Jump to content

Recommended Posts

Hi,

I have a problem with a list of programs that i can't seem to remove. The malware program seems to skip over them. I have also tried to use the rkill method posted on another site but my laptop just shuts off whilst in Safe mode Networking.

The programs involved that appear in the attach file are;

1clickdownloader

SweetPacks

Thank you in advance for any help with this.

Below are the DDS and Attach files.

Attach.txtDDS.txt

Link to post
Share on other sites

Hello ProfessorBadger and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Link to post
Share on other sites

My apologies

OTL logfile created on: 6/4/2012 6:12:24 PM - Run 1

OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Aran\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 34.93% Memory free

7.49 Gb Paging File | 4.60 Gb Available in Paging File | 61.44% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284.42 Gb Total Space | 99.77 Gb Free Space | 35.08% Space Free | Partition Type: NTFS

Drive D: | 13.37 Gb Total Space | 2.21 Gb Free Space | 16.50% Space Free | Partition Type: NTFS

Drive E: | 99.34 Mb Total Space | 95.87 Mb Free Space | 96.51% Space Free | Partition Type: FAT32

Computer Name: ARAN-PC | User Name: Aran | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/04 18:10:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Aran\Downloads\OTL.exe

PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/10/06 01:21:56 | 000,288,088 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

PRC - [2011/05/27 00:14:40 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

PRC - [2011/05/27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2010/10/12 15:04:20 | 004,142,448 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe

PRC - [2010/10/01 02:52:50 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE

========== Modules (No Company Name) ==========

MOD - [2012/05/23 02:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll

MOD - [2012/05/23 02:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll

MOD - [2012/05/23 02:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll

MOD - [2012/05/23 02:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll

MOD - [2012/05/23 02:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll

MOD - [2012/05/23 02:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll

MOD - [2012/05/23 02:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll

MOD - [2012/05/23 02:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

MOD - [2011/09/10 18:19:13 | 000,807,936 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll

MOD - [2010/10/01 02:50:23 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll

MOD - [2010/03/09 22:58:30 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011/08/29 23:22:56 | 000,087,040 | ---- | M] (Highresolution Enterprises) [Auto | Running] -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe -- (XMouseButton Launcher)

SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV:64bit: - [2009/09/04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/08/05 05:44:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/22 09:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)

SRV:64bit: - [2009/07/22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)

SRV:64bit: - [2009/03/30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)

SRV:64bit: - [2009/03/02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)

SRV - [2012/05/04 23:16:39 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/03/29 01:31:05 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/10/06 01:24:34 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)

SRV - [2011/10/06 01:21:56 | 000,288,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)

SRV - [2011/05/27 00:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)

SRV - [2011/05/27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)

SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010/10/01 02:52:50 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/07/22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe -- (STacSV)

SRV - [2009/07/14 02:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/10 21:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

SRV - [2009/03/30 03:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)

SRV - [2009/03/02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)

SRV - [2009/02/22 21:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012/03/07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012/03/07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012/03/07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012/03/07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012/03/07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2011/06/15 09:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/20 10:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)

DRV:64bit: - [2010/09/24 12:54:34 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/09/22 20:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)

DRV:64bit: - [2010/09/22 20:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)

DRV:64bit: - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)

DRV:64bit: - [2010/04/27 03:25:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)

DRV:64bit: - [2010/04/27 03:25:14 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)

DRV:64bit: - [2010/04/27 03:25:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)

DRV:64bit: - [2010/03/02 17:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/10/21 12:01:34 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WN111v2w7x.sys -- (WN111v2)

DRV:64bit: - [2009/09/17 21:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/09/17 21:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/09/17 21:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/09/17 21:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/08/05 06:23:00 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/07/24 08:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/07/22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV:64bit: - [2009/07/14 00:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)

DRV:64bit: - [2009/06/24 20:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/04/29 17:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV:64bit: - [2009/03/30 03:53:56 | 000,311,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0103.sys -- (RsFx0103)

DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2009/03/09 15:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV:64bit: - [2008/10/01 16:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)

DRV:64bit: - [2007/08/31 14:15:34 | 000,079,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)

DRV:64bit: - [2007/06/21 17:51:46 | 000,215,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emDevice64.sys -- (DCamUSBEMPIA)

DRV:64bit: - [2007/06/21 17:51:32 | 000,006,400 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emFilter64.sys -- (FiltUSBEMPIA)

DRV:64bit: - [2007/06/21 17:51:30 | 000,006,144 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emScan64.sys -- (ScanUSBEMPIA)

DRV:64bit: - [2006/11/28 21:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCAMp50a64.sys -- (PCAMp50a64)

DRV:64bit: - [2006/11/28 21:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50a64.sys -- (PCASp50a64)

DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)

DRV - [2010/07/28 16:01:06 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)

DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}

IE:64bit: - HKLM\..\SearchScopes\{2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1060933

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0AB4BCC2-A45C-42FB-93B1-CBA643F4CB31}

IE - HKCU\..\SearchScopes\{0AB4BCC2-A45C-42FB-93B1-CBA643F4CB31}: "URL" = http://www.google.co...utputEncoding?}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT1060933

IE - HKCU\..\SearchScopes\{D1ABEF02-10A2-4078-AFAD-6B9C8B846B93}: "URL" = http://www.ask.com/w...q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?crg=3.1010000.10011&barid={7E1F4C3F-ADDB-11E1-8B4C-C80AA91EB9E8}"

FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.3.4

FF - prefs.js..extensions.enabledItems: savesession@noasobi.net:1.3.1.6

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.7

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9

FF - prefs.js..extensions.enabledItems: adblockpopups@jessehakanen.net:0.2.9

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7

FF - prefs.js..keyword.URL: "http://www.ask.com/web?&o=13795&l=dis&q="

FF - prefs.js..network.proxy.type: 0

FF - prefs.js..browser.startup.homepage: "www.google.co.uk"

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""

FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""

FF - prefs.js..browser.search.defaulturl: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Aran\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files (x86)\SearchPredict\PRFireFox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/14 23:02:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/14 23:02:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/02 11:04:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/29 16:58:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/04 04:36:48 | 000,000,000 | ---D | M]

[2010/07/09 13:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aran\AppData\Roaming\Mozilla\Extensions

[2012/06/04 04:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions

[2012/06/01 05:45:21 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

[2011/10/21 17:58:30 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010/08/15 14:45:35 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\cacaoweb@cacaoweb.org

[2010/07/10 16:31:49 | 000,000,000 | ---D | M] (Save Session) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\savesession@noasobi.net

[2010/07/09 13:16:55 | 000,000,000 | ---D | M] (Sxipper) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\sxipper@sxip.com

[2011/02/26 01:49:21 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\tineye@ideeinc.com

[2012/06/04 01:24:37 | 000,003,998 | ---- | M] () -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\searchplugins\sweetim.xml

[2012/02/17 16:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/08/12 09:48:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/06 16:29:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/02 15:00:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/04/17 18:07:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/07/06 13:48:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/09/11 18:00:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2012/02/17 16:55:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

[2011/03/11 19:10:49 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com

[2012/04/02 11:04:13 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF

[2012/01/10 00:51:29 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ARAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZ7W0DV4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011/12/31 16:57:37 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\ARAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZ7W0DV4.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI

[2011/12/31 04:21:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/02/17 16:55:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/12/31 04:21:19 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml

[2011/12/31 04:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/12/31 04:21:19 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml

[2011/12/31 04:21:19 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml

[2011/12/31 04:21:19 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: Screen Capture (by Google) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\

CHR - Extension: FB Photo Zoom = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1109.26.1_0\

CHR - Extension: Logitech Device Detection = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\

CHR - Extension: AdBlock = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\

CHR - Extension: avast! WebRep = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Trash Can = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdjgdkojiakdhlhfcaohpfgjgemcegi\0.1_0\

CHR - Extension: SmartVideo For YouTube\u2122 = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.991_0\

CHR - Extension: Google Reader = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.2_0\

CHR - Extension: Screen Capture (by Google) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\

CHR - Extension: FB Photo Zoom = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1109.26.1_0\

CHR - Extension: Logitech Device Detection = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\

CHR - Extension: AdBlock = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\

CHR - Extension: avast! WebRep = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Trash Can = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdjgdkojiakdhlhfcaohpfgjgemcegi\0.1_0\

CHR - Extension: SmartVideo For YouTube\u2122 = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.991_0\

CHR - Extension: Google Reader = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.2_0\

O1 HOSTS File: ([2010/07/15 21:37:25 | 000,412,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14241 more lines...

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [AdobeBridge] File not found

O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - Startup: C:\Users\Aran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8:64bit: - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()

O8:64bit: - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()

O8:64bit: - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()

O8:64bit: - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()

O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()

O8 - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()

O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Extract Flash Video with Bytescout... - {6041DBF7-1338-422E-BDFC-8AD058111BAD} - C:\Program Files (x86)\Bytescout Movies Extractor Scout\flashextract_ie.html File not found

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.4.0)

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1279488654659 (MUCatalogWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6A4FED-2A34-441F-A495-B5904EF721DE}: DhcpNameServer = 10.2.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A90206CF-71CD-464F-ADEA-4A00EE91B819}: NameServer = 10.76.168.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABACEAD5-7ABE-4722-B030-CC93F3C195BB}: DhcpNameServer = 10.0.0.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22:64bit: - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll (Stardock)

O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)

O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe

O33 - MountPoints2\I\Shell - "" = AutoRun

O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/04 16:58:09 | 000,000,000 | ---D | C] -- C:\Users\Aran\Documents\My Received Files

[2012/06/04 15:12:22 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3F0C40A0-00AA-4AE3-8E24-028853176740}

[2012/06/04 15:12:10 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{CBDE31F0-F155-4047-B800-A7F4D6EB8A7F}

[2012/06/04 01:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012/06/04 01:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2012/06/03 15:59:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E31E9A8B-4F08-4984-B3CE-C46A65B63F90}

[2012/06/03 15:59:46 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D83998B8-2486-43F0-95DF-A5BAEC2A8339}

[2012/06/03 03:59:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{2CD4445A-12F7-4035-9313-3304C909D8C6}

[2012/06/02 15:58:54 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E421915B-3D99-4D2E-BC54-B76AAC8E4845}

[2012/06/02 15:58:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{0E0E6839-1435-4189-B48A-7EBDCAE159FC}

[2012/06/02 03:58:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{FA7FBB67-9688-4745-8DE2-7007E7108928}

[2012/06/02 03:58:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{2F2AACCD-02C8-4DF6-AF94-29D26087D108}

[2012/06/01 15:58:07 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3D6C8D29-80F8-4390-8F2B-9E433A611C33}

[2012/06/01 02:19:03 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8E949EB8-5B2D-48F9-BF4C-14FF78702567}

[2012/06/01 02:18:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6B4EAA78-9DA6-4803-831A-9B26E980741D}

[2012/05/31 14:18:27 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F87F966F-562B-4FFA-B5B8-6F88CC9CC796}

[2012/05/31 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{54A92811-64AC-499D-AC63-9D0FE9984A19}

[2012/05/31 02:17:49 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{755AC9CF-D2E6-4414-86CB-D173B3B2F0FF}

[2012/05/31 00:29:10 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Roaming\Unity

[2012/05/31 00:23:00 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\Unity

[2012/05/30 14:17:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{CF60D6D3-B22C-4BDD-BAD6-06D317C321EC}

[2012/05/30 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8868DE06-C2D4-41D0-86C7-3A27A10C761D}

[2012/05/30 00:41:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5F9CBAF8-86F6-4061-BEDE-643B1532683B}

[2012/05/29 12:41:33 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DA335AE2-EC40-4AA6-82C2-A0A2E4B79845}

[2012/05/29 12:41:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{EB31B2F9-39CB-426D-83A6-AFC3304DD51A}

[2012/05/29 00:40:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{11F9D854-3113-4B06-852B-AD0F1E0BA8B1}

[2012/05/28 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{611B3847-BA06-436D-AB0D-333F50199E54}

[2012/05/28 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{51E13217-A4A1-4EF3-9D5F-B89CDD17E89D}

[2012/05/28 00:39:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{14ACDB8A-5C70-429A-8D2D-8F070C41E67A}

[2012/05/27 12:39:07 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6CF35DEC-E2A0-41C7-A8B4-4A67378E5959}

[2012/05/27 12:38:47 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6FC980A1-4901-47DB-85CB-08050EFB183F}

[2012/05/26 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B504130F-58D6-4B8F-9B54-605257DDC2A5}

[2012/05/26 22:39:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{9D36CDDD-E5B5-4790-A602-7B46AB22329A}

[2012/05/26 10:39:04 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3C3CDDE7-F48D-4595-B341-77247A985D66}

[2012/05/26 10:38:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A6E63E8B-5E3D-4582-B77D-427D762ADEFE}

[2012/05/25 22:38:26 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B9B866C1-362A-4C95-8E6C-FAC26969B328}

[2012/05/25 22:38:15 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{319A3F7D-2361-46B3-A18F-C2175B719FAA}

[2012/05/25 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1BF2D37F-DCB9-464D-BE56-972B8551BECC}

[2012/05/25 10:37:29 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{596F2684-4535-4183-A7DC-8E3600B267E9}

[2012/05/24 15:42:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E253F3B0-095D-4388-BBA9-E88C4F9AD555}

[2012/05/24 15:40:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DA78602B-2B31-4082-AFF0-654EBC2F494A}

[2012/05/23 21:39:40 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll

[2012/05/23 21:39:39 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll

[2012/05/23 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{95F394DB-D2F2-4A15-9B14-4CB8B9DEF39C}

[2012/05/23 16:02:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{30614293-1C9D-421C-960C-D22947A266D2}

[2012/05/23 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F3522B7B-D132-4938-BE46-4DBCC0E5836C}

[2012/05/23 00:03:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4284BDB8-2749-4913-BB13-6E96D5F4BBE7}

[2012/05/22 12:02:48 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{77050C0D-F006-45F7-BB2C-BDFC605E2057}

[2012/05/22 12:02:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6C6B2B9B-E2CC-4B72-82B2-E1B9A3C634B7}

[2012/05/21 23:19:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DADC891B-0923-4129-92F8-A66E9817DDB1}

[2012/05/21 23:19:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8FD375CB-DEFC-4E3C-93E2-E91CB5385518}

[2012/05/21 11:18:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{87CC3A63-BCAD-4FC7-B0B6-58601B153FE0}

[2012/05/21 11:18:41 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E04CA7CC-6038-4E07-B8DD-FB6D663695D7}

[2012/05/20 23:18:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{47354452-DD54-4EF9-9627-B044B3CF9A3F}

[2012/05/20 23:18:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1304CFC0-9B1E-4317-9F93-5D6EE3C59799}

[2012/05/20 11:17:38 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D2208DD8-1F9A-4597-986A-2BCE86EB434B}

[2012/05/20 11:17:25 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A3E5CE79-A3BE-4734-8ACA-C62027A61A79}

[2012/05/19 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{175F010D-5E4F-4CA9-99BE-D73508235EED}

[2012/05/19 11:16:45 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{80FDB1A6-BAF9-4C69-99D0-1A3E05E1DA74}

[2012/05/18 23:16:19 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{328DA5A7-104A-4B91-B79C-1AA50C8650F9}

[2012/05/18 11:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2012/05/18 11:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2012/05/18 11:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

[2012/05/18 11:15:32 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{057A643B-D5FD-43F0-B95D-F1D59AB6904C}

[2012/05/18 11:15:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F7C3CFF8-020B-4DC1-8E6A-2D36AF668255}

[2012/05/17 20:05:44 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5ABA2ED8-A094-454B-9723-88FE882E3D9D}

[2012/05/17 20:05:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A16723E4-B07D-48C2-838B-F499FDE3A545}

[2012/05/17 08:04:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{00DDA841-936D-4639-9A71-C6E6A3CCA122}

[2012/05/17 08:04:30 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{85D97CFE-8FC6-48D4-A0F6-3D26DDB64827}

[2012/05/16 19:06:16 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{7EB9CB8E-4002-46AA-B175-ED521529813E}

[2012/05/16 19:05:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C8720C19-9DE2-447F-A390-2F3AF7C8FBC2}

[2012/05/16 07:05:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D8B33E0A-4869-4F50-B461-754FC7EA9864}

[2012/05/16 07:05:20 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{0E19AED3-8E31-4933-A297-4979599FE06F}

[2012/05/15 12:55:24 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3D69DF33-913A-4748-897F-3B765E23EC55}

[2012/05/15 12:55:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{765035F8-B544-4CDC-9B66-4959B4126C93}

[2012/05/15 00:54:42 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8FC190CC-B597-4A7A-82BD-68276DB09846}

[2012/05/15 00:54:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{79FB9D66-5976-4407-88B3-5AE8533DF534}

[2012/05/14 12:54:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C45AB77D-CF0C-4F19-B3DE-A24189AE2D45}

[2012/05/14 12:53:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E133F896-6A8D-41E2-B539-2CB1BF1B0E86}

[2012/05/14 00:53:15 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C65B623D-4559-4964-95B0-C82E9FC00B04}

[2012/05/13 12:52:36 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{FD6BFA6B-7DCB-4E05-9309-0989BE485373}

[2012/05/13 12:52:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6B90F2F7-F928-42F6-B95C-A094699913EA}

[2012/05/12 16:01:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A618FC29-901F-4CFE-8689-18047DF6ED4E}

[2012/05/12 16:00:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{BFAC13E3-A506-45D2-A54B-9FF97B8A7255}

[2012/05/11 21:41:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{EC390CB9-C0C9-48C9-A45E-7F861C96A5B9}

[2012/05/11 21:41:19 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1B8FE01C-8B4E-40B7-9032-9124A2FE52B1}

[2012/05/11 16:30:20 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2012/05/11 16:30:13 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2012/05/11 16:30:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012/05/11 16:30:07 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012/05/11 09:41:06 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{04ADA3D7-F0FB-4427-934E-7FCDA2C13AD9}

[2012/05/11 09:40:55 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{55FF9199-01AC-4939-8A31-02E54D16DA7F}

[2012/05/10 21:40:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3B12E558-2845-48B7-ABE6-527F1FBD15DB}

[2012/05/10 21:40:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D735DA33-44C8-4BE8-8057-E8ADA86928F3}

[2012/05/10 09:39:40 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C5EF773A-5DD8-4C4E-89A7-4C5EDB62F8D7}

[2012/05/10 09:39:22 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D1E7927C-94F7-40CE-B075-C1F530A23FED}

[2012/05/10 09:38:14 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{7D8BCEDE-22CD-4FC3-A754-D67B94DDBCA7}

[2012/05/09 19:06:05 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5DC54395-7C50-4409-95E0-7738F7949495}

[2012/05/09 19:05:48 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4A73CE5B-003A-4221-8E3B-0BC10E6AEAA8}

[2012/05/09 07:04:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D1218B84-7283-4479-820B-648C2C968DB8}

[2012/05/09 07:04:39 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{20C25014-C907-4DA3-A5BD-61EBC76CBC67}

[2012/05/08 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\Documents\FFOutput

[2012/05/08 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1FF1B5DD-B8D4-42DC-BAFA-0DA6A2F13E61}

[2012/05/08 17:31:44 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{746A7BB2-D5A5-4958-BBC1-182A11CB8E1F}

[2012/05/07 23:52:56 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DE7D42D3-02D0-4D2F-9E90-99045B471A6C}

[2012/05/07 23:52:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D8586538-959D-4BF0-919E-5FB4CB04C5F9}

[2012/05/07 11:52:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{235AF0D5-8959-4ED9-861E-6B29E6B06A96}

[2012/05/07 11:52:20 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D048E577-12D0-4B2E-A092-508B2CFAFC1A}

[2012/05/06 23:51:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B9D39D7C-666E-4BC8-A7BD-097AD1F33490}

[2012/05/06 23:51:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B845A0EB-02DA-4CE8-A918-39BC06347A1E}

[2012/05/06 11:50:40 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4C4F7179-EF7F-4BC7-B1C3-1614807E4B8B}

[2012/05/06 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D6B165F2-B829-4CCA-9DF4-5ABB48FC5286}

[2012/05/05 22:17:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{718B9FBF-70F7-4CBB-A95D-C458D64F4A9E}

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/04 18:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/04 17:42:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3458062477-574475828-1987152826-1000UA.job

[2012/06/04 15:17:56 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/04 15:17:56 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/04 15:08:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/04 15:08:06 | 3016,908,800 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/02 13:42:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3458062477-574475828-1987152826-1000Core.job

[2012/06/01 21:34:58 | 000,879,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/01 21:34:58 | 000,735,306 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/01 21:34:58 | 000,152,902 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/05/12 07:03:51 | 005,107,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/02 14:18:33 | 000,007,598 | ---- | C] () -- C:\Users\Aran\AppData\Local\Resmon.ResmonCfg

[2012/03/01 02:14:22 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini

[2011/10/06 23:15:22 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll

[2011/09/21 19:41:56 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib

[2011/09/08 19:16:19 | 000,001,456 | ---- | C] () -- C:\Users\Aran\AppData\Local\Adobe Save for Web 12.0 Prefs

[2011/09/08 19:13:12 | 000,000,132 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2011/09/01 16:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/08/14 13:55:50 | 000,000,128 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\66228c91.dat

[2011/08/12 02:27:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011/04/17 17:56:47 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll

[2011/04/17 17:56:47 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll

[2011/04/17 17:56:47 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll

[2011/04/17 17:56:47 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll

[2011/04/09 20:38:32 | 000,000,233 | ---- | C] () -- C:\Windows\ACTIVEJP.INI

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/03/02 13:57:54 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll

[2011/03/02 13:57:54 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini

[2011/02/10 20:01:01 | 000,001,402 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\.minecraft - Shortcut.lnk

[2010/12/29 17:29:05 | 000,001,854 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\GhostObjGAFix.xml

[2010/12/09 19:18:04 | 000,864,944 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/11/30 16:54:50 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2010/10/02 12:57:00 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

[2010/10/02 12:56:46 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2010/10/01 20:29:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat

[2010/09/24 21:41:34 | 000,000,088 | RHS- | C] () -- C:\ProgramData\600943270D.sys

[2010/09/24 21:41:33 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2010/07/28 16:02:15 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2010/07/28 15:53:03 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

[2010/07/22 16:04:45 | 000,011,776 | ---- | C] () -- C:\Users\Aran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/07/08 16:51:08 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:5AAA8F6FDA049429

< End of report >

Link to post
Share on other sites

OTL Extras logfile created on: 6/4/2012 6:12:24 PM - Run 1

OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Aran\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.31 Gb Available Physical Memory | 34.93% Memory free

7.49 Gb Paging File | 4.60 Gb Available in Paging File | 61.44% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284.42 Gb Total Space | 99.77 Gb Free Space | 35.08% Space Free | Partition Type: NTFS

Drive D: | 13.37 Gb Total Space | 2.21 Gb Free Space | 16.50% Space Free | Partition Type: NTFS

Drive E: | 99.34 Mb Total Space | 95.87 Mb Free Space | 96.51% Space Free | Partition Type: FAT32

Computer Name: ARAN-PC | User Name: Aran | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02B8B046-7CE6-4B9E-9EF1-33F41FB1C16B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{0A14463E-F0F3-42A1-AA0F-F19A6C7BC7A0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0CDC154C-7343-4A07-BB43-77B521CA6322}" = lport=3390 | protocol=6 | dir=in | app=system |

"{154BC447-7A9B-4FEF-AB31-19856FFDE2AD}" = rport=139 | protocol=6 | dir=out | app=system |

"{1BFA112F-4170-4166-91CC-9B8CA363201F}" = rport=10243 | protocol=6 | dir=out | app=system |

"{1E5949DD-ECE7-4919-8A6F-3C0F83DFE347}" = lport=2869 | protocol=6 | dir=in | app=system |

"{220B5BFD-D022-4D47-94B8-51E8D7AB3474}" = lport=10244 | protocol=6 | dir=in | app=system |

"{26FB7CDF-DBB3-405A-8CF4-68A30EC71180}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{28319661-9910-4205-A934-8DB0411446DB}" = lport=10244 | protocol=6 | dir=in | app=system |

"{290EC77F-1985-4978-9B56-8A9C875C885E}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2C3C6897-5145-4339-BE42-30D3B7CE9AAC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{2C9E1B6E-18F8-44A4-9C05-8E8CFE8D82F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{2DF5B706-F4D0-49EE-90C9-4FB4A38671A0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{321EB750-46C8-48AB-B934-53EA4993AD79}" = lport=445 | protocol=6 | dir=in | app=system |

"{3527CD37-A4F3-45A4-9691-54C83D3E6726}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{41683557-9BAE-45CE-9675-E63E72DC35E6}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{42F35D35-2FC3-4747-B2F8-0B35D1438C99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{45465034-58CA-469D-BB37-5EDF3FB00F0F}" = lport=139 | protocol=6 | dir=in | app=system |

"{4F446F71-8E72-499E-BF9E-5E727CA82398}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{517F9DD1-29D7-4852-99D3-3F3DDF014016}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{524CF6D5-2AD7-4481-BE21-7C3BD9799427}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{590B834F-C4EF-45B6-8122-12F50004C4D0}" = rport=445 | protocol=6 | dir=out | app=system |

"{6185B17A-AAB6-47CC-98C2-08D63C7F415F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{631D447D-06D7-43C6-974F-586BBC52FFA3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{677350B1-EF54-455A-9A1C-D7EB60E72E3D}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{6CDB83E3-2BE2-42CC-B8C7-0A1ECD06CDE1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{75918CF2-1210-44C7-B8BE-7E827D4D92EC}" = lport=3390 | protocol=6 | dir=in | app=system |

"{79512A62-AE5B-42DB-920E-4F6C72CEBAA0}" = lport=2869 | protocol=6 | dir=in | app=system |

"{7D00C4B8-41E7-464C-8599-93FA1AA9ABEF}" = lport=2869 | protocol=6 | dir=in | app=system |

"{81562A8C-160D-49B7-B8D2-EEFC7794FF7F}" = lport=137 | protocol=17 | dir=in | app=system |

"{860FBBAD-FB3A-485F-A7BC-C30BEF958D47}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{86593D70-151F-47E6-B380-2B42466A7399}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{95ECD701-699A-4D35-9DB8-7B68B6ED542F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A4A059D5-0984-4843-BCF7-B0A5CE7BFD45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{AF406F12-8896-4014-8998-E6B09539798D}" = lport=2869 | protocol=6 | dir=in | app=system |

"{B5BD72C9-3E1E-4B13-B6CC-DE2BC548185A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{BAFAC192-A187-414D-A460-A2E12DF4F7B4}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BAFB84FE-692C-4228-94CF-181F6A6FB662}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{BFD67DCB-F376-48C5-96AB-B4399F7EB528}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C3294AB4-35CD-4A83-8E98-9B65875491D0}" = rport=138 | protocol=17 | dir=out | app=system |

"{CD274645-B52E-426E-A5D1-2710D143A1F6}" = lport=138 | protocol=17 | dir=in | app=system |

"{D1D1E77D-ECEA-49F0-A2DC-6D929BB04BDE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{D752ADF2-0E69-4CF3-A644-854640DEBA04}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{D988E766-EEEA-4BA7-B3A9-B11E1BA780E0}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{DC4CEBD2-1722-4AA2-968F-95BF34842876}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{DDF4E5FC-02B2-4427-A227-423A3FC5CDEF}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{E5896941-7415-4321-A99B-A7B15BADCB7B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{E5C90253-B025-4B0C-93DC-CDEE122A5E01}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{E9E49FE2-2703-4FEC-B621-AE7F7334DD8F}" = rport=137 | protocol=17 | dir=out | app=system |

"{EAB042FE-A6B4-4751-A7AF-04F2F47DD7FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{F474E4D5-24D8-4057-9F31-017D516EEEE1}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |

"{FB61618F-0317-4FAC-B005-16070529C345}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{054BC11D-8142-4E8C-9C6D-C83376F35B6F}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |

"{0B0F7C53-5EDB-4A49-9ACA-7368D1A8F20B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{12E30212-C01E-4013-95EF-234DA2BE1A63}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1BBD6DB4-822B-4B91-BB08-67E4A5736084}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{1D4D73BB-FCC9-4FB7-A7A1-93083C95C59A}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe |

"{1D6C3B3A-DEFB-4C24-BC1A-B2DDB991976B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{2456994F-4136-43A8-9598-9A5D2B67D4E4}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{24F8F2F2-7FB9-4DBA-A6B4-2C92D1EF37C7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{29EBE94F-6700-40AF-A267-72D067433026}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{2B587D51-2FBF-4533-A0E3-39017469F942}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft corporation\tinker\tinker.exe |

"{2D86EC8D-2002-4CBF-8FE3-046650A63AAB}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |

"{2E2DF77A-EACC-438A-8951-427A383AB924}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe |

"{3362338C-6A0F-4BEA-BED5-E8A09C12371E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{37A916D3-334F-4127-A92E-7836EE62351B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{38B4F55D-C08B-45F0-B9E7-E69D97C28029}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe |

"{3E232DE4-99FA-46E2-8295-790DA3E38404}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe photoshop cs5.1\photoshop.exe |

"{420CC1F4-4FAF-46EB-87B2-E39FE8ACC2AC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{514945BA-3D18-4AB7-818C-42DDE071A955}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{52C97C11-3E94-43CE-A601-0C4CF3B4F2D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |

"{55DD209F-47F1-4592-8CB7-AF32669C1809}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5A59DD4D-1AD7-4737-A398-8E8AE17986D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5EA440D9-3A3D-4158-9070-4E74E353EC0D}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{61E6C4F1-0A8F-48AA-8C65-7223A7EEDADB}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{61F3C5EA-FEB7-452B-A95A-2ED8F9FE9061}" = protocol=6 | dir=out | app=system |

"{62A96091-3F9D-46BD-8CCC-608301663393}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft corporation\tinker\tinker.exe |

"{62BC4C09-E5B6-4506-818C-1B265E68D17C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{632D9005-8C97-416C-B3EE-38B396AFF3CF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{63C4A07A-0414-4FF8-B70F-DB7ACC198C90}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{64E5DD5D-08B2-4D5E-9272-7670C4E20459}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe |

"{66AA8F44-0E59-4712-B3BC-6F3A022B9218}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |

"{6E295B52-FF95-448E-B5D9-0B35BB69133C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{759E9ACF-E3D3-4FE7-9438-51BE9AF41246}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{849906F8-9235-4504-A4B0-F2210A320F25}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |

"{86A5741B-9DD2-43B2-8598-C406E8895A86}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"{87435ABD-D9B5-49C7-9BAC-4BCF10E8C3E3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{8C2F12C3-1917-4FE3-9DE3-077FD32A35A8}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |

"{8DD19E3B-7354-4348-B93E-B769EC4868B7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{92E44D20-DB41-468B-B3BA-4518739B842A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{92E75467-390C-425A-A4FA-EA5EF5369D74}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |

"{990E56EC-FF22-49FA-A1C0-08FC52C26C7B}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |

"{99AA22E3-C75A-4E26-9643-0BE5B49D120D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{9B3273C0-E962-4976-B266-119C4664A4CA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{9B712CD3-2BA5-4D3A-81D2-5978565FC1D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{A1843B24-CD2C-4706-A60A-86592176714A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A3653813-1642-4E07-A071-B4990D7F5622}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A4D9A02B-A67A-4847-A438-FB83D10567AC}" = protocol=17 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe |

"{ACA31737-ABC4-4E2D-99BD-85CE0E49D3F5}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |

"{ACF7AB43-0A85-4687-B05E-64015C64685E}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe |

"{AE6A5AC6-85A2-4918-BCE0-3D90A5BD6BEC}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |

"{B0EF2CD1-E81F-4C22-AA2B-5A7DE610E2C6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{B1D8F2AD-F80B-4AC6-AB72-7307212699E3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{B8BCC16F-FE2B-4982-8692-A5F016FB5E91}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{B9F5FF07-031E-4B91-9350-16F97F54DF52}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |

"{BF6289A7-B331-474F-A370-3787D1FDE6CF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{C2163ADF-488D-40F3-9832-83A0CB7A4AB4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{D356C15E-DC23-4B2A-ABE9-DD65C4FD479B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D44C14F6-37DE-49B5-B8DC-2F93043CDA26}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{D49D6AFD-44C0-4AE8-A3F2-9D2CC81ABC5A}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{D83F8B62-E5EC-4A22-81F4-E1338383ABBE}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{D9AA7AC4-8DCE-4BC1-9490-8DEC9A9F6913}" = protocol=6 | dir=in | app=c:\program files\adobe\adobe photoshop cs5.1 (64 bit)\photoshop.exe |

"{DAF351A4-D266-4B99-AA3A-51E7F7AAA2BF}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |

"{DCD5A0AA-8FE9-4ED8-AFD5-A5427DD858AE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{E28F17A5-FDE9-406A-9B5A-7AE6973B83FE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{E8389AA5-191C-43EE-8239-6A381276EBFE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{EA8415E8-490D-437A-A841-F0885ED81545}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{ECC194BE-A722-42A1-989C-FB1C1EFE2240}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{ED9C81B8-B3A0-44D3-9C8D-184C7B8C883E}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |

"{EEB7364B-F852-45D9-BEA0-8AD1285E04F3}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |

"{F0EC188C-812F-4101-85E8-17E88986C9B1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{F467B75E-B998-4268-9C22-B016BF8C0957}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{F5D935E5-539E-4D33-A827-9563CCE42FCE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{FAAF2A80-37EF-48A0-8D9B-CCE9D6D23950}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |

"{FDFE1ECC-64DA-40BF-B8DD-CE5103340192}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |

"TCP Query User{0ED15E8A-8848-4380-B33C-A6A8B540063C}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"TCP Query User{1D16B178-D850-496D-B318-704505B4684B}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"TCP Query User{3E989BC1-EDE7-483F-AA07-6C2C91702E9A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

"TCP Query User{406C6277-BDBB-40E4-9D24-B8E15E11E445}C:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |

"TCP Query User{55563927-C526-47C9-B9F7-211FEF853D9A}F:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=f:\easysetupassistant\wr941n\easysetupassistant.exe |

"TCP Query User{8309A5D8-B6E3-4DEE-9366-EFA895E660D1}C:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=6 | dir=in | app=c:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe |

"TCP Query User{9E88B195-6CC2-406B-8F78-9C4A56569884}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |

"TCP Query User{A1EFFAD8-0F21-492C-B89F-0A565B8BFE07}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |

"TCP Query User{BCD0F0E2-0C3F-4EF2-89CD-31AA6806B9C4}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"TCP Query User{D916EBC9-7971-43DB-AF5C-682E10991153}C:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=6 | dir=in | app=c:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe |

"TCP Query User{ED1CB9D1-164E-4871-B3DE-3021798FB7F0}C:\users\aran\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\aran\appdata\local\google\chrome\application\chrome.exe |

"UDP Query User{2EB0CFCC-3261-4F1C-8DC4-1FCE388D68DC}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |

"UDP Query User{47A2CE5A-E086-4EB8-9E6F-840C1ADF1015}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

"UDP Query User{4D645CD2-29F4-41C2-89D0-BE16A4010B0A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |

"UDP Query User{5E2B5B8E-1938-4997-BE1A-9CAA48745D4C}C:\users\aran\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\aran\appdata\local\google\chrome\application\chrome.exe |

"UDP Query User{93815FF9-6CCB-4AAD-811E-BA81D801E91A}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |

"UDP Query User{9A50CF3B-1E42-410F-8C29-4562A38E898B}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |

"UDP Query User{A69BA761-938F-42E7-BB51-F58ACD4D9DDF}C:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=17 | dir=in | app=c:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe |

"UDP Query User{B73E780B-A52E-4FF3-85E1-FADADAE713E6}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |

"UDP Query User{CEAD3283-BFA9-4EF5-8697-429CAEDB3845}F:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=f:\easysetupassistant\wr941n\easysetupassistant.exe |

"UDP Query User{D755FD7D-AB73-4255-90A0-BD835ECCBA69}C:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe" = protocol=17 | dir=in | app=c:\users\aran\appdata\roaming\cacaoweb\cacaoweb.exe |

"UDP Query User{FB157D17-7D5A-46B1-AE8B-8E21546BBFCA}C:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\konami\yu-gi-oh! power of chaos joey the passion\joey_pc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer

"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool

"{1111706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 (64-bit)

"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)

"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{2222706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 SDK (64-bit)

"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java™ 7 Update 4 (64-bit)

"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.1.2903 x64

"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files

"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Driver

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{64A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4 (64-bit)

"{650AF771-456D-418F-BFC7-F6FFC9D0235C}" = HP Deskjet 3050 J610 series Basic Device Software

"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver

"{818AA386-29D5-4DFF-BBB5-3F16133F1409}" = TortoiseSVN 1.6.12.20536 (64 bit)

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{902004C7-2B12-4A4F-E1DB-E75C7B03EDD4}" = ATI Catalyst Install Manager

"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support

"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client

"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU

"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)

"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared

"{E787AC54-0E56-A6DF-7BDB-AAC360813B6C}" = ccc-utility64

"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services

"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services

"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)

"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)

"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit

"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Better File Series_is1" = Better File Series 5.7

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)

"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)

"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU

"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{0868BCEA-C983-1450-3ACB-79411138ACB0}" = Catalyst Control Center Core Implementation

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{09DF00E6-520C-49D5-B7E0-9612165CACA8}" = OpenOffice.org 3.2

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework

"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0FA359BD-666B-5135-B712-852F21504E96}" = Catalyst Control Center Graphics Previews Vista

"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

"{14F06853-8A15-4731-BBDC-C9B40A866A63}" = Virtual VCR

"{152C18DA-4270-FAF2-DE48-8A7286BD1FB1}" = CCC Help Japanese

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup

"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1

"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK

"{21B5704D-788D-F083-A5E0-94B0390889F5}" = Catalyst Control Center InstallProxy

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31

"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com

"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0

"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{2FC32740-5BF8-F11E-1257-80A41497B9F1}" = Catalyst Control Center Graphics Light

"{32A9C5B3-D166-4C6D-A11E-A54473151000}" = Java 3D 1.5.1

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{337E0592-9B00-AF1D-B10C-16225B981C96}" = CCC Help Thai

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{36214841-EA3C-DA47-7F29-E6A16231702E}" = CCC Help Dutch

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3BC080DE-CF23-E18E-0678-47CA2E70C1CD}" = Catalyst Control Center Graphics Full New

"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition

"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{47365A91-7A32-5C08-927C-17F27D9F0E50}" = Catalyst Control Center Graphics Previews Common

"{47BD6184-519F-C649-6A5C-58234406B62C}" = CCC Help Italian

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B57F6F3-5577-7158-A8F7-9E71547F8B7C}" = CCC Help Finnish

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{5271C0D4-24E4-4C3D-A782-C012033FD3CF}" = AMD USB Filter Driver

"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant

"{5708788D-EC95-7D4A-C0D8-CB393C9E90AC}" = CCC Help Hungarian

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{584109EB-4A5E-4467-B3C4-5C1000008300}" = Tinker

"{584109EB-CEA0-4954-804B-211000018301}" = Tinker

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{6742BE3D-1A59-3BFD-BA20-2FDA866099B8}" = Microsoft Visual Studio 2010 Premium - ENU

"{675ABEBC-DBA1-FF26-52BF-697FF5012CA1}" = CCC Help Spanish

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68910580-F9FF-91E0-8AFE-86D49DD07AE4}" = CCC Help Russian

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

"{6B57CF04-5182-9DED-CCD4-84DAC76784D4}" = CCC Help Swedish

"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools

"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71B7E1DE-4913-5E2E-2B83-B90C3BB308BA}" = ccc-core-static

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime

"{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64)

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service

"{79872596-B887-E700-8D56-CADBC78BA5DE}" = Adobe Download Assistant

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7DA2FB1E-31A5-54A6-91AC-9EDCA6258F40}" = CCC Help French

"{7E8242F8-BD2A-44D7-BCED-9B231A02B367}" = SpellForce 2 Patch

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8DF8417C-07F9-22AA-019E-7F761437BFAC}" = CCC Help Polish

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{90E03F32-42EC-A16D-8146-A4E2F0FC9588}" = CCC Help English

"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1

"{91B36C7F-0796-5A98-D1BA-C29C8D24396F}" = CCC Help Portuguese

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0A47CD2-749A-97BD-C4AE-862EFA38CAC1}" = CCC Help Danish

"{A44CD09A-6D0F-08EC-8B80-6FD5EF62598B}" = CCC Help Czech

"{A5786D80-1FAE-577A-C448-9C61274E9F7B}" = CCC Help Turkish

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)

"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4

"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR

"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player

"{AF6B5CC8-55F5-55BC-2E2A-2B192EA79E16}" = CCC Help Greek

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX

"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"{C2AFB298-CD06-BCF0-16CD-FB506E07B262}" = CCC Help Norwegian

"{C2FFBCE8-3A0D-154C-EE84-47B189E79D60}" = CCC Help German

"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser

"{CB71B7E6-3156-2DB6-3800-6B853D5D6EF6}" = Catalyst Control Center Graphics Full Existing

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF91A5A9-F10D-433D-A677-9505B84EAF1B}" = Stardock Software

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D8029B62-C3D6-E02D-A98E-07AFEA8CDF79}" = Catalyst Control Center Localization All

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{E0897770-46C9-4322-AD44-8BFA6BE217B2}" = Catalyst Control Center - Branding

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1" = NeoDownloader 2.3

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EC1F6690-DE55-4B9E-C556-EE1558EAB7A5}" = CCC Help Chinese Standard

"{EC83C809-3943-830A-ED5C-C569267E4804}" = CCC Help Korean

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8

"{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F696BBD9-A383-4F54-155B-451A15482C89}" = CCC Help Chinese Traditional

"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"1ClickDownload" = 1ClickDownloader

"Adobe AIR" = Adobe AIR

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Audacity_is1" = Audacity 1.2.6

"avast" = avast! Free Antivirus

"Bulk Image Downloader_is1" = Bulk Image Downloader v4.27.0.0

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

"DivX Setup.divx.com" = DivX Setup

"DupDetector_is1" = DupDetector 3.201

"EAX™ Unified (SHELL)" = EAX™ Unified (SHELL)

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Flash Movie Player" = Flash Movie Player 1.5

"FormatFactory" = FormatFactory 2.70

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4

"Free Studio_is1" = Free Studio version 5.5.0

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8

"GFWL_{584109EB-4A5E-4467-B3C4-5C1000008300}" = Tinker

"HotspotShield" = Hotspot Shield 2.09

"HP Photo Creations" = HP Photo Creations

"ImgBurn" = ImgBurn

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"iTunesKeys_is1" = iTunesKeys v1.60

"JDownloader" = JDownloader

"LAME for Audacity_is1" = LAME v3.98.3 for Audacity

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Microsoft Visual Studio 2010 Premium - ENU" = Microsoft Visual Studio 2010 Premium - ENU

"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools

"Mozilla Firefox 7.0.1 (x86 en-GB)" = Mozilla Firefox 7.0.1 (x86 en-GB)

"ObjectDock Plus 2" = ObjectDock Plus 2

"PicaLoader_is1" = PicaLoader 1.66

"PowerISO" = PowerISO

"RealAlt_is1" = Real Alternative 2.0.2

"Synthesia" = Synthesia (remove only)

"Tag&Rename_is1" = Tag&Rename 3.5.7

"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine

"Uninstall_is1" = Uninstall 1.0.0.1

"VLC media player" = VLC media player 1.1.11

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"X-Mouse Button Control" = X-Mouse Button Control 2.2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 10/19/2011 11:49:13 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 10/19/2011 11:49:13 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 10/19/2011 12:01:38 PM | Computer Name = Aran-PC | Source = Microsoft-Windows-RestartManager | ID = 10006

Description = Application or service 'hpCaslNotification' could not be shut down.

Error - 10/20/2011 3:02:17 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 10/20/2011 7:52:12 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 10/20/2011 12:58:44 PM | Computer Name = Aran-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 10/20/2011 4:28:08 PM | Computer Name = Aran-PC | Source = Application Error | ID = 1000

Description = Faulting application name: iTunes.exe, version: 10.5.0.142, time stamp:

0x4e9243f2 Faulting module name: MiniLyrics.dll, version: 0.0.0.0, time stamp: 0x4c539fb4

Exception

code: 0xc0000005 Fault offset: 0x00076b86 Faulting process id: 0x13d8 Faulting application

start time: 0x01cc8f65213daf17 Faulting application path: C:\Program Files (x86)\iTunes\iTunes.exe

Faulting

module path: C:\Program Files (x86)\Minilyrics\MiniLyrics.dll Report Id: 051560ee-fb5a-11e0-9122-c80aa91eb9e8

Error - 10/20/2011 5:46:43 PM | Computer Name = Aran-PC | Source = Application Error | ID = 1000

Description = Faulting application name: iTunes.exe, version: 10.5.0.142, time stamp:

0x4e9243f2 Faulting module name: MiniLyrics.dll, version: 0.0.0.0, time stamp: 0x4c539fb4

Exception

code: 0xc0000005 Fault offset: 0x00076b86 Faulting process id: 0x4bc Faulting application

start time: 0x01cc8f6fc10c5cff Faulting application path: C:\Program Files (x86)\iTunes\iTunes.exe

Faulting

module path: C:\Program Files (x86)\Minilyrics\MiniLyrics.dll Report Id: ffd193db-fb64-11e0-9122-c80aa91eb9e8

Error - 10/20/2011 5:46:45 PM | Computer Name = Aran-PC | Source = Application Error | ID = 1000

Description = Faulting application name: iTunes.exe, version: 10.5.0.142, time stamp:

0x4e9243f2 Faulting module name: MiniLyrics.dll, version: 0.0.0.0, time stamp: 0x4c539fb4

Exception

code: 0xc000041d Fault offset: 0x00076b86 Faulting process id: 0x4bc Faulting application

start time: 0x01cc8f6fc10c5cff Faulting application path: C:\Program Files (x86)\iTunes\iTunes.exe

Faulting

module path: C:\Program Files (x86)\Minilyrics\MiniLyrics.dll Report Id: 010a1635-fb65-11e0-9122-c80aa91eb9e8

Error - 10/20/2011 6:00:27 PM | Computer Name = Aran-PC | Source = Application Error | ID = 1000

Description = Faulting application name: iTunes.exe, version: 10.5.0.142, time stamp:

0x4e9243f2 Faulting module name: MiniLyrics.dll, version: 0.0.0.0, time stamp: 0x4c539fb4

Exception

code: 0xc0000005 Fault offset: 0x00076b86 Faulting process id: 0x5a0 Faulting application

start time: 0x01cc8f71eddc2d30 Faulting application path: C:\Program Files (x86)\iTunes\iTunes.exe

Faulting

module path: C:\Program Files (x86)\Minilyrics\MiniLyrics.dll Report Id: ead648cb-fb66-11e0-9122-c80aa91eb9e8

[ Hewlett-Packard Events ]

Error - 5/25/2011 9:48:27 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\051125024821.xml

File not created by asset agent

Error - 6/8/2011 9:57:34 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061108025728.xml

File not created by asset agent

Error - 6/8/2011 9:57:38 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061108025734.xml

File not created by asset agent

Error - 6/29/2011 9:05:58 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061129020548.xml

File not created by asset agent

Error - 6/29/2011 9:06:02 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\061129020559.xml

File not created by asset agent

Error - 7/6/2011 9:54:15 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\071106025410.xml

File not created by asset agent

Error - 8/3/2011 9:25:35 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081103022530.xml

File not created by asset agent

Error - 8/10/2011 9:26:11 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081110022606.xml

File not created by asset agent

Error - 9/7/2011 9:57:57 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\091107025753.xml

File not created by asset agent

Error - 10/19/2011 11:43:06 AM | Computer Name = Aran-PC | Source = Hewlett-Packard | ID = 0

Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101119044258.xml

File not created by asset agent

[ Media Center Events ]

Error - 9/25/2011 6:10:51 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 11:10:51 - Error connecting to the internet. 11:10:51 - Unable

to contact server..

Error - 9/25/2011 6:11:03 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 11:10:56 - Error connecting to the internet. 11:10:56 - Unable

to contact server..

Error - 11/1/2011 4:13:05 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 08:13:05 - Error connecting to the internet. 08:13:05 - Unable

to contact server..

Error - 11/1/2011 4:14:02 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 08:13:50 - Error connecting to the internet. 08:13:50 - Unable

to contact server..

Error - 11/1/2011 5:14:52 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 09:14:52 - Error connecting to the internet. 09:14:52 - Unable

to contact server..

Error - 11/1/2011 5:15:23 AM | Computer Name = Aran-PC | Source = MCUpdate | ID = 0

Description = 09:15:21 - Error connecting to the internet. 09:15:21 - Unable

to contact server..

[ System Events ]

Error - 6/4/2012 10:01:40 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = The system was hibernated due to a critical thermal event. Hibernate

Time = 2012-06-04T14:01:40.168209700Z ACPI Thermal Zone = ACPI\ThermalZone\THRM

_HOT = 373K

Error - 6/4/2012 10:03:33 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = The system was hibernated due to a critical thermal event. Hibernate

Time = 2012-06-04T14:03:33.830007900Z ACPI Thermal Zone = ACPI\ThermalZone\THRM

_HOT = 373K

Error - 6/4/2012 10:03:42 AM | Computer Name = Aran-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

to start because of the following error: %%1068

Error - 6/4/2012 10:03:42 AM | Computer Name = Aran-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

to start because of the following error: %%1068

Error - 6/4/2012 10:03:42 AM | Computer Name = Aran-PC | Source = Service Control Manager | ID = 7001

Description = The Computer Browser service depends on the Server service which failed

to start because of the following error: %%1068

Error - 6/4/2012 10:03:58 AM | Computer Name = Aran-PC | Source = Microsoft-Windows-Kernel-Power | ID = 88

Description = The system was hibernated due to a critical thermal event. Hibernate

Time = 2012-06-04T14:03:58.416218100Z ACPI Thermal Zone = ACPI\ThermalZone\THRM

_HOT = 373K

Error - 6/4/2012 10:08:03 AM | Computer Name = Aran-PC | Source = Application Popup | ID = 1060

Description = \SystemRoot\SysWow64\Drivers\StarOpen.SYS has been blocked from loading

due to incompatibility with this system. Please contact your software vendor for

a compatible version of the driver.

Error - 6/4/2012 10:08:16 AM | Computer Name = Aran-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 15:03:56 on ?04/?06/?2012 was unexpected.

Error - 6/4/2012 10:08:12 AM | Computer Name = Aran-PC | Source = atikmdag | ID = 52236

Description = CPLIB :: General - Invalid Parameter

Error - 6/4/2012 10:09:28 AM | Computer Name = Aran-PC | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

StarOpen

< End of report >

Link to post
Share on other sites

Ok, sorry for all the mix ups. Below is the new OTL file

OTL logfile created on: 6/4/2012 7:30:32 PM - Run 2

OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Aran\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.75 Gb Total Physical Memory | 1.04 Gb Available Physical Memory | 27.69% Memory free

7.49 Gb Paging File | 4.34 Gb Available in Paging File | 57.96% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284.42 Gb Total Space | 99.42 Gb Free Space | 34.96% Space Free | Partition Type: NTFS

Drive D: | 13.37 Gb Total Space | 2.21 Gb Free Space | 16.50% Space Free | Partition Type: NTFS

Drive E: | 99.34 Mb Total Space | 95.87 Mb Free Space | 96.51% Space Free | Partition Type: FAT32

Computer Name: ARAN-PC | User Name: Aran | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/04 18:10:50 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Aran\Downloads\OTL.exe

PRC - [2012/03/07 00:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011/10/06 01:21:56 | 000,288,088 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe

PRC - [2011/05/27 00:14:40 | 000,329,544 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe

PRC - [2011/05/27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe

PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2010/10/12 15:04:20 | 004,142,448 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe

PRC - [2010/10/01 02:52:50 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE

========== Modules (No Company Name) ==========

MOD - [2012/05/23 02:56:50 | 000,441,880 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll

MOD - [2012/05/23 02:56:49 | 003,922,456 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll

MOD - [2012/05/23 02:55:35 | 000,553,496 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll

MOD - [2012/05/23 02:55:33 | 000,117,784 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll

MOD - [2012/05/23 02:55:24 | 000,134,696 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll

MOD - [2012/05/23 02:55:23 | 000,250,408 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll

MOD - [2012/05/23 02:55:21 | 002,375,720 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll

MOD - [2012/05/23 02:06:23 | 008,743,584 | ---- | M] () -- C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

MOD - [2011/09/10 18:19:13 | 000,807,936 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\CrashRpt.dll

MOD - [2010/10/01 02:50:23 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\DockShellHook.dll

MOD - [2010/03/09 22:58:30 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockPlus2\zlib.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/07 00:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2011/08/29 23:22:56 | 000,087,040 | ---- | M] (Highresolution Enterprises) [Auto | Running] -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe -- (XMouseButton Launcher)

SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)

SRV:64bit: - [2009/09/04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/08/05 05:44:56 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/22 09:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)

SRV:64bit: - [2009/07/22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)

SRV:64bit: - [2009/03/30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)

SRV:64bit: - [2009/03/02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)

SRV - [2012/05/04 23:16:39 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/03/29 01:31:05 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011/10/06 01:24:34 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)

SRV - [2011/10/06 01:21:56 | 000,288,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)

SRV - [2011/05/27 00:14:40 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)

SRV - [2011/05/27 00:14:36 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)

SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2010/10/01 02:52:50 | 000,067,904 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/07/22 02:33:32 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe -- (STacSV)

SRV - [2009/07/14 02:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/06/10 21:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)

SRV - [2009/03/30 03:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)

SRV - [2009/03/02 22:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)

SRV - [2009/02/22 21:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 00:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012/03/07 00:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012/03/07 00:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012/03/07 00:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012/03/07 00:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012/03/07 00:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV:64bit: - [2011/06/15 09:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)

DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/20 10:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)

DRV:64bit: - [2010/09/24 12:54:34 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/09/22 20:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)

DRV:64bit: - [2010/09/22 20:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)

DRV:64bit: - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)

DRV:64bit: - [2010/04/27 03:25:14 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdm.sys -- (ss_mdm)

DRV:64bit: - [2010/04/27 03:25:14 | 000,127,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)

DRV:64bit: - [2010/04/27 03:25:14 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_mdfl.sys -- (ss_mdfl)

DRV:64bit: - [2010/03/02 17:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2009/10/21 12:01:34 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WN111v2w7x.sys -- (WN111v2)

DRV:64bit: - [2009/09/17 21:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/09/17 21:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/09/17 21:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/09/17 21:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/08/05 06:23:00 | 006,038,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/07/24 08:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/07/22 02:33:32 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/07/14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV:64bit: - [2009/07/14 00:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)

DRV:64bit: - [2009/06/24 20:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009/06/10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/23 07:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/04/29 17:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV:64bit: - [2009/03/30 03:53:56 | 000,311,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0103.sys -- (RsFx0103)

DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2009/03/09 15:49:08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV:64bit: - [2008/10/01 16:44:06 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)

DRV:64bit: - [2007/08/31 14:15:34 | 000,079,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)

DRV:64bit: - [2007/06/21 17:51:46 | 000,215,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emDevice64.sys -- (DCamUSBEMPIA)

DRV:64bit: - [2007/06/21 17:51:32 | 000,006,400 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emFilter64.sys -- (FiltUSBEMPIA)

DRV:64bit: - [2007/06/21 17:51:30 | 000,006,144 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emScan64.sys -- (ScanUSBEMPIA)

DRV:64bit: - [2006/11/28 21:46:20 | 000,043,328 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCAMp50a64.sys -- (PCAMp50a64)

DRV:64bit: - [2006/11/28 21:46:20 | 000,041,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCASp50a64.sys -- (PCASp50a64)

DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)

DRV - [2010/07/28 16:01:06 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)

DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}

IE:64bit: - HKLM\..\SearchScopes\{2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2

IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}

IE - HKLM\..\SearchScopes\{2A2E4E1B-CBF6-4318-A4CD-A2A5DD0ACE37}: "URL" = http://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes,DefaultScope = {0AB4BCC2-A45C-42FB-93B1-CBA643F4CB31}

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes\{0AB4BCC2-A45C-42FB-93B1-CBA643F4CB31}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes\{D1ABEF02-10A2-4078-AFAD-6B9C8B846B93}: "URL" = http://www.ask.com/web?&o=13795&l=dis&q={searchTerms}

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?crg=3.1010000.10011&barid={7E1F4C3F-ADDB-11E1-8B4C-C80AA91EB9E8}"

FF - prefs.js..extensions.enabledItems: sxipper@sxip.com:2.3.4

FF - prefs.js..extensions.enabledItems: savesession@noasobi.net:1.3.1.6

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.7

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: tineye@ideeinc.com:1.1

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9

FF - prefs.js..extensions.enabledItems: adblockpopups@jessehakanen.net:0.2.9

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {E4091D66-127C-11DB-903A-DE80D2EFDFE8}:1.6.5.5

FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7

FF - prefs.js..keyword.URL: "http://www.ask.com/web?&o=13795&l=dis&q="

FF - prefs.js..network.proxy.type: 0

FF - prefs.js..browser.startup.homepage: "www.google.co.uk"

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""

FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""

FF - prefs.js..browser.search.defaulturl: ""

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Aran\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files (x86)\SearchPredict\PRFireFox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/14 23:02:28 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/14 23:02:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/04/02 11:04:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/29 16:58:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/04 04:36:48 | 000,000,000 | ---D | M]

[2010/07/09 13:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aran\AppData\Roaming\Mozilla\Extensions

[2012/06/04 04:33:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions

[2012/06/01 05:45:21 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}

[2011/10/21 17:58:30 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010/08/15 14:45:35 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\cacaoweb@cacaoweb.org

[2010/07/10 16:31:49 | 000,000,000 | ---D | M] (Save Session) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\savesession@noasobi.net

[2010/07/09 13:16:55 | 000,000,000 | ---D | M] (Sxipper) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\sxipper@sxip.com

[2011/02/26 01:49:21 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\extensions\tineye@ideeinc.com

[2012/06/04 01:24:37 | 000,003,998 | ---- | M] () -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\searchplugins\sweetim.xml

[2012/02/17 16:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/08/12 09:48:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/06 16:29:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/01/02 15:00:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/04/17 18:07:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011/07/06 13:48:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/09/11 18:00:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2012/02/17 16:55:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

[2011/03/11 19:10:49 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com

[2012/04/02 11:04:13 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF

[2012/01/10 00:51:29 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\ARAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZ7W0DV4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011/12/31 16:57:37 | 000,118,971 | ---- | M] () (No name found) -- C:\USERS\ARAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZ7W0DV4.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI

[2011/12/31 04:21:23 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/02/17 16:55:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/12/31 04:21:19 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml

[2011/12/31 04:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/12/31 04:21:19 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml

[2011/12/31 04:21:19 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml

[2011/12/31 04:21:19 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

CHR - plugin: Logitech Device Detection (Enabled) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\npLogitechDeviceDetection.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Aran\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - Extension: Screen Capture (by Google) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\

CHR - Extension: FB Photo Zoom = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1109.26.1_0\

CHR - Extension: Logitech Device Detection = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\

CHR - Extension: AdBlock = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\

CHR - Extension: avast! WebRep = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Trash Can = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdjgdkojiakdhlhfcaohpfgjgemcegi\0.1_0\

CHR - Extension: SmartVideo For YouTube\u2122 = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.991_0\

CHR - Extension: Google Reader = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.2_0\

CHR - Extension: Screen Capture (by Google) = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\

CHR - Extension: FB Photo Zoom = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1109.26.1_0\

CHR - Extension: Logitech Device Detection = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\elncikmfipkphghakkmemnlnahadedno\1.24.0.9_0\

CHR - Extension: AdBlock = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\

CHR - Extension: avast! WebRep = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\

CHR - Extension: Trash Can = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbdjgdkojiakdhlhfcaohpfgjgemcegi\0.1_0\

CHR - Extension: SmartVideo For YouTube\u2122 = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp\0.991_0\

CHR - Extension: Google Reader = C:\Users\Aran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.2_0\

O1 HOSTS File: ([2010/07/15 21:37:25 | 000,412,182 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 14241 more lines...

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000..\Run: [AdobeBridge] File not found

O4 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Aran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)

O4 - Startup: C:\Users\Rebecca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe (Stardock)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0

O7 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O7 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0

O7 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0

O8:64bit: - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()

O8:64bit: - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()

O8:64bit: - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()

O8:64bit: - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()

O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()

O8 - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()

O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: Extract Flash Video with Bytescout... - {6041DBF7-1338-422E-BDFC-8AD058111BAD} - C:\Program Files (x86)\Bytescout Movies Extractor Scout\flashextract_ie.html File not found

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.4.0)

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1279488654659 (MUCatalogWebControl Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6A4FED-2A34-441F-A495-B5904EF721DE}: DhcpNameServer = 10.2.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A90206CF-71CD-464F-ADEA-4A00EE91B819}: NameServer = 10.76.168.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ABACEAD5-7ABE-4722-B030-CC93F3C195BB}: DhcpNameServer = 10.0.0.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O22:64bit: - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files (x86)\Stardock\ObjectDockPlus2\ODMenu64.dll (Stardock)

O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)

O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe

O33 - MountPoints2\H\Shell - "" = AutoRun

O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe

O33 - MountPoints2\I\Shell - "" = AutoRun

O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/04 16:58:09 | 000,000,000 | ---D | C] -- C:\Users\Aran\Documents\My Received Files

[2012/06/04 15:12:22 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3F0C40A0-00AA-4AE3-8E24-028853176740}

[2012/06/04 15:12:10 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{CBDE31F0-F155-4047-B800-A7F4D6EB8A7F}

[2012/06/04 01:54:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2012/06/04 01:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer

[2012/06/03 15:59:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E31E9A8B-4F08-4984-B3CE-C46A65B63F90}

[2012/06/03 15:59:46 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D83998B8-2486-43F0-95DF-A5BAEC2A8339}

[2012/06/03 03:59:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{2CD4445A-12F7-4035-9313-3304C909D8C6}

[2012/06/02 15:58:54 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E421915B-3D99-4D2E-BC54-B76AAC8E4845}

[2012/06/02 15:58:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{0E0E6839-1435-4189-B48A-7EBDCAE159FC}

[2012/06/02 03:58:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{FA7FBB67-9688-4745-8DE2-7007E7108928}

[2012/06/02 03:58:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{2F2AACCD-02C8-4DF6-AF94-29D26087D108}

[2012/06/01 15:58:07 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3D6C8D29-80F8-4390-8F2B-9E433A611C33}

[2012/06/01 02:19:03 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8E949EB8-5B2D-48F9-BF4C-14FF78702567}

[2012/06/01 02:18:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6B4EAA78-9DA6-4803-831A-9B26E980741D}

[2012/05/31 14:18:27 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F87F966F-562B-4FFA-B5B8-6F88CC9CC796}

[2012/05/31 14:18:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{54A92811-64AC-499D-AC63-9D0FE9984A19}

[2012/05/31 02:17:49 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{755AC9CF-D2E6-4414-86CB-D173B3B2F0FF}

[2012/05/31 00:29:10 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Roaming\Unity

[2012/05/31 00:23:00 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\Unity

[2012/05/30 14:17:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{CF60D6D3-B22C-4BDD-BAD6-06D317C321EC}

[2012/05/30 14:16:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8868DE06-C2D4-41D0-86C7-3A27A10C761D}

[2012/05/30 00:41:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5F9CBAF8-86F6-4061-BEDE-643B1532683B}

[2012/05/29 12:41:33 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DA335AE2-EC40-4AA6-82C2-A0A2E4B79845}

[2012/05/29 12:41:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{EB31B2F9-39CB-426D-83A6-AFC3304DD51A}

[2012/05/29 00:40:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{11F9D854-3113-4B06-852B-AD0F1E0BA8B1}

[2012/05/28 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{611B3847-BA06-436D-AB0D-333F50199E54}

[2012/05/28 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{51E13217-A4A1-4EF3-9D5F-B89CDD17E89D}

[2012/05/28 00:39:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{14ACDB8A-5C70-429A-8D2D-8F070C41E67A}

[2012/05/27 12:39:07 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6CF35DEC-E2A0-41C7-A8B4-4A67378E5959}

[2012/05/27 12:38:47 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6FC980A1-4901-47DB-85CB-08050EFB183F}

[2012/05/26 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B504130F-58D6-4B8F-9B54-605257DDC2A5}

[2012/05/26 22:39:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{9D36CDDD-E5B5-4790-A602-7B46AB22329A}

[2012/05/26 10:39:04 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3C3CDDE7-F48D-4595-B341-77247A985D66}

[2012/05/26 10:38:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A6E63E8B-5E3D-4582-B77D-427D762ADEFE}

[2012/05/25 22:38:26 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B9B866C1-362A-4C95-8E6C-FAC26969B328}

[2012/05/25 22:38:15 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{319A3F7D-2361-46B3-A18F-C2175B719FAA}

[2012/05/25 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1BF2D37F-DCB9-464D-BE56-972B8551BECC}

[2012/05/25 10:37:29 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{596F2684-4535-4183-A7DC-8E3600B267E9}

[2012/05/24 15:42:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E253F3B0-095D-4388-BBA9-E88C4F9AD555}

[2012/05/24 15:40:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DA78602B-2B31-4082-AFF0-654EBC2F494A}

[2012/05/23 21:39:40 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll

[2012/05/23 21:39:39 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll

[2012/05/23 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{95F394DB-D2F2-4A15-9B14-4CB8B9DEF39C}

[2012/05/23 16:02:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{30614293-1C9D-421C-960C-D22947A266D2}

[2012/05/23 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F3522B7B-D132-4938-BE46-4DBCC0E5836C}

[2012/05/23 00:03:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4284BDB8-2749-4913-BB13-6E96D5F4BBE7}

[2012/05/22 12:02:48 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{77050C0D-F006-45F7-BB2C-BDFC605E2057}

[2012/05/22 12:02:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6C6B2B9B-E2CC-4B72-82B2-E1B9A3C634B7}

[2012/05/21 23:19:23 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DADC891B-0923-4129-92F8-A66E9817DDB1}

[2012/05/21 23:19:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8FD375CB-DEFC-4E3C-93E2-E91CB5385518}

[2012/05/21 11:18:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{87CC3A63-BCAD-4FC7-B0B6-58601B153FE0}

[2012/05/21 11:18:41 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E04CA7CC-6038-4E07-B8DD-FB6D663695D7}

[2012/05/20 23:18:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{47354452-DD54-4EF9-9627-B044B3CF9A3F}

[2012/05/20 23:18:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1304CFC0-9B1E-4317-9F93-5D6EE3C59799}

[2012/05/20 11:17:38 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D2208DD8-1F9A-4597-986A-2BCE86EB434B}

[2012/05/20 11:17:25 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A3E5CE79-A3BE-4734-8ACA-C62027A61A79}

[2012/05/19 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{175F010D-5E4F-4CA9-99BE-D73508235EED}

[2012/05/19 11:16:45 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{80FDB1A6-BAF9-4C69-99D0-1A3E05E1DA74}

[2012/05/18 23:16:19 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{328DA5A7-104A-4B91-B79C-1AA50C8650F9}

[2012/05/18 11:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2012/05/18 11:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2012/05/18 11:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

[2012/05/18 11:15:32 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{057A643B-D5FD-43F0-B95D-F1D59AB6904C}

[2012/05/18 11:15:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{F7C3CFF8-020B-4DC1-8E6A-2D36AF668255}

[2012/05/17 20:05:44 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5ABA2ED8-A094-454B-9723-88FE882E3D9D}

[2012/05/17 20:05:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A16723E4-B07D-48C2-838B-F499FDE3A545}

[2012/05/17 08:04:58 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{00DDA841-936D-4639-9A71-C6E6A3CCA122}

[2012/05/17 08:04:30 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{85D97CFE-8FC6-48D4-A0F6-3D26DDB64827}

[2012/05/16 19:06:16 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{7EB9CB8E-4002-46AA-B175-ED521529813E}

[2012/05/16 19:05:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C8720C19-9DE2-447F-A390-2F3AF7C8FBC2}

[2012/05/16 07:05:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D8B33E0A-4869-4F50-B461-754FC7EA9864}

[2012/05/16 07:05:20 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{0E19AED3-8E31-4933-A297-4979599FE06F}

[2012/05/15 12:55:24 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3D69DF33-913A-4748-897F-3B765E23EC55}

[2012/05/15 12:55:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{765035F8-B544-4CDC-9B66-4959B4126C93}

[2012/05/15 00:54:42 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{8FC190CC-B597-4A7A-82BD-68276DB09846}

[2012/05/15 00:54:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{79FB9D66-5976-4407-88B3-5AE8533DF534}

[2012/05/14 12:54:02 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C45AB77D-CF0C-4F19-B3DE-A24189AE2D45}

[2012/05/14 12:53:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{E133F896-6A8D-41E2-B539-2CB1BF1B0E86}

[2012/05/14 00:53:15 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C65B623D-4559-4964-95B0-C82E9FC00B04}

[2012/05/13 12:52:36 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{FD6BFA6B-7DCB-4E05-9309-0989BE485373}

[2012/05/13 12:52:18 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{6B90F2F7-F928-42F6-B95C-A094699913EA}

[2012/05/12 16:01:13 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{A618FC29-901F-4CFE-8689-18047DF6ED4E}

[2012/05/12 16:00:52 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{BFAC13E3-A506-45D2-A54B-9FF97B8A7255}

[2012/05/11 21:41:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{EC390CB9-C0C9-48C9-A45E-7F861C96A5B9}

[2012/05/11 21:41:19 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1B8FE01C-8B4E-40B7-9032-9124A2FE52B1}

[2012/05/11 09:41:06 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{04ADA3D7-F0FB-4427-934E-7FCDA2C13AD9}

[2012/05/11 09:40:55 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{55FF9199-01AC-4939-8A31-02E54D16DA7F}

[2012/05/10 21:40:28 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{3B12E558-2845-48B7-ABE6-527F1FBD15DB}

[2012/05/10 21:40:17 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D735DA33-44C8-4BE8-8057-E8ADA86928F3}

[2012/05/10 09:39:40 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{C5EF773A-5DD8-4C4E-89A7-4C5EDB62F8D7}

[2012/05/10 09:39:22 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D1E7927C-94F7-40CE-B075-C1F530A23FED}

[2012/05/10 09:38:14 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{7D8BCEDE-22CD-4FC3-A754-D67B94DDBCA7}

[2012/05/09 19:06:05 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{5DC54395-7C50-4409-95E0-7738F7949495}

[2012/05/09 19:05:48 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4A73CE5B-003A-4221-8E3B-0BC10E6AEAA8}

[2012/05/09 07:04:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D1218B84-7283-4479-820B-648C2C968DB8}

[2012/05/09 07:04:39 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{20C25014-C907-4DA3-A5BD-61EBC76CBC67}

[2012/05/08 17:32:50 | 000,000,000 | ---D | C] -- C:\Users\Aran\Documents\FFOutput

[2012/05/08 17:31:59 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{1FF1B5DD-B8D4-42DC-BAFA-0DA6A2F13E61}

[2012/05/08 17:31:44 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{746A7BB2-D5A5-4958-BBC1-182A11CB8E1F}

[2012/05/07 23:52:56 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{DE7D42D3-02D0-4D2F-9E90-99045B471A6C}

[2012/05/07 23:52:43 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D8586538-959D-4BF0-919E-5FB4CB04C5F9}

[2012/05/07 11:52:31 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{235AF0D5-8959-4ED9-861E-6B29E6B06A96}

[2012/05/07 11:52:20 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D048E577-12D0-4B2E-A092-508B2CFAFC1A}

[2012/05/06 23:51:53 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B9D39D7C-666E-4BC8-A7BD-097AD1F33490}

[2012/05/06 23:51:34 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{B845A0EB-02DA-4CE8-A918-39BC06347A1E}

[2012/05/06 11:50:40 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{4C4F7179-EF7F-4BC7-B1C3-1614807E4B8B}

[2012/05/06 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{D6B165F2-B829-4CCA-9DF4-5ABB48FC5286}

[2012/05/05 22:17:57 | 000,000,000 | ---D | C] -- C:\Users\Aran\AppData\Local\{718B9FBF-70F7-4CBB-A95D-C458D64F4A9E}

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/04 19:16:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012/06/04 18:42:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3458062477-574475828-1987152826-1000UA.job

[2012/06/04 15:17:56 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/06/04 15:17:56 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/06/04 15:08:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/06/04 15:08:06 | 3016,908,800 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/02 13:42:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3458062477-574475828-1987152826-1000Core.job

[2012/06/01 21:34:58 | 000,879,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/06/01 21:34:58 | 000,735,306 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/06/01 21:34:58 | 000,152,902 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/05/12 07:03:51 | 005,107,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/02 14:18:33 | 000,007,598 | ---- | C] () -- C:\Users\Aran\AppData\Local\Resmon.ResmonCfg

[2012/03/01 02:14:22 | 000,000,724 | ---- | C] () -- C:\Windows\wacam.ini

[2011/10/06 23:15:22 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll

[2011/09/21 19:41:56 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib

[2011/09/08 19:16:19 | 000,001,456 | ---- | C] () -- C:\Users\Aran\AppData\Local\Adobe Save for Web 12.0 Prefs

[2011/09/08 19:13:12 | 000,000,132 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\Adobe GIF Format CS5 Prefs

[2011/09/01 16:11:27 | 000,000,132 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011/08/14 13:55:50 | 000,000,128 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\66228c91.dat

[2011/08/12 02:27:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011/04/17 17:56:47 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll

[2011/04/17 17:56:47 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll

[2011/04/17 17:56:47 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll

[2011/04/17 17:56:47 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll

[2011/04/09 20:38:32 | 000,000,233 | ---- | C] () -- C:\Windows\ACTIVEJP.INI

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/03/02 13:57:54 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll

[2011/03/02 13:57:54 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini

[2011/02/10 20:01:01 | 000,001,402 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\.minecraft - Shortcut.lnk

[2010/12/29 17:29:05 | 000,001,854 | ---- | C] () -- C:\Users\Aran\AppData\Roaming\GhostObjGAFix.xml

[2010/12/09 19:18:04 | 000,864,944 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010/11/30 16:54:50 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2010/10/02 12:57:00 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

[2010/10/02 12:56:46 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2010/10/01 20:29:53 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat

[2010/09/24 21:41:34 | 000,000,088 | RHS- | C] () -- C:\ProgramData\600943270D.sys

[2010/09/24 21:41:33 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2010/07/28 16:02:15 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2010/07/28 15:53:03 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

[2010/07/22 16:04:45 | 000,011,776 | ---- | C] () -- C:\Users\Aran\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/07/08 16:51:08 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== LOP Check ==========

[2012/05/15 14:41:47 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\.minecraft

[2011/08/01 19:18:34 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\.minecraft backup

[2011/05/21 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\1

[2012/03/01 02:14:39 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\ACAMPREF

[2012/01/01 16:53:24 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Atari

[2011/04/19 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Avnex

[2011/11/08 00:24:55 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1

[2012/02/08 01:47:17 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\benibela

[2011/07/20 01:02:51 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\BID

[2012/06/04 04:42:11 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\cacaoweb

[2011/08/08 18:07:17 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011/01/11 19:58:37 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Datel

[2010/07/19 23:04:27 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\DeviceDoctorSoftware

[2010/10/10 16:00:58 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Downloaded Installations

[2012/01/03 19:49:36 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Dropbox

[2012/05/23 21:40:52 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\DVDVideoSoft

[2012/05/23 21:40:04 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\DVDVideoSoftIEHelpers

[2011/09/08 21:02:34 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\fltk.org

[2011/06/15 22:30:45 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\fosoft

[2012/03/01 01:58:06 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Foxit Software

[2011/01/11 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\GameTuts

[2011/05/11 15:28:26 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\gtk-2.0

[2011/10/05 14:13:35 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Highresolution Enterprises

[2012/04/11 12:32:45 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\ImgBurn

[2011/07/06 14:52:17 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Leadertech

[2010/12/25 13:10:15 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\leawo

[2011/09/11 00:06:00 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\LibrariIcon

[2010/10/02 13:00:00 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\MAGIX

[2012/04/13 23:45:04 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\MiniLyrics

[2011/01/31 12:45:46 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Movies Extractor Scout

[2010/12/25 13:10:15 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Moyea

[2012/03/02 14:37:25 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Music Recognition

[2010/09/07 22:17:45 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\muvee Technologies

[2011/09/10 12:36:39 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\NeoDownloader

[2010/10/16 01:10:18 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Nitro PDF

[2010/07/09 13:15:07 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\OpenOffice.org

[2012/02/17 12:05:29 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Plagiarisma.Net

[2012/01/03 19:58:31 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\proDAD

[2012/03/02 17:44:12 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Samsung

[2011/02/09 16:51:40 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\SoftGrid Client

[2012/03/01 21:00:47 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Softplicity

[2011/09/10 17:59:08 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Stardock

[2012/03/11 19:46:14 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Stellarium

[2011/07/14 22:46:22 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Subtitle Edit

[2011/02/20 00:09:56 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Subversion

[2012/03/11 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Synthesia

[2011/07/04 02:14:33 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\System

[2011/09/06 23:23:54 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\The Creative Assembly

[2010/12/09 19:20:02 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\TP

[2012/05/31 00:29:10 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Unity

[2011/01/31 13:02:11 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Video Wallpaper

[2011/04/05 20:12:25 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Virgin Media

[2011/07/20 17:40:04 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\VOWSoft

[2010/12/31 01:22:29 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\Windows Live Writer

[2012/02/11 03:07:40 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\xm1

[2010/07/08 16:51:05 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\_MDLogs

[2011/01/31 18:11:04 | 000,000,000 | ---D | M] -- C:\Users\Aran\AppData\Roaming\{4916c8ce-b9e7-4e25-9a23-25493e41e04c}

[2011/12/18 04:36:21 | 000,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Highresolution Enterprises

[2011/09/10 08:46:11 | 000,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\OpenOffice.org

[2011/09/12 04:12:12 | 000,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Stardock

[2011/07/11 12:06:14 | 000,000,000 | ---D | M] -- C:\Users\Rebecca\AppData\Roaming\Subversion

[2012/04/21 13:47:53 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\Highresolution Enterprises

[2012/04/21 13:49:07 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\Subversion

[2012/04/27 10:06:34 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:5AAA8F6FDA049429

< End of report >

Link to post
Share on other sites

Why do you use Sxipper add-on in Firefox? It is no longer supported by these versions of Firefox.

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    :OTL
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933
    IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No CLSID value found
    IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933
    IE - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\SearchScopes\{D1ABEF02-10A2-4078-AFAD-6B9C8B846B93}: "URL" = http://www.ask.com/web?&o=13795&l=dis&q={searchTerms}
    FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com/?crg=3.1010000.10011&barid={7E1F4C3F-ADDB-11E1-8B4C-C80AA91EB9E8}"
    FF - prefs.js..keyword.URL: "http://www.ask.com/web?&o=13795&l=dis&q="
    FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
    FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
    FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
    FF - prefs.js..browser.search.defaulturl: ""
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files (x86)\SearchPredict\PRFireFox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SpeedBit Video Downloader\SPFireFox
    [2012/06/04 01:24:37 | 000,003,998 | ---- | M] () -- C:\Users\Aran\AppData\Roaming\Mozilla\Firefox\Profiles\ez7w0dv4.default\searchplugins\sweetim.xml
    O3 - HKU\S-1-5-21-3458062477-574475828-1987152826-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

    :files
    C:\program files (x86)\1clickdownload
    c:\program files (x86)\sweetim

    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "TCP Query User{0ED15E8A-8848-4380-B33C-A6A8B540063C}C:\program files (x86)\1clickdownload\1clickdownloader.exe" =-
    "UDP Query User{B73E780B-A52E-4FF3-85E1-FADADAE713E6}C:\program files (x86)\1clickdownload\1clickdownloader.exe" =-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "1ClickDownload" =-
    "{D83F8B62-E5EC-4A22-81F4-E1338383ABBE}" =-
    "{EEB7364B-F852-45D9-BEA0-8AD1285E04F3}" =-

    :Commands
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.