-a929-001a4b80aa60}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{cd7e01f0-590f-11e2-92e5-001e101f79c9}\Shell - "" = AutoRun
O33 - MountPoints2\{cd7e01f0-590f-11e2-92e5-001e101f79c9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{cd7e0200-590f-11e2-92e5-001e101f79c9}\Shell - "" = AutoRun
O33 - MountPoints2\{cd7e0200-590f-11e2-92e5-001e101f79c9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f5d6790b-0cdc-11e2-997e-001e101fb681}\Shell - "" = AutoRun
O33 - MountPoints2\{f5d6790b-0cdc-11e2-997e-001e101fb681}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: SandboxieControl - hkey= - key= - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Users\Jörgen\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
MsConfig - State: "bootini" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {23A20C3C-2ADD-4A80-AFB4-C146F8847D79} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: AutorunsDisabled -

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\00-codecs\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013.03.07 19:08:37 | 000,000,000 | ---D | C] -- C:\Users\Jörgen\AppData\Roaming\QFX Software
[2013.03.07 19:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2013.03.07 15:48:35 | 000,000,000 | R--D | C] -- C:\Users\Jörgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.03.07 00:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2013.03.07 00:19:26 | 000,208,920 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2013.03.07 00:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2013.03.05 23:47:32 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2013.03.02 03:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.02 03:09:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.03.02 03:04:52 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.03.02 03:04:52 | 000,782,240 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.02 03:04:52 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.02 03:04:21 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.02 03:04:21 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.02 03:04:21 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.02 03:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.02 02:37:27 | 000,000,000 | R--D | C] -- C:\Users\Jörgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.03.02 01:32:53 | 000,000,000 | ---D | C] -- C:\Users\Jörgen\AppData\Roaming\Mozilla
[2013.03.01 23:35:38 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.01 23:35:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.01 23:35:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.01 23:35:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.01 23:35:36 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.01 23:35:35 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.01 23:35:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.01 23:35:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.23 04:05:02 | 000,000,000 | ---D | C] -- C:\Users\Jörgen\AppData\Roaming\Malwarebytes
[2013.02.23 04:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2013.02.23 04:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.23 04:04:25 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.23 04:04:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2013.02.22 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2013.02.22 19:14:26 | 000,000,000 | ---D | C] -- C:\Users\Jörgen\AppData\Local\Paint.NET
[2013.02.20 10:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2013.02.20 10:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.02.15 03:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laptop
[2013.02.15 03:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote
[2013.02.15 02:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display
[2013.02.13 01:26:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.02.13 01:26:18 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.13 01:26:13 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.13 01:26:12 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.13 01:26:11 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.02.11 02:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
Last edited by blind12 on 2013-03-08, 16:35, edited 1 time in total.

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 16:27

OTL part 2
========== Files - Modified Within 30 Days ==========

[2013.03.07 22:45:33 | 000,024,046 | ---- | M] () -- C:\Users\Jörgen\AppData\Roaming\Notepad2.ini
[2013.03.07 22:45:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.07 22:45:02 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.07 22:45:02 | 000,010,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.07 19:12:27 | 000,627,680 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.07 19:12:27 | 000,395,888 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2013.03.07 19:12:27 | 000,111,258 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2013.03.07 19:12:27 | 000,111,258 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.03.07 19:07:55 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1192358187-4228306993-1132545701-1000UA.job
[2013.03.07 19:07:55 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1192358187-4228306993-1132545701-1000Core.job
[2013.03.07 19:07:55 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.07 19:07:55 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJörgen.job
[2013.03.07 19:07:33 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.07 19:05:03 | 002,252,278 | ---- | M] () -- G:\00-userdata\000-Desktop\AutoRuns.arn
[2013.03.04 21:09:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.03.03 07:50:48 | 000,343,992 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.02 03:04:05 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.02 03:04:04 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.03.02 03:04:04 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.02 03:04:04 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.02 03:04:04 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.02 03:04:04 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.27 21:25:11 | 000,001,808 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.02.27 00:04:32 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.27 00:04:32 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.18 19:46:14 | 000,016,896 | ---- | M] () -- C:\Users\Jörgen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.18 17:15:28 | 000,000,024 | ---- | M] () -- C:\Windows\EET50X.ini
[2013.02.06 23:27:50 | 000,208,920 | ---- | M] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys

========== Files Created - No Company Name ==========

[2013.03.05 10:03:27 | 000,001,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader2.lnk
[2013.03.04 21:09:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.02.22 19:16:18 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013.02.18 17:14:11 | 000,000,024 | ---- | C] () -- C:\Windows\EET50X.ini
[2012.12.20 01:47:02 | 000,001,808 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.12.15 17:07:38 | 000,016,896 | ---- | C] () -- C:\Users\Jörgen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.06 05:42:07 | 000,024,046 | ---- | C] () -- C:\Users\Jörgen\AppData\Roaming\Notepad2.ini
[2012.10.21 19:13:20 | 000,007,612 | ---- | C] () -- C:\Users\Jörgen\AppData\Local\Resmon.ResmonCfg
[2012.10.05 13:00:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.10.05 12:59:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.10.05 09:04:54 | 000,395,888 | ---- | C] () -- C:\Windows\System32\perfh011.dat
[2012.10.05 09:04:54 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
[2012.10.05 09:04:54 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
[2012.10.05 09:04:53 | 000,111,258 | ---- | C] () -- C:\Windows\System32\perfc011.dat
[2012.09.26 19:17:36 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.09.17 20:05:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2012.09.17 20:05:22 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.09.17 20:05:22 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2012.09.09 17:00:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.06.26 23:28:26 | 000,214,944 | ---- | C] () -- C:\Windows\System32\esteidcm.dll
[2012.06.26 23:18:46 | 001,598,976 | ---- | C] () -- C:\Windows\System32\opensc-pkcs11.dll
[2012.06.26 23:18:46 | 001,598,976 | ---- | C] () -- C:\Windows\System32\onepin-opensc-pkcs11.dll
[2012.06.26 23:18:46 | 001,598,976 | ---- | C] () -- C:\Windows\System32\esteid-pkcs11.dll
[2012.06.26 23:18:46 | 001,488,896 | ---- | C] () -- C:\Windows\System32\opensc.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.01.11 09:33:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.11 09:33:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.10.08 23:56:39 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\ACD Systems
[2012.11.28 14:58:27 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\digidocpp
[2013.01.18 08:39:03 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Foxit Reader
[2012.10.11 02:46:56 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Foxit Software
[2012.12.03 06:33:32 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Grig Software
[2012.10.14 03:42:00 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Icons and Cursors
[2012.10.03 20:38:20 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Moonchild Productions
[2013.02.13 06:30:51 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Nokia
[2013.01.09 02:42:14 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\Okapi
[2012.10.13 18:13:44 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\PC Suite
[2013.03.07 19:08:37 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\QFX Software
[2012.12.18 22:17:16 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\TuneUp Software
[2013.03.07 22:57:24 | 000,000,000 | ---D | M] -- C:\Users\Jörgen\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< %systemroot%\Fonts\*.com >
[2009.07.14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009.06.10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2003.06.18 16:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\mdippr.dll
[2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009.07.14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012.10.05 09:06:23 | 000,000,221 | -HS- | M] () -- C:\Users\Jörgen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009.06.10 23:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2012.12.14 17:49:29 | 000,000,402 | -HS- | M] () -- C:\Users\Jörgen\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >
[2009.07.13 23:40:41 | 000,009,029 | ---- | M] () -- C:\Windows\system32\ANSI.SYS
[2009.07.14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfs.sys
[2009.07.13 23:40:44 | 000,027,097 | ---- | M] () -- C:\Windows\system32\country.sys
[2001.09.17 08:48:52 | 000,006,688 | R--- | M] () -- C:\Windows\system32\Digita.sys
[2009.07.13 23:40:40 | 000,004,768 | ---- | M] () -- C:\Windows\system32\HIMEM.SYS
[2009.07.13 23:40:43 | 000,042,809 | ---- | M] () -- C:\Windows\system32\KEY01.SYS
[2009.07.13 23:40:43 | 000,042,537 | ---- | M] () -- C:\Windows\system32\KEYBOARD.SYS
[2009.07.13 23:40:23 | 000,027,866 | ---- | M] () -- C:\Windows\system32\NTDOS.SYS
[2009.07.13 23:40:31 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS404.SYS
[2009.07.13 23:40:35 | 000,029,370 | ---- | M] () -- C:\Windows\system32\NTDOS411.SYS
[2009.07.13 23:40:39 | 000,029,274 | ---- | M] () -- C:\Windows\system32\NTDOS412.SYS
[2009.07.13 23:40:27 | 000,029,146 | ---- | M] () -- C:\Windows\system32\NTDOS804.SYS
[2009.07.13 23:40:11 | 000,033,952 | ---- | M] () -- C:\Windows\system32\NTIO.SYS
[2009.07.13 23:40:15 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO404.SYS
[2009.07.13 23:40:17 | 000,035,776 | ---- | M] () -- C:\Windows\system32\NTIO411.SYS
[2009.07.13 23:40:19 | 000,035,536 | ---- | M] () -- C:\Windows\system32\NTIO412.SYS
[2009.07.13 23:40:13 | 000,034,672 | ---- | M] () -- C:\Windows\system32\NTIO804.SYS
[2013.01.04 05:00:29 | 002,347,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2012.09.17 20:05:18 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2010.02.25 14:18:58 | 001,419,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wdfcoinstaller01005.dll
[2010.02.19 01:00:34 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
[2012.09.24 22:04:36 | 001,461,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WdfCoInstaller01009.dll
[2010.02.19 01:00:32 | 000,581,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WinUSBCoInstaller.dll
[2010.02.19 01:00:34 | 001,302,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\WUDFUpdate_01007.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2003.06.18 16:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\mdippr.dll
[2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll

< %SYSTEMDRIVE%\*.* >
[2009.06.10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[1980.01.04 10:18:00 | 000,000,211 | -H-- | M] () -- C:\Boot.BAK
[2012.09.10 03:56:34 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010.11.20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2012.09.10 03:56:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2013.01.29 14:14:56 | 000,000,154 | ---- | M] () -- C:\data.txt
[2009.08.02 10:59:51 | 000,171,136 | RHS- | M] () -- C:\grldr
[2013.03.07 19:07:33 | 3220,496,384 | -HS- | M] () -- C:\hiberfil.sys
[1980.01.04 10:27:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[1980.01.04 10:27:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004.08.04 12:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004.08.04 12:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2013.03.07 19:07:36 | 3220,496,384 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2013.02.11 02:31:48 | 000,000,000 | ---D | M] -- C:\Program Files\00-codecs
[2012.12.15 03:38:03 | 000,000,000 | ---D | M] -- C:\Program Files\00-ed2k
[2013.02.11 02:58:28 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2012.10.08 23:55:49 | 000,000,000 | ---D | M] -- C:\Program Files\ACD Systems
[2012.09.17 20:04:47 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2012.09.17 20:05:44 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2012.09.17 20:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2012.10.04 23:31:04 | 000,000,000 | ---D | M] -- C:\Program Files\AuthenTec
[2012.12.18 22:13:09 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2012.12.18 22:19:03 | 000,000,000 | ---D | M] -- C:\Program Files\AVG2012
[2013.03.02 03:09:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2012.12.15 04:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\Compare It!
[2013.01.07 15:41:52 | 000,000,000 | ---D | M] -- C:\Program Files\DC-Unlocker
[2012.10.13 16:47:28 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2013.01.08 00:40:48 | 000,000,000 | ---D | M] -- C:\Program Files\Elisa M-internet
[2012.09.26 15:13:09 | 000,000,000 | ---D | M] -- C:\Program Files\EudoraPro
[2013.01.18 09:06:43 | 000,000,000 | ---D | M] -- C:\Program Files\Foxit Reader
[2013.02.20 10:54:37 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2012.09.26 02:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2013.01.28 15:08:03 | 000,000,000 | ---D | M] -- C:\Program Files\Huawei U8500 HiSuite
[2012.09.27 08:36:34 | 000,000,000 | ---D | M] -- C:\Program Files\ID-kaart
[2012.09.26 15:12:55 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2013.03.03 07:49:10 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2013.03.02 03:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2013.03.06 21:52:10 | 000,000,000 | ---D | M] -- C:\Program Files\JDownloader2
[2013.03.07 00:19:26 | 000,000,000 | ---D | M] -- C:\Program Files\KeyScrambler
[2013.02.23 04:04:35 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes Anti-Malware
[2012.10.14 03:42:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microangelo On Display
[2013.02.19 02:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Microangelo Toolset 6
[2012.10.02 23:37:23 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2012.09.26 19:15:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2009.07.14 09:50:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2012.10.02 23:13:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012.09.26 19:15:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2013.01.09 13:59:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2012.10.08 02:41:53 | 000,000,000 | ---D | M] -- C:\Program Files\Moon Software ShellTools
[2012.09.11 21:18:17 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2013.03.01 13:19:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Pale Moon
[2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2012.10.02 23:12:57 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2012.10.13 16:46:59 | 000,000,000 | ---D | M] -- C:\Program Files\Nokia
[2013.02.27 01:48:54 | 000,000,000 | ---D | M] -- C:\Program Files\Notepad2
[2013.01.09 02:30:49 | 000,000,000 | ---D | M] -- C:\Program Files\Okapi
[2013.02.22 19:15:43 | 000,000,000 | ---D | M] -- C:\Program Files\Paint.NET
[2012.10.13 16:46:24 | 000,000,000 | ---D | M] -- C:\Program Files\PC Connectivity Solution
[2013.01.11 23:51:57 | 000,000,000 | ---D | M] -- C:\Program Files\PDF24
[2012.10.23 07:00:09 | 000,000,000 | ---D | M] -- C:\Program Files\R-Studio
[2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012.12.20 01:46:25 | 000,000,000 | ---D | M] -- C:\Program Files\Sandboxie
[2012.10.16 15:04:25 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2012.09.09 18:07:34 | 000,000,000 | ---D | M] -- C:\Program Files\Tele2 Mobile Partner.bak
[2013.01.13 15:09:51 | 000,000,000 | ---D | M] -- C:\Program Files\Types
[2009.07.14 06:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2013.01.07 15:25:17 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2013.01.28 09:57:37 | 000,000,000 | ---D | M] -- C:\Program Files\wincmd
[2012.10.02 23:17:42 | 000,000,000 | ---D | M] -- C:\Program Files\wincmd.bak
[2012.12.14 17:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2012.10.02 23:37:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2012.10.02 23:37:05 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009.07.14 06:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2012.12.14 17:13:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2012.12.03 09:39:44 | 000,000,000 | ---D | M] -- C:\Program Files\WinMerge
[2012.09.26 14:57:09 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR

< %appdata%\*.* >
[2013.03.07 22:45:33 | 000,024,046 | ---- | M] () -- C:\Users\Jörgen\AppData\Roaming\Notepad2.ini

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: DISK.SYS >
[2009.07.14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009.07.14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009.07.14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: USBSTOR.SYS >
[2011.03.11 05:48:12 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=6A3DB51D317307F3AC65CB127B9A2BEB -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.21680_none_4ac7a4d10f6f3253\USBSTOR.SYS
[2010.11.20 12:00:04 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=BF63EBFC6979FEFB2BC03DF7989A0C1A -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_c77d41a490bdc63d\USBSTOR.SYS
[2010.11.20 12:00:04 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=BF63EBFC6979FEFB2BC03DF7989A0C1A -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17514_none_4a8db8a1f615344e\USBSTOR.SYS
[2011.03.11 06:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=F991AB9CC6B908DB552166768176896A -- C:\Windows\System32\drivers\USBSTOR.SYS
[2011.03.11 06:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=F991AB9CC6B908DB552166768176896A -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_x86_neutral_e6d53e776821c5b8\USBSTOR.SYS
[2011.03.11 06:01:12 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=F991AB9CC6B908DB552166768176896A -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.1.7601.17577_none_4a4fd9f7f64327f9\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-03-01 21:39:50

< End of report >
OTL extras
OTL Extras logfile created on: 7.03.2013 22:51:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\00-soft\00-Security
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000425 | Country: Eesti | Language: ETI | Date Format: d.MM.yyyy

3,00 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 72,49% Memory free
6,00 Gb Paging File | 5,08 Gb Available in Paging File | 84,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 44,25 Gb Total Space | 3,55 Gb Free Space | 8,03% Space Free | Partition Type: NTFS
Drive G: | 30,28 Gb Total Space | 0,36 Gb Free Space | 1,18% Space Free | Partition Type: NTFS

Computer Name: HP_8510W_2 | User Name: Jörgen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1192358187-4228306993-1132545701-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Pale Moon\palemoon.exe (Moonchild Productions)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\00-codecs\Videolan\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\00-codecs\Videolan\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [runas] -- cmd.exe /c takeown /f "%1" && icacls "%1" /grant administrators:F (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{273AB519-6E79-401F-9CFA-9277A93736DF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3AAF0752-36A2-4CDF-9AED-14247EC516AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F523C34-3D79-4F7B-9F0E-746D299727C0}" = lport=137 | protocol=17 | dir=in | app=system |
"{6CD9F0B2-7DEE-4504-99AF-ECFF4865DB1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{7E85001C-8B08-433D-A07E-FB349677428C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{89637A0B-157F-4428-B3D5-D35472A673F8}" = rport=445 | protocol=6 | dir=out | app=system |
"{8E8FD6BE-41A9-4D4F-9439-4FC964D3D4C9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9892D48C-AF77-44D4-822D-919E6F4B47B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B1D59F04-AD02-45CD-BA48-DFED672FEDFB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BAD6CBF5-A2B1-4417-B14B-1371A33CD806}" = rport=138 | protocol=17 | dir=out | app=system |
"{CB2EC105-0BAE-4E04-BDA2-00203E4C2D12}" = lport=138 | protocol=17 | dir=in | app=system |
"{E753B2D5-DDF6-407A-80A1-D7E18E53A805}" = lport=445 | protocol=6 | dir=in | app=system |
"{F192A81F-6DB5-43FD-AAB4-8ADE60EF3C12}" = lport=139 | protocol=6 | dir=in | app=system |
"{F758644A-4E59-4497-9807-D24B92717D87}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B0B91D-B898-4E33-A045-41565D065165}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0745401A-35B0-4BF0-A5F6-A5CD8B52EFFA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{0B7D047C-0B56-4DF5-8ADB-2DFEAFA8FAF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1A617850-957B-4646-854F-8EE5CA4003C6}" = dir=out | app=c:\program files\00-ed2k\emulemorph\emule.exe |
"{1E091D03-5F71-41B4-93BF-F4798FF88C3F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28FF1F12-D3A6-45F0-B228-10CE896745D8}" = protocol=6 | dir=in | app=c:\users\jörgen\appdata\roaming\utorrent\utorrent.exe |
"{329B7E60-B48A-48F7-A4D8-3E9925218DCB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{367B66DA-C8A3-4C2C-A49B-3690200E4E12}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{47074B4B-8CE9-458F-BBE2-D50AB9C54A5E}" = protocol=17 | dir=in | app=c:\program files\avg2012\avgmfapx.exe |
"{4CE5FC5C-6AE5-4B7C-8B4E-4AE4F9B173DA}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{4DAC6303-E3B8-4F52-8F39-8D38D94F006F}" = protocol=6 | dir=in | app=c:\program files\avg2012\avgmfapx.exe |
"{6B316E46-E91F-4B27-8CAF-A47823DD7DF3}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{86B8E144-044D-446F-A7A6-F2D65200EE67}" = protocol=17 | dir=in | app=c:\program files\avg2012\avgnsx.exe |
"{941A4AAA-8B6E-40A2-9E5D-EFF5E1A4D621}" = dir=in | app=c:\program files\00-ed2k\emulemorph\emule.exe |
"{9B124562-8CDB-488A-B96B-A1F11A3177A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9E1A809F-BA83-4F4A-B327-B705F2A0A6AB}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A01F02C6-BEC6-49D1-BC42-747A3194C4A3}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A117A303-9E9A-480A-8442-D50A36AFB7FC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A30DE9F1-2E59-4D25-BB57-25CA0F2EFFB8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C1DC720C-59BE-42D5-A741-8938C186C817}" = protocol=6 | dir=in | app=c:\program files\avg2012\avgdiagex.exe |
"{D4B0D3F6-7C2C-43D6-BAFB-7143191253AB}" = protocol=17 | dir=in | app=c:\users\jörgen\appdata\roaming\utorrent\utorrent.exe |
"{DFEFE2D9-C1C2-42A3-852A-4CC353FF1054}" = protocol=6 | dir=in | app=c:\program files\avg2012\avgnsx.exe |
"{E7C116F4-A3B9-4E36-8E9A-2C0E8E7DF1C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1FC052A-6693-4DD4-9497-37F7F2A91697}" = protocol=17 | dir=in | app=c:\program files\avg2012\avgdiagex.exe |
"{F9553364-D2C9-44F4-AC9E-CCF6BB41109D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB22107C-F1F6-4564-BFDC-16249CEDE328}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"TCP Query User{96DCDE57-2278-4964-BE25-40087CC60E1F}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"TCP Query User{985F4E14-1DE1-4940-9019-0F48EFBF2E5A}C:\program files\wincmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\wincmd\totalcmd.exe |
"TCP Query User{9F2F1FE0-ED0A-406B-8704-EE1D7CC763E2}C:\program files\jdownloader2\jdownloader2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader2\jdownloader2.exe |
"TCP Query User{A52DE8AC-945F-4341-B220-A22B39E518A0}C:\program files\jdownloader\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\java.exe |
"TCP Query User{EE1302A6-8EAE-4FAD-BC57-0C9A48EAF4C1}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{F0C2B8A4-8184-49BC-A79E-C65BE3D7E398}C:\program files\jdownloader\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader\jre\bin\java.exe |
"UDP Query User{0671DE2F-0043-4D45-B761-3FEA2D9D2130}C:\program files\jdownloader\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\java.exe |
"UDP Query User{15B36396-CC8A-4B03-9D1F-6FC949814616}C:\program files\jdownloader\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\java.exe |
"UDP Query User{18610EE2-81EB-4604-93EE-B63195A2B20E}C:\program files\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader\jre\bin\javaw.exe |
"UDP Query User{3DDCDF27-28EA-4A62-807E-C15771503A3A}C:\program files\wincmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\wincmd\totalcmd.exe |
"UDP Query User{AC721ABE-E442-4BF5-AD22-70A866B3EE5B}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D0C28845-9234-4201-8DFB-1D34584736F5}C:\program files\jdownloader2\jdownloader2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader2\jdownloader2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0BCD7F45-A66D-63FD-CA8C-828416484863}" = Catalyst Control Center Localization All
"{0D750A5D-EDBA-F37A-51F6-B1E1F3833270}" = CCC Help English
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
"{1D30236B-2102-472B-8BDC-14DDAD726D14}" = Eudora
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE20C1A-9665-1597-3C88-FC87EA9121B0}" = CCC Help Korean
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FFEE48-A96E-9158-BD81-60919E004F9E}" = Catalyst Control Center Core Implementation
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{2BF64380-C910-A789-9860-4E52E30377B7}" = Catalyst Control Center Graphics Previews Vista
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{37227F8B-DD62-A590-0D18-3AB4BB981FFF}" = CCC Help Dutch
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C8898D3-407E-1112-46C2-C8FE4A202506}" = CCC Help Italian
"{42A0CD6A-224C-BC6F-DB88-58F37EC610ED}" = CCC Help Polish
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4649126F-45B6-47A2-B2A2-FB8FDB2FDE2E}" = Catalyst Control Center - Branding
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E59C2EE-0270-42C5-B5E8-D3642B205135}" = Eesti ID kaardi tarkvara 3.6.0.904
"{4E5FF2D7-87CF-A620-64F1-417B11FB4B9C}" = CCC Help French
"{4F549611-A40A-74AD-562C-F6BCD6EA8D93}" = CCC Help Japanese
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5BB54A4F-CD51-C962-B162-18B71AD93F1B}" = CCC Help Thai
"{62CA5EF5-AFBA-716F-471B-EF061666770B}" = CCC Help German
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{67C090D6-109A-47D7-8DED-4160C4D96F32}" = HP 3D DriveGuard
"{6AEFA6D3-84CC-5580-379A-27F81FC2F039}" = ccc-utility
"{6C823BB8-EAA8-CD73-B5BE-D05FCE1DA75D}" = ccc-core-static
"{6E5ED03F-DFA5-E08E-0876-7BBD532D01F8}" = CCC Help Norwegian
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{6FEE2F79-23DF-CA27-E5D8-66EB47A65928}" = Catalyst Control Center Graphics Light
"{71414EC2-0684-4A15-A85A-E0E259D117AF}" = Microangelo Toolset 6
"{7C983DEF-4168-5CAF-DD5B-17CDE2583453}" = CCC Help Greek
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84FE3046-C28A-0B88-3693-66BB0623CC26}" = CCC Help Portuguese
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{8679D366-D73F-4303-92F7-853B13C1F424}" = Microangelo On Display
"{871732B3-1EE5-4C54-8462-8BFF516880B7}" = HP ESU for Microsoft Windows 7
"{8E54DDB4-5F0B-49D2-88E3-410CDCE4A277}" = Okapi Olifant
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901F0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Proofing Tools
"{903B0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{90A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{92605735-AAFB-47F7-A67D-17ED129EFF9C}" = ACDSee 4.0
"{938DAE9E-9849-7766-5019-C77B3C74EC1C}" = CCC Help Hungarian
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97918F8D-74CD-8F64-6CDE-F82E9FF8FBA4}" = CCC Help Danish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EE18409-B1D2-4782-A7E1-4F88232DCD78}" = ShellTools
"{9FE921A8-5A85-529D-BCF0-D14547D1E6E5}" = Catalyst Control Center Graphics Full Existing
"{A4B286D5-9F14-0722-BCB0-E8EF49DFD5D6}" = CCC Help Chinese Standard
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AA736C36-CCB7-5140-F1A3-8243E749C17B}" = CCC Help Finnish
"{AA94F1B4-68E6-ECC3-7181-406F728FD220}" = CCC Help Swedish
"{AAB11FE6-15FC-3B4A-1E83-B11085BD9243}" = CCC Help Turkish
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B9293A66-5F9A-4442-B690-922EF5A501DB}" = HP System Default Settings
"{C69B1CC0-B5B9-742A-B906-B9EC49DBE057}" = CCC Help Chinese Traditional
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC20517A-4CA8-0991-F40B-7BCB54C98305}" = Catalyst Control Center Graphics Full New
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D42CE79E-22E1-0233-179D-94CC314DA382}" = CCC Help Russian
"{D4BEDE0D-BE09-F5C9-C10B-09EF2B7A8525}" = ATI Catalyst Install Manager
"{E63E0B06-D704-7BD0-3D21-A38EE0138B4F}" = CCC Help Spanish
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F89BA07B-6F56-3CAC-5DBD-B1C854DAC911}" = CCC Help Czech
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows Driver Package - Nokia Modem (02/25/2011 4.7)
"Elisa M-internet" = Elisa M-internet
"eMule MorphXT_is1" = eMule MorphXT 12.7
"Foxit Reader_is1" = Foxit Reader
"Hi Suite" = HiSuite
"jdownloader2" = JDownloader 2.0
"KeyScrambler" = KeyScrambler
"MadVR" = MadVR (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versio 1.70.0.1100
"MediaInfo" = MediaInfo 0.7.61
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Nokia PC Suite" = Nokia PC Suite
"Notepad2" = Notepad2 (Notepad Replacement)
"Pale Moon 19.0.1 (x86 en-US)" = Pale Moon 19.0.1 (x86 en-US)
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"R-Studio 5.1NSIS" = R-Studio 5.1
"Sandboxie" = Sandboxie 3.76 (32-bit)
"ShellTools 2.0.0" = ShellTools 2.0.0
"ZoomPlayer" = Zoom Player (remove only)
"Tele2 Mobile Partner" = Tele2 Mobile Partner
"Totalcmd" = Total Commander (Remove or Repair)
"Types" = Types
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"WinRAR archiver" = WinRAR archiver
"VLC media player" = VLC media player 2.0.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1192358187-4228306993-1132545701-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.03.2013 17:21:07 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: palemoon.exe, version: 19.0.0.4802, time
stamp: 0x51293e68 Faulting module name: mozalloc.dll, version: 19.0.0.4802, time
stamp: 0x51292666 Exception code: 0x80000003 Fault offset: 0x0000113c Faulting process
id: 0x1f64 Faulting application start time: 0x01ce19b008c9929d Faulting application
path: C:\Program Files\Mozilla Pale Moon\palemoon.exe Faulting module path: C:\Program
Files\Mozilla Pale Moon\mozalloc.dll Report Id: 9763e9ac-85da-11e2-bfe7-001a4b80aa60

Error - 5.03.2013 21:17:58 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: m6studio.exe, version: 6.10.71.4, time
stamp: 0x4cf2b229 Faulting module name: m6studio.exe, version: 6.10.71.4, time stamp:
0x4cf2b229 Exception code: 0xc0000005 Fault offset: 0x0000283a Faulting process id:
0x12d8 Faulting application start time: 0x01ce1a07e43925e8 Faulting application path:
C:\Program Files\Microangelo Toolset 6\m6studio.exe Faulting module path: C:\Program
Files\Microangelo Toolset 6\m6studio.exe Report Id: adef467d-85fb-11e2-bfe7-001a4b80aa60

Error - 5.03.2013 22:34:08 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: explorer.exe, version: 6.1.7601.17567,
time stamp: 0x4d6727a7 Faulting module name: MODSys.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4a980d57 Exception code: 0xc0000005 Fault offset: 0x03968f00 Faulting
process id: 0x1e94 Faulting application start time: 0x01ce1976e356489e Faulting application
path: C:\Windows\explorer.exe Faulting module path: MODSys.dll Report Id: 5209a334-8606-11e2-bfe7-001a4b80aa60

Error - 6.03.2013 12:56:39 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: palemoon.exe, version: 19.0.0.4802, time
stamp: 0x51293e68 Faulting module name: mozalloc.dll, version: 19.0.0.4802, time
stamp: 0x51292666 Exception code: 0x80000003 Fault offset: 0x0000113c Faulting process
id: 0x1f94 Faulting application start time: 0x01ce1a6dd24bd979 Faulting application
path: C:\Program Files\Mozilla Pale Moon\palemoon.exe Faulting module path: C:\Program
Files\Mozilla Pale Moon\mozalloc.dll Report Id: cfdc6511-867e-11e2-bfe7-001a4b80aa60

Error - 7.03.2013 9:58:46 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: palemoon.exe, version: 19.0.0.4802, time
stamp: 0x51293e68 Faulting module name: mozalloc.dll, version: 19.0.0.4802, time
stamp: 0x51292666 Exception code: 0x80000003 Fault offset: 0x0000113c Faulting process
id: 0x1d08 Faulting application start time: 0x01ce1a8c09a056af Faulting application
path: C:\Program Files\Mozilla Pale Moon\palemoon.exe Faulting module path: C:\Program
Files\Mozilla Pale Moon\mozalloc.dll Report Id: 2053c293-872f-11e2-bfe7-001a4b80aa60

Error - 7.03.2013 14:27:36 | Computer Name = HP_8510w_2 | Source = Application Hang | ID = 1002
Description = The program Eudora.exe version 7.1.0.9 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1144 Start Time:
01ce1b5cd3927ad9 Termination Time: 108 Application Path: C:\Program Files\EudoraPro\Eudora.exe

Report
Id: 6a84288b-8754-11e2-bcb2-001a4b80aa60

Error - 7.03.2013 14:38:50 | Computer Name = HP_8510w_2 | Source = Application Hang | ID = 1002
Description = The program Eudora.exe version 7.1.0.9 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1510 Start Time:
01ce1b6222c62c3e Termination Time: 50 Application Path: C:\Program Files\EudoraPro\Eudora.exe

Report
Id: 3afa11fd-8756-11e2-bcb2-001a4b80aa60

Error - 7.03.2013 14:41:59 | Computer Name = HP_8510w_2 | Source = Application Hang | ID = 1002
Description = The program Eudora.exe version 7.1.0.9 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 13f0 Start Time:
01ce1b6303eef38d Termination Time: 51 Application Path: C:\Program Files\EudoraPro\Eudora.exe

Report
Id: 9e8650e3-8756-11e2-bcb2-001a4b80aa60

Error - 7.03.2013 14:44:06 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_11_6_602_171.exe, version:
11.6.602.171, time stamp: 0x511ee9e4 Faulting module name: FlashPlayerPlugin_11_6_602_171.exe,
version: 11.6.602.171, time stamp: 0x511ee9e4 Exception code: 0xc0000005 Fault offset:
0x0002ae47 Faulting process id: 0x27c Faulting application start time: 0x01ce1b573ad1bcd1
Faulting
application path: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
Faulting
module path: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
Report
Id: fcd67549-8756-11e2-bcb2-001a4b80aa60

Error - 7.03.2013 14:44:31 | Computer Name = HP_8510w_2 | Source = Application Error | ID = 1000
Description = Faulting application name: plugin-container.exe, version: 19.0.0.4802,
time stamp: 0x51293db3 Faulting module name: NPSWF32_11_6_602_171.dll, version:
11.6.602.171, time stamp: 0x511eeb7e Exception code: 0x80000003 Fault offset: 0x0033881d
Faulting
process id: 0xcb8 Faulting application start time: 0x01ce1b5843ddfa05 Faulting application
path: C:\Program Files\Mozilla Pale Moon\plugin-container.exe Faulting module path:
C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll Report Id: 0bbc9c52-8757-11e2-bcb2-001a4b80aa60

[ Hewlett-Packard Events ]
Error - 10.11.2012 11:09:34 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 11:25:19 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:03:59 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:05:28 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:05:31 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:05:32 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:05:32 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:05:38 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 12:18:09 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

Error - 10.11.2012 13:07:24 | Computer Name = HP_8510w_2 | Source = HPSF.exe | ID = 4000
Description =

[ System Events ]
Error - 18.02.2013 3:45:03 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 18.02.2013 3:45:04 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 18.02.2013 3:46:46 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 18.02.2013 3:47:37 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 20.02.2013 7:26:10 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 20.02.2013 7:26:13 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 20.02.2013 7:26:16 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 20.02.2013 7:26:17 | Computer Name = HP_8510w_2 | Source = SCardSvr | ID = 610
Description =

Error - 20.02.2013 14:09:05 | Computer Name = HP_8510w_2 | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 20.02.2013 23:31:15 | Computer Name = HP_8510w_2 | Source = volsnap | ID = 393252
Description = The shadow copies of volume G: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 16:30

There are some leftovers of Babylon toolbar visible that slipped in with Chrome some time ago.

I also had what looked like a Google redirect virus but without any typical signs other than a strange fixed IP and fixed Google DNS servers. Maybe AVG removed the rest silently. I had to delete AVG though as it deleted several necessary random files. Some were text and I don't thing AVG looks for alternate streams if there were any.

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 16:46

Moonchild wrote:Sessions are stored at regular intervals (the default for Pale moon is 60 seconds, by the way, and not 10 like Firefox...) so if the sessions you get restored are really ancient then it's not saved to disk for the new session. Are you sure Pale Moon isn't being "sandboxed" or running in a "protected" environment? That could explain both the crashes and your sessions not being stored, as well as odd Windows API dlls being loaded like kernelbase.dll that normally aren't present as loaded modules for the application. You may want to check if AVG hasn't inadvertently left behind some parts of its suite causing these issues... And I do recommend trying to create a new Windows user profile to see if that helps your case any.
OK I thought I had changed it to 60 seconds myself in the past.
I do run a copy in Sandboxie quite often but that copy never crashes :)
It doesn't use much resources either.

I have noticed that for quite some time before a crash, addons and many functions start failing, I think that is one possible reason why session doesn't get updated?

Another one is that it seems the profile with lots of tabs has a hard time flushing files or whatever after exiting, as it stays in task list with high processor usage for ages.

It updated now after I made changes and exited immediately after startup before it might start failing, and raised the priority of the closing Palemoon so it would get its work done.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-08, 17:49

A few immediate things noticed:

Sandboxie: Running Pale Moon as a "sandboxed web browser" will not save your session unless the sandbox data is kept permanent, just FYI. I personally haven't had issues with sandboxie (an older version though) and running pale Moon in it, so that's less likely to be an issue. If you run Pale Moon within Sandboxie though, make sure it's operating properly and that sandboxie has enough sandboxed disk space to work with for Pale Moon!

Keyscrambler; this piece of software has, and probably will continue to, cause issues when installed because of the way it is designed. I would suggest you try to remove it (not just disable, but completely uninstall including the kernel driver it installs).
(Personally, I think the premise behind it is flawed - assuming that you need to protect your system from snooping software; while you should prevent such software from being installed in the first place. It's also easy to circumvent if you write a keylogger properly... but that aside.)

The number of tabs doesn't matter for the session store, really. Pale Moon can successfully save hundreds of tabs without an issue, and without causing high cpu usage. If things are failing regularly and start failing arbitrarily in Pale Moon, there is definitely something interfering with system run-time operation, and possibly at the I/O level interfering with disk access (keyscrambler operates at this level as well...)

You should certainly grab a copy of memtest as well and test your RAM for defects too (as this kind of behavior is also consistent with failing memory).

There is more software running I'm not familiar with, and looking at the recent issues you have had will all sorts of programs, including access violations in explorer and Eudora, crashing Flash, and this breakpoint crash in Pale Moon, I'd say you'd almost be better off starting with a clean Windows installation, only installing necessary drivers and none of the bloatware, and go from there.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 18:52

Funny, it folded together again silently, this time leaving no crash WER-file either. sessionstore.js is 2,5 hours old

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-08, 19:05

Sandboxie is just for testing and security. Keyscrambler I just installed 2 days ago because I was concerned with security. Things haven't gotten worse since then :)

The small temp profile I made for testing doesn't seem to crash but maybe it just doesn't push the limits to where problems start having effects.

This is not an old installation, I'm not sure yet that a new one would necessarily be cleaner or better, most of the problems were around from almost the very beginning.
If I do reinstall then I'll first test things some more on the old system :)

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-13, 14:38

Is there a method to force Firefox/Palemoon to save browser state/session during use? It is running but sessionstore.js is very old so it is not saving its state.

I have noticed this lagging behind in previous installations/older versions so it isn't specific to this installation/profile/computer/OS. Of course older versions were much more likely to lose session data completely so I resorted to session-saving addons, but total loss of sessions hasn't happened in recent versions.

Loss of state-saving, degrading addon functionality etc after some use has survived though, I noticed this in the past so it shouldn't be specific to this installation/computer/OS. Failure of Estonian ID card Firefox driver/plugin after some use has been confirmed by others so there does appear to be something degrading in use.

Blacklab
Board Warrior
Board Warrior
Posts: 1080
Joined: 2012-06-08, 12:14

Re: Lots of crashes with mozalloc.dll

Unread post by Blacklab » 2013-03-13, 15:03

@blind12: This mozillaZine forum topic might be of interest: http://forums.mozillazine.org/viewtopic ... &t=2415281 and also their "Session Restore" Knowledge Base article: http://kb.mozillazine.org/Session_Restore

Assume Session Manager 0.7.9.6 was the Add-on you tried? It has a massive Support thread on mozillaZine all about the detail of this topic here: http://forums.mozillazine.org/viewtopic ... &start=900

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-13, 15:20

Unfortunately your reported problems are very a-typical for Pale Moon, and the only thing I can think of is that there must be some sort of system run-time interference on your particular Windows setups causing it.
If you say it occurs across computers and OSes, with different unrelated profiles, then you need to be looking for what common factors are between your different computers. Common configurations you do in Windows that go beyond basic personalization, common software installed on all of them (Firewall/AV/system software/tools/etc.), etc etc.

There is no easy way to manually trigger a session save unless you install an add-on like the Mozilla-created Session Manager
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-13, 15:29

The degrading functionality has been reported by others on totally different installations (vanilla Firefox, not Palemoon, I'm not suggesting it's specific to Palemoon), and my own installations have been very different (I previously used WinXP, I now use Win7). Very few addons are the same, only AVG has been in all my computers. Maybe 64-bit OSes fare better, I use 32bit for fear of breaking some old tools.

Session Manager caused long hangs/lags while saving sessions in the past. There apparently is an addon that forces Internal sessionmanager to save session, https://addons.mozilla.org/en-us/firefo ... e-session/. Unfortunately it requires a restart and my sessionstore.js is very old already... EDIT: D'mn the Save Session addon doesn't add any functions, it just enables-disables saving.

EDIT: Whew, my Palemoon managed to flush sessionstore.js to disk when restarting. Is it possibly held in memory for hours so it gets lost in crashes? If so then I just need to force it to flush to disk somehow.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-13, 19:10

The session gets saved to disk every 60 seconds in Pale Moon (every 10 seconds in Firefox).

If AVG is the only common factor, then it may very well be the culprit -- just disabling it will not necessarily provide conclusive evidence as such software is notorious for never being fully disabled. Only a complete clean uninstallation of the suite will give you more information if it is indeed the problem.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-14, 03:14

I removed AVG awhile ago but it may have introduced system changes. I can see there are some files left behind so there might be other changes left behind.

blind12
Moon lover
Moon lover
Posts: 77
Joined: 2013-03-01, 23:19
Location: home

Re: Lots of crashes with mozalloc.dll

Unread post by blind12 » 2013-03-25, 19:24

WIndows Memory test and memtest86+ did not report errors but they both ended in a shutdown so I replaced memory units with ones that tested without problems. Stability seems better but mozalloc.dll crashes still occur and sessionstore.js is over half an hour old at the moment and is not updating.

I wish there was a way to force (internal) state save if the autosave somehow breaks. There is an external Session Saver but it had its own problems.

Is there a way to track down what loads kernelbase.dll into Palemoon? Does the Dependancy Walker http://www.dependencywalker.com/ have any relevance?

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 35477
Joined: 2011-08-28, 17:27
Location: Motala, SE
Contact:

Re: Lots of crashes with mozalloc.dll

Unread post by Moonchild » 2013-03-25, 22:33

If memory testing does not complete and shuts down your system while testing, you definitely have an issue with hardware. Please get your computer checked out. Swapping out memory for different modules may avoid immediate problems depending on the speed/stability of the modules, but won't necessarily give you a stable overall system.
Of course it's unlikely if you are using multiple different physical computers (I'm not sure if this is the case? You mentioned it not being related to computer/OS) that they would all be affected, but if it's a single computer, then hardware is very likely the only cause. Overheating, bad motherboard, and similar can all cause these kinds of issues.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite

Locked