Jump to content

Computer keeps freezing - HJT log


Z4CK56
 Share

Recommended Posts

HJT Log.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 4:41:11 PM, on 1/24/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe

C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe

C:Program Files (x86)RalinkCommonRaUI.exe

C:Program Files (x86)SkypePhoneSkype.exe

C:Program Files (x86)Common FilesAppleApple Application Supportdistnoted.exe

C:Program Files (x86)Common FilesAppleMobile Device SupportSyncServer.exe

C:Program Files (x86)Trend MicroHiJackThisHiJackThis.exe

C:WindowsSysWOW64DllHost.exe

 

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = socks=127.0.0.1:4021

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = local;*.local

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:Program Files (x86)Orbitdownloaderorbitcth.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:ProgramDataRealRealPlayerBrowserRecordPluginIErpbrowserrecordplugin.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program Files (x86)Javajre6binjp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll

O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM..Run: [hpsysdrv] c:program files (x86)hewlett-packardHP odometerhpsysdrv.exe

O4 - HKLM..Run: [updateP2GoShortCut] "c:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkPower2Go" UpdateWithCreateOnce "SOFTWARECyberLinkPower2Go6.0"

O4 - HKLM..Run: [updateLBPShortCut] "c:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkLabelPrint" UpdateWithCreateOnce "SoftwareCyberLinkLabelPrint2.5"

O4 - HKLM..Run: [updatePDIRShortCut] "c:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkPowerDirector" UpdateWithCreateOnce "SOFTWARECyberLinkPowerDirector7.0"

O4 - HKLM..Run: [updatePSTShortCut] "c:Program Files (x86)CyberLinkCyberLink DVD Suite DeluxeMUITransferMUIStartMenu.exe" "c:Program Files (x86)CyberLinkCyberLink DVD Suite Deluxe" UpdateWithCreateOnce "SoftwareCyberLinkPowerStarter"

O4 - HKLM..Run: [Microsoft Default Manager] "c:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe" -resume

O4 - HKLM..Run: [startCCC] "C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun

O4 - HKLM..RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAC0ATgBWADIAUQA3AC0AMgBaAEMAVwBTAC0AQgBBAFkAVwBSAC0AQwBDAEUAQgA2AC0AVwBMAEMATQBXAA"&"inst=NwA2AC0ANQA0ADMAMAA3ADgANwA0ADUALQBQAEwAKwA5AC0AWABPADMANgArADEALQBOADEARAArADEALQBEAEQAVAArADQAMQA5ADIANgAtAEQARAA5ADAAKwAxAC0AUwBUADkAMABBAFAAUAArADEA"&"prod=92"&"ver=9.0.894

O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe

O4 - HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:Program Files (x86)RalinkCommonRaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:Program Files (x86)Orbitdownloaderorbitmxt.dll/202

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~2MICROS~4Office12EXCEL.EXE/3000

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:Program Files (x86)HPDigital ImagingSmart Web Printinghpswp_BHO.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.clonewarsadventures.com

O15 - Trusted Zone: *.freerealms.com

O15 - Trusted Zone: *.soe.com

O15 - Trusted Zone: *.sony.com

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop...t/PCPitStop.CAB

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:Program FilesLSI SoftModemagr64svc.exe

O23 - Service: @%SystemRoot%system32Alg.exe,-112 (ALG) - Unknown owner - C:WindowsSystem32alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:Windowssystem32atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:Windowssystem32DFSR.exe (file missing)

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe

O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:Program FilesCommon FilesLogiShrdBluetoothlbtserv.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program Files (x86)Common FilesLightScribeLSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:WindowsSystem32msdtc.exe (file missing)

O23 - Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: Norton Internet Security - Unknown owner - C:Program Files (x86)Norton Internet SecurityEngine16.0.0.125ccSvcHst.exe (file missing)

O23 - Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Unknown owner - C:Program Files (x86)AirLink101AWLH6075CommonRalinkRegistryWriter.exe (file missing)

O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Unknown owner - C:Program Files (x86)AirLink101AWLH6075CommonRalinkRegistryWriter64.exe (file missing)

O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Unknown owner - C:Program Files (x86)RalinkCommonRaMediaServer.exe

O23 - Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) - Unknown owner - C:Windowssystem32locator.exe (file missing)

O23 - Service: SafeBox - Bitdefender - C:Program FilesBitdefenderBitdefender SafeBoxsafeboxservice.exe

O23 - Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) - Unknown owner - C:Windowssystem32lsass.exe (file missing)

O23 - Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) - Unknown owner - C:Windowssystem32SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:WindowsSystem32snmptrap.exe (file missing)

O23 - Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) - Unknown owner - C:WindowsSystem32spoolsv.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:Program Files (x86)Common FilesSteamSteamService.exe

O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:Program Files (x86)TeamViewerVersion6TeamViewer_Service.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:Program Files (x86)TeamViewerVersion7TeamViewer_Service.exe

O23 - Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:Windowssystem32UI0Detect.exe (file missing)

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:Program FilesCommon FilesBitdefenderBitdefender Arrakis Serverbinarrakis3.exe

O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:Program FilesBitdefenderBitdefender 2012updatesrv.exe

O23 - Service: @%SystemRoot%system32vds.exe,-100 (vds) - Unknown owner - C:WindowsSystem32vds.exe (file missing)

O23 - Service: @%systemroot%system32vssvc.exe,-102 (VSS) - Unknown owner - C:Windowssystem32vssvc.exe (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:Program FilesBitdefenderBitdefender 2012vsserv.exe

O23 - Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:Windowssystem32wbemWmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

 

--

End of file - 12452 bytes

Link to comment
Share on other sites

  • Replies 57
  • Created
  • Last Reply

Top Posters In This Topic

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

 

If you think you have similar problems, please post the appropriate logs in the Malware Removal forum and wait for help.

Hi. :)

 

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Vista Advice:

 

All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.

 

The Operating System in use comes with a inbuilt utility called User Access Control(UAC) when prompted by this with anything I ask you to do carry out please select the option Allow.

 

64bit Operating System Advice:

 

Your log shows signs that this is a 64 bit machine. HijackThis is not compatible on a 64 bit system like yours and it's scan results can not be relied upon. I'm going to need you to run two different scans for myself to review.

 

Before we start:

 

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

 

Because of this, I advise you to backup any personal files and folders before you start.

 

Scan with aswMBR:

 

Please download aswMBR.exe to your desktop.

  • Right-click the aswMBR.exe and select Run as Administrator to run it
  • When prompted with The application can use the Avast! Free Antivirus for scanning >> select No
  • Now click on the Scan button to start scan
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
Note: There will also be a file on your desktop named MBR.dat(or similir) do not delete this for now it is a actual backup of the MBR(master boot record).

 

Scan with OTL:

 

Please download OTL and save it to your Desktop.

 

Alternate downloads are here and here.

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.

    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • aswMBR Log.
  • Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.
Link to comment
Share on other sites

My computer is currently running ok, my internet dropped connection a few times last night but im now fairly certain its my router. It hasn't frozen in the past couple of days, but the freezing hasn't been regular its been fairly off an on when it would freeze. (I.E. be ok for a day or two then freeze around 6 times in one day)

 

Here are the logs you asked for.

 

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software

Run date: 2012-01-28 13:07:53

-----------------------------

13:07:53.244 OS Version: Windows x64 6.0.6002 Service Pack 2

13:07:53.244 Number of processors: 2 586 0x170A

13:07:53.245 ComputerName: ZACH-PC UserName: Zach

13:07:57.540 Initialize success

13:09:18.476 Disk 0 (boot) DeviceHarddisk0DR0 -> DeviceIdeIAAStorageDevice-1

13:09:18.479 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 8

13:09:18.494 Disk 0 MBR read successfully

13:09:18.497 Disk 0 MBR scan

13:09:18.499 Disk 0 unknown MBR code

13:09:18.502 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 596475 MB offset 63

13:09:18.540 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14001 MB offset 1221582600

13:09:18.544 Service scanning

13:09:22.469 Modules scanning

13:09:22.473 Disk 0 trace - called modules:

13:09:22.494 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll

13:09:22.499 1 nt!IofCallDriver -> DeviceHarddisk0DR0[0xfffffa80063d5610]

13:09:22.502 3 CLASSPNP.SYS[fffffa6000fccc33] -> nt!IofCallDriver -> DeviceIdeIAAStorageDevice-1[0xfffffa80060f2050]

13:09:22.509 Scan finished successfully

13:09:35.953 Disk 0 MBR has been saved successfully to "C:UsersZachDocumentsMBR.dat"

13:09:35.961 The log file has been saved successfully to "C:UsersZachDocumentsaswMBR.txt"

Link to comment
Share on other sites

OTL logfile created on: 1/28/2012 1:10:49 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersZachDesktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

6.00 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 44.85% Memory free

12.18 Gb Paging File | 7.61 Gb Available in Paging File | 62.45% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 582.50 Gb Total Space | 362.50 Gb Free Space | 62.23% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 2.16 Gb Free Space | 15.79% Space Free | Partition Type: NTFS

 

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:UsersZachDesktopOTL.exe (OldTimer Tools)

PRC - C:Program Files (x86)TeamViewerVersion7TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

PRC - C:Program Files (x86)RalinkCommonRaUI.exe (Ralink Technology, Corp.)

PRC - C:Program Files (x86)TeamViewerVersion6TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)

PRC - C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe (Seagate Technology LLC)

PRC - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)

PRC - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (Intel Corporation)

PRC - C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe (Hewlett-Packard)

PRC - C:Program Files (x86)Common FilesAheadLibNMIndexStoreSvr.exe (Nero AG)

PRC - C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe (Nero AG)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:Program Files (x86)RalinkCommonRaWLAPI.dll ()

MOD - C:Program Files (x86)Mozilla Firefoxmozjs.dll ()

MOD - C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (SafeBox) -- C:Program FilesBitdefenderBitdefender SafeBoxsafeboxservice.exe (Bitdefender)

SRV:64bit: - (VSSERV) -- C:Program FilesBitdefenderBitdefender 2012vsserv.exe (Bitdefender)

SRV:64bit: - (UPDATESRV) -- C:Program FilesBitdefenderBitdefender 2012updatesrv.exe (Bitdefender)

SRV:64bit: - (AMD External Events Utility) -- C:WindowsSysNativeatiesrxx.exe (AMD)

SRV:64bit: - (Update Server) -- C:Program FilesCommon FilesBitdefenderBitdefender Arrakis Serverbinarrakis3.exe (BitDefender)

SRV:64bit: - (LBTServ) -- C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe (Logitech, Inc.)

SRV:64bit: - (Belkin Local Backup Service) -- C:Program FilesBelkinBelkin USB Print and Storage CenterBkBackupScheduler.exe ()

SRV:64bit: - (Belkin Network USB Helper) -- C:Program FilesBelkinBelkin USB Print and Storage CenterBkapcs.exe ()

SRV:64bit: - (AgereModemAudio) -- C:Program FilesLSI SoftModemagr64svc.exe (LSI Corporation)

SRV:64bit: - (WinDefend) -- C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)

SRV - (Steam Client Service) -- C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation)

SRV - (TeamViewer7) -- C:Program Files (x86)TeamViewerVersion7TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (MBAMService) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (Malwarebytes Corporation)

SRV - (TeamViewer6) -- C:Program Files (x86)TeamViewerVersion6TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (RaMediaServer) -- C:Program Files (x86)RalinkCommonRaMediaServer.exe ()

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:Program Files (x86)WinPcaprpcapd.exe (CACE Technologies, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (Microsoft Corporation)

SRV - (FreeAgentGoNext Service) -- C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe (Seagate Technology LLC)

SRV - (clr_optimization_v2.0.50727_32) -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe (Microsoft Corporation)

SRV - (IAANTMON) Intel® -- C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)

SRV - (HPSLPSVC) -- C:Program Files (x86)HPDigital ImagingbinHPSLPSVC64.DLL (Hewlett-Packard Co.)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (bdfsfltr) -- C:WindowsSysNativeDRIVERSbdfsfltr.sys (BitDefender)

DRV:64bit: - (amdkmdag) -- C:WindowsSysNativeDRIVERSatikmdag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdap) -- C:WindowsSysNativeDRIVERSatikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (avc3) -- C:WindowsSysNativeDRIVERSavc3.sys (BitDefender)

DRV:64bit: - (avchv) -- C:WindowsSysNativeDRIVERSavchv.sys (BitDefender)

DRV:64bit: - (avckf) -- C:WindowsSysNativeDRIVERSavckf.sys (BitDefender)

DRV:64bit: - (bdftdif) -- C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdftdif.sys (BitDefender LLC)

DRV:64bit: - (BdfNdisf) -- c:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfndisf6.sys (BitDefender LLC)

DRV:64bit: - (netr28x) -- C:WindowsSysNativeDRIVERSnetr28x.sys (Ralink Technology, Corp.)

DRV:64bit: - (trufos) -- C:WindowsSysNativeDRIVERStrufos.sys (BitDefender S.R.L.)

DRV:64bit: - (bdsandbox) -- C:WindowsSysNativedriversbdsandbox.sys (BitDefender SRL)

DRV:64bit: - (AtiHDAudioService) -- C:WindowsSysNativedriversAtihdLH6.sys (Advanced Micro Devices)

DRV:64bit: - (RTL8169) -- C:WindowsSysNativeDRIVERSRtlh64.sys (Realtek )

DRV:64bit: - (LMouFilt) -- C:WindowsSysNativeDRIVERSLMouFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LEqdUsb) -- C:WindowsSysNativeDRIVERSLEqdUsb.Sys (Logitech, Inc.)

DRV:64bit: - (LHidFilt) -- C:WindowsSysNativeDRIVERSLHidFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LHidEqd) -- C:WindowsSysNativeDRIVERSLHidEqd.Sys (Logitech, Inc.)

DRV:64bit: - (MBAMProtector) -- C:WindowsSysNativedriversmbam.sys (Malwarebytes Corporation)

DRV:64bit: - (USBAAPL64) -- C:WindowsSysNativeDriversusbaapl64.sys (Apple, Inc.)

DRV:64bit: - (cpuz135) -- C:WindowsSysNativedriverscpuz135_x64.sys (CPUID)

DRV:64bit: - (taphss) -- C:WindowsSysNativeDRIVERStaphss.sys (AnchorFree Inc)

DRV:64bit: - (NPF) -- C:WindowsSysNativedriversnpf.sys (CACE Technologies, Inc.)

DRV:64bit: - (jumi) -- C:WindowsSysNativeDRIVERSjumi.sys (Windows ® Codename Longhorn DDK provider)

DRV:64bit: - (AgereSoftModem) -- C:WindowsSysNativeDRIVERSagrsm64.sys (LSI Corporation)

DRV:64bit: - (BDVEDISK) -- C:WindowsSysNativeDRIVERSbdvedisk.sys (BitDefender)

DRV:64bit: - (WpdUsb) -- C:WindowsSysNativeDRIVERSwpdusb.sys (Microsoft Corporation)

DRV:64bit: - (sxuptp) -- C:WindowsSysNativeDRIVERSsxuptp.sys (silex technology, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:WindowsSysNativeDRIVERSGEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (hamachi) -- C:WindowsSysNativeDRIVERShamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (igfx) -- C:WindowsSysNativeDRIVERSigdkmd64.sys (Intel Corporation)

DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:Program FilesPC-Doctor for Windowspcdsrvc_x64.pkms (PC-Doctor, Inc.)

DRV:64bit: - (iaStor) -- C:WindowsSysNativedriversiastor.sys (Intel Corporation)

DRV:64bit: - (StillCam) -- C:WindowsSysNativeDRIVERSserscan.sys (Microsoft Corporation)

DRV:64bit: - (emAudio) -- C:WindowsSysNativedriversemAudio64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (DCamUSBEMPIA) -- C:WindowsSysNativeDRIVERSemDevice64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (FiltUSBEMPIA) -- C:WindowsSysNativeDRIVERSemFilter64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (ScanUSBEMPIA) -- C:WindowsSysNativeDRIVERSemScan64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (MarvinBus) -- C:WindowsSysNativeDRIVERSMarvinBus64.sys (Pinnacle Systems GmbH)

DRV - (speedfan) -- C:WindowsSysWOW64speedfan.sys (Almico Software)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

 

 

IE - HKU.DEFAULT..URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

IE - HKUS-1-5-18..URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

 

 

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = local;*.local

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyServer" = socks=127.0.0.1:4021

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1

FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4c9be010&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

 

FF:64bit: - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:Windowssystem32MacromedFlashNPSWF64_11_1_102.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.2.1: C:Windowssystem32npDeployJava1.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.2.0: C:Program FilesJavajre7binnew_pluginnpjp2.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:Windowssystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - HKLMSoftwareMozillaPlugins@divx.com/DivX Browser Plugin,version=1.0.0: C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

FF - HKLMSoftwareMozillaPlugins@divx.com/DivX VOD Helper,version=1.0.0: C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll (DivX, LLC.)

FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)

FF - HKLMSoftwareMozillaPlugins@meadco.com/neptune plugin,version=2.0.0.29: C:PROGRA~2MEADCO~1npmeadax.dll (MeadCo Corp.)

FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: c:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@soe.sony.com/installer,version=1.0.3: C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{000F1EA4-5E08-4564-A29B-29076F63A37A}pluginsnpsoe.dll ()

FF - HKLMSoftwareMozillaPluginsAdobe Reader: C:Program Files (x86)AdobeReader 9.0ReaderAIRnppdf32.dll (Adobe Systems Inc.)

FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:UsersZachAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:UsersZachAppDataLocalGoogleUpdate1.3.21.79npGoogleUpdate3.dll (Google Inc.)

FF - HKCUSoftwareMozillaPlugins@unity3d.com/UnityPlayer,version=1.0: C:UsersZachAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)

 

64bit-FF - HKEY_LOCAL_MACHINEsoftwaremozillaThunderbirdExtensionsbdThunderbird@bitdefender.com: C:PROGRAM FILESBITDEFENDERBITDEFENDER 2012BDTBEXT [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:Program Files (x86)DivXDivX Plus Web Playerfirefoxhtml5video [2011/04/07 16:02:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{6904342A-8307-11DF-A508-4AE2DFD72085}: C:Program Files (x86)DivXDivX Plus Web Playerfirefoxwpa [2011/04/07 16:02:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 8.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/01/25 16:20:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 8.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/01/25 16:21:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaThunderbirdExtensionsbdThunderbird@bitdefender.com: C:Program FilesBitdefenderBitdefender 2012bdtbext [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

 

[2010/09/21 19:06:45 | 000,000,000 | ---D | M] (No name found) -- C:UsersZachAppDataRoamingMozillaExtensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] (No name found) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] () -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{000F1EA4-5E08-4564-A29B-29076F63A37A}

[2010/09/24 14:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/20 20:39:48 | 000,000,000 | ---D | M] (HP Detect) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{ab91efd4-6975-4081-8552-1b3922ed79e2}

[2011/05/03 18:58:47 | 000,000,000 | ---D | M] (cacaoweb) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensionscacaoweb@cacaoweb.org

[2012/01/03 03:15:23 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions

[2012/01/03 03:15:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011/08/29 17:38:33 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011/12/19 22:38:30 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

[2011/11/20 21:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll

[2011/12/19 22:38:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)mozilla firefoxpluginsnpdeployJava1.dll

[2011/11/20 18:04:05 | 000,002,252 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml

[2011/11/20 18:04:05 | 000,002,040 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:WindowsSysWOW64MacromedFlashNPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:Program Files (x86)AdobeReader 9.0ReaderBrowsernppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:Program Files (x86)Microsoft Silverlight4.0.60531.0npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:Windowssystem32AdobeDirectornp32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnprpjplug.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:Program Files (x86)Mozilla FirefoxpluginsNPOFF12.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121pdf.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnprjplug.dll

CHR - plugin: MeadCo's Neptune (Enabled) = C:PROGRA~2MEADCO~1npmeadax.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll

CHR - plugin: Unity Player (Enabled) = C:UsersZachAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:UsersZachAppDataLocalGoogleUpdate1.3.21.69npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: DivX HiQ = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsfnjbmmemklcjgepojigaapkoodmkgbae2.1.1.94_0

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_0

CHR - Extension: Skype Click to Call = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.6.0.8442_0

CHR - Extension: DivX Plus Web Player HTML5 u003Cvideou003E = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsnneajnkjbffgblleaoojgaacokifdkhm2.1.1.94_0

 

O1 HOSTS File: ([2012/01/14 20:07:43 | 000,000,021 | RHS- | M]) - C:WindowsSysNativedriversetcHosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:Program Files (x86)Hotspot ShieldHssIEHssIE_64.dll File not found

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:Program Files (x86)Orbitdownloaderorbitcth.dll (Orbitdownloader.com)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program Files (x86)Javajre6binssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll (Microsoft Corp.)

O3 - HKLM..Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll (Microsoft Corp.)

O3 - HKLM..Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKUS-1-5-21-695846412-1422135498-510312126-1000..ToolbarWebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

O3 - HKUS-1-5-21-695846412-1422135498-510312126-1000..ToolbarWebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O4:64bit: - HKLM..Run: [bDAgent] C:Program FilesBitdefenderBitdefender 2012bdagent.exe (Bitdefender)

O4:64bit: - HKLM..Run: [EvtMgr6] C:Program FilesLogitechSetPointPSetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..Run: [HotKeysCmds] C:WindowsSysNativehkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [iAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [igfxTray] C:WindowsSysNativeigfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [Persistence] C:WindowsSysNativeigfxpers.exe (Intel Corporation)

O4 - HKLM..Run: [hpsysdrv] c:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe (Hewlett-Packard)

O4 - HKLM..Run: [startCCC] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..Run: [updateLBPShortCut] c:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updateP2GoShortCut] c:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updatePDIRShortCut] c:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updatePSTShortCut] c:Program Files (x86)CyberLinkCyberLink DVD Suite DeluxeMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKUS-1-5-19..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe (Nero AG)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [JumiController] File not found

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [uTorrent] C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe File not found

O4 - HKLM..RunOnce: [AvgUninstallURL] C:WindowsSysWow64cmd.exe (Microsoft Corporation)

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: &Download by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: &Grab video by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Down&load all by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Download by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000007 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU.DEFAULT..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKUS-1-5-19..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: freerealms.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: soe.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: sony.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: freerealms.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: soe.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: sony.com ([]* in )

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)

O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.1 205.171.3.25

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8AC38E91-358B-4B65-A39D-007F67156745}: DhcpNameServer = 192.168.0.1 205.171.3.25

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlerms-help - No CLSID value found

O18:64bit: - ProtocolHandlerms-itss - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlerskype-ie-addon-data - No CLSID value found

O18 - ProtocolHandlerskype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:WindowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) -C:WindowsSysWOW64userinit.exe (Microsoft Corporation)

O20:64bit: - WinlogonNotifyigfxcui: DllName - (igfxdev.dll) - C:WindowsSysNativeigfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:UsersZachAppDataRoamingMicrosoftWindows Photo GalleryWindows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:UsersZachAppDataRoamingMicrosoftWindows Photo GalleryWindows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/01/28 13:09:55 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:UsersZachDesktopOTL.exe

[2012/01/28 13:06:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:UsersZachDesktopaswMBR.exe

[2012/01/28 11:59:36 | 000,000,000 | ---D | C] -- C:ProgramDataATI

[2012/01/28 11:59:03 | 000,000,000 | ---D | C] -- C:Program Files (x86)AMD APP

[2012/01/28 11:58:51 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsCatalyst Control Center

[2012/01/28 11:55:58 | 000,000,000 | ---D | C] -- C:WindowsLastGood

[2012/01/28 11:44:48 | 155,406,528 | ---- | C] (Advanced Micro Devices, Inc.) -- C:UsersZachDesktop12-1_vista_win7_64_dd_ccc.exe

[2012/01/26 19:10:38 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsNeroVision

[2012/01/26 19:08:36 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsNero Home

[2012/01/26 19:07:21 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalAhead

[2012/01/26 19:07:13 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsNero 7 Ultra Edition

[2012/01/26 19:06:19 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingAhead

[2012/01/26 19:06:01 | 000,000,000 | ---D | C] -- C:ProgramDataAhead

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:ProgramDataNero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:Program Files (x86)Nero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesAhead

[2012/01/26 18:10:59 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsFFOutput

[2012/01/26 18:10:55 | 000,272,896 | ---- | C] (Progressive Networks) -- C:WindowsSysWow64pncrt.dll

[2012/01/26 18:10:08 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsFormatFactory

[2012/01/26 18:09:58 | 000,000,000 | ---D | C] -- C:Program Files (x86)FreeTime

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:Program Files (x86)Trend Micro

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsHiJackThis

[2012/01/23 16:10:44 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingImgBurn

[2012/01/23 15:48:48 | 000,000,000 | ---D | C] -- C:UsersZachDesktopHirens.BootCD.15.1

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsImgBurn

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:Program Files (x86)ImgBurn

[2012/01/23 15:45:45 | 006,055,875 | ---- | C] (LIGHTNING UK!) -- C:UsersZachDesktopSetupImgBurn_2.5.6.0.exe

[2012/01/23 15:08:29 | 000,000,000 | ---D | C] -- C:WindowsSun

[2012/01/21 23:15:52 | 000,508,520 | ---- | C] (Realtek ) -- C:WindowsSysNativedriversRtlh64.sys

[2012/01/21 23:15:52 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:WindowsSysNativeRTNUninst64.dll

[2012/01/21 23:15:52 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:WindowsSysNativeRtNicProp64.dll

[2012/01/21 22:37:18 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:WindowsSysWow64CSVer.dll

[2012/01/21 22:31:03 | 000,000,000 | ---D | C] -- C:ProgramDataRalink

[2012/01/21 22:30:57 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsRalink Wireless

[2012/01/21 22:29:17 | 001,813,056 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysNativedriversnetr28x.sys

[2012/01/21 22:29:16 | 000,000,000 | ---D | C] -- C:ProgramDataRalink Driver

[2012/01/21 22:28:52 | 001,121,856 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysWow64RAIHV.dll

[2012/01/21 22:28:52 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysWow64RAEXTUI.dll

[2012/01/21 22:28:52 | 000,000,000 | ---D | C] -- C:WindowsSysNativeRaLanguages

[2012/01/21 22:28:51 | 000,000,000 | ---D | C] -- C:Program Files (x86)Ralink

[2012/01/21 22:16:00 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSTSX64.dll

[2012/01/21 22:16:00 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSWOW64.dll

[2012/01/21 22:15:59 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkAPO64.dll

[2012/01/21 22:15:59 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtPgEx64.dll

[2012/01/21 22:15:59 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRTSnMg64.cpl

[2012/01/21 22:15:59 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtlCPAPI64.dll

[2012/01/21 22:15:59 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkCfg64.dll

[2012/01/21 22:15:59 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkCoLDR64.dll

[2012/01/21 22:15:58 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkApi64.dll

[2012/01/21 22:15:58 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRTCOM64.dll

[2012/01/21 22:15:58 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEP64A.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DHT64.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DAA64.dll

[2012/01/21 22:15:58 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEED64A.dll

[2012/01/21 22:15:58 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEL64A.dll

[2012/01/21 22:15:58 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRCoInstII64.dll

[2012/01/21 22:15:58 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEG64A.dll

[2012/01/21 22:15:52 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:WindowsSysNativeFMAPO64.dll

[2012/01/21 22:15:52 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:WindowsSysNativeAERTAC64.dll

[2012/01/21 22:15:52 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:WindowsSysNativeAERTAR64.dll

[2012/01/21 22:15:32 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsRtlExUpd.dll

[2012/01/21 22:14:38 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesInstallShield

[2012/01/20 16:47:32 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

[2012/01/20 16:47:07 | 000,000,000 | ---D | C] -- C:Program FilesiPod

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:Program FilesiTunes

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes

[2012/01/14 17:54:52 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dat

[2012/01/14 17:54:52 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64inetcpl.cpl

[2012/01/14 17:54:52 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dll

[2012/01/14 17:54:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64html.iec

[2012/01/14 17:54:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64url.dll

[2012/01/14 17:54:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieui.dll

[2012/01/14 17:54:52 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64msrating.dll

[2012/01/14 17:54:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iesysprep.dll

[2012/01/14 17:54:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64SetIEInstalledDate.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64RegisterIEPKEYs.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iesetup.dll

[2012/01/14 17:54:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ie4uinit.exe

[2012/01/14 17:54:52 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64icardie.dll

[2012/01/14 17:54:52 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64tdc.ocx

[2012/01/14 17:54:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64mshtmler.dll

[2012/01/14 17:54:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iernonce.dll

[2012/01/14 17:54:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64licmgr10.dll

[2012/01/14 17:54:51 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64jscript.dll

[2012/01/14 17:54:51 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieaksie.dll

[2012/01/14 17:54:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieakui.dll

[2012/01/14 17:54:51 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64wextract.exe

[2012/01/14 17:54:51 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iexpress.exe

[2012/01/14 17:54:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieUnatt.exe

[2012/01/14 17:54:51 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64occache.dll

[2012/01/14 17:54:51 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iepeers.dll

[2012/01/14 17:54:51 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64advpack.dll

[2012/01/14 17:54:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64IEAdvpack.dll

[2012/01/14 17:54:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64admparse.dll

[2012/01/14 17:54:51 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64inseng.dll

[2012/01/14 17:54:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64mshtmled.dll

[2012/01/14 17:54:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64pngfilt.dll

[2012/01/14 17:54:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64msfeedssync.exe

[2012/01/14 17:54:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsls31.dll

[2012/01/14 17:54:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsrating.dll

[2012/01/14 17:54:50 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieakeng.dll

[2012/01/14 17:54:49 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieapfltr.dat

[2012/01/14 17:54:49 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativejscript9.dll

[2012/01/14 17:54:49 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativejscript.dll

[2012/01/14 17:54:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieapfltr.dll

[2012/01/14 17:54:49 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativedxtmsft.dll

[2012/01/14 17:54:49 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativehtml.iec

[2012/01/14 17:54:49 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativedxtrans.dll

[2012/01/14 17:54:49 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieaksie.dll

[2012/01/14 17:54:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieui.dll

[2012/01/14 17:54:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeurl.dll

[2012/01/14 17:54:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieakui.dll

[2012/01/14 17:54:49 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieakeng.dll

[2012/01/14 17:54:49 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeiepeers.dll

[2012/01/14 17:54:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeadvpack.dll

[2012/01/14 17:54:49 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeIEAdvpack.dll

[2012/01/14 17:54:49 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeadmparse.dll

[2012/01/14 17:54:49 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeiesysprep.dll

[2012/01/14 17:54:49 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeSetIEInstalledDate.exe

[2012/01/14 17:54:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeRegisterIEPKEYs.exe

[2012/01/14 17:54:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeie4uinit.exe

[2012/01/14 17:54:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeiesetup.dll

[2012/01/14 17:54:49 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeicardie.dll

[2012/01/14 17:54:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativetdc.ocx

[2012/01/14 17:54:49 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeimgutil.dll

[2012/01/14 17:54:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemshtmler.dll

[2012/01/14 17:54:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeiernonce.dll

[2012/01/14 17:54:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemshta.exe

[2012/01/14 17:54:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsfeedssync.exe

[2012/01/14 17:54:48 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeinetcpl.cpl

[2012/01/14 17:54:48 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemsfeeds.dll

[2012/01/14 17:54:48 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativevbscript.dll

[2012/01/14 17:54:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeieUnatt.exe

[2012/01/14 17:54:48 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeiexpress.exe

[2012/01/14 17:54:48 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewextract.exe

[2012/01/14 17:54:48 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeoccache.dll

[2012/01/14 17:54:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeinseng.dll

[2012/01/14 17:54:48 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemshtmled.dll

[2012/01/14 17:54:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativepngfilt.dll

[2012/01/14 17:54:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativelicmgr10.dll

[2012/01/14 17:35:38 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativelsasrv.dll

[2012/01/14 17:35:38 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativesecur32.dll

[2012/01/14 17:32:17 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsAMD

[2012/01/14 17:32:16 | 000,000,000 | ---D | C] -- C:Program Files (x86)AMD

[2012/01/14 17:26:24 | 000,000,000 | ---D | C] -- C:AMD

[2012/01/14 17:19:29 | 000,000,000 | ---D | C] -- C:ATI

[2012/01/13 20:04:24 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalDDMSettings

[2012/01/10 20:11:39 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativequartz.dll

[2012/01/10 20:11:39 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64quartz.dll

[2012/01/10 20:11:39 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64qdvd.dll

[2012/01/10 20:11:38 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeqdvd.dll

[2012/01/10 20:11:35 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativentdll.dll

[2012/01/10 20:11:33 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewinsrv.dll

[2012/01/10 20:11:33 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativewinmm.dll

[2012/01/10 20:11:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemcicda.dll

[2012/01/10 20:11:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemciwave.dll

[2012/01/10 20:11:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativemciseq.dll

[2012/01/10 20:11:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64mciseq.dll

[2012/01/10 20:11:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativepackager.dll

[2012/01/10 20:11:32 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64packager.dll

[2012/01/09 15:45:33 | 000,000,000 | ---D | C] -- C:UsersZachDesktopcody

[2012/01/07 18:38:26 | 000,000,000 | ---D | C] -- C:UsersZachDesktopMcMyAdmin-Latest

[2012/01/02 18:23:11 | 000,000,000 | ---D | C] -- C:UsersZachDesktopOLD C

[6 C:WindowsSysWow64*.tmp files -> C:WindowsSysWow64*.tmp -> ]

[5 C:WindowsSysNative*.tmp files -> C:WindowsSysNative*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012/01/28 13:09:56 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:UsersZachDesktopOTL.exe

[2012/01/28 13:09:35 | 000,000,512 | ---- | M] () -- C:UsersZachDocumentsMBR.dat

[2012/01/28 13:06:31 | 004,733,440 | ---- | M] (AVAST Software) -- C:UsersZachDesktopaswMBR.exe

[2012/01/28 12:32:04 | 000,000,904 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-695846412-1422135498-510312126-1000UA.job

[2012/01/28 11:59:55 | 000,756,378 | ---- | M] () -- C:WindowsSysNativePerfStringBackup.INI

[2012/01/28 11:59:55 | 000,640,636 | ---- | M] () -- C:WindowsSysNativeperfh009.dat

[2012/01/28 11:59:55 | 000,118,888 | ---- | M] () -- C:WindowsSysNativeperfc009.dat

[2012/01/28 11:52:26 | 155,406,528 | ---- | M] (Advanced Micro Devices, Inc.) -- C:UsersZachDesktop12-1_vista_win7_64_dd_ccc.exe

[2012/01/28 11:35:52 | 000,003,616 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012/01/28 11:35:51 | 000,003,616 | -H-- | M] () -- C:WindowsSysNative7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012/01/28 11:35:27 | 000,067,584 | --S- | M] () -- C:Windowsbootstat.dat

[2012/01/27 19:09:58 | 000,001,810 | ---- | M] () -- C:UsersZachDesktopContagionDVD.nvc

[2012/01/27 17:56:37 | 000,023,040 | ---- | M] () -- C:UsersZachAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012/01/27 15:32:00 | 000,000,852 | ---- | M] () -- C:WindowstasksGoogleUpdateTaskUserS-1-5-21-695846412-1422135498-510312126-1000Core.job

[2012/01/26 20:07:30 | 000,030,719 | ---- | M] () -- C:UsersZachDesktopadt.class

[2012/01/26 19:07:13 | 000,002,459 | ---- | M] () -- C:UsersZachApplication DataMicrosoftInternet ExplorerQuick LaunchNero Home.lnk

[2012/01/26 19:07:13 | 000,002,435 | ---- | M] () -- C:UsersPublicDesktopNero Home.lnk

[2012/01/26 18:10:08 | 000,000,995 | ---- | M] () -- C:UsersZachDesktopFormat Factory.lnk

[2012/01/26 18:09:04 | 041,830,467 | ---- | M] () -- C:UsersZachDesktopFFSetup290.zip

[2012/01/25 22:45:00 | 733,972,480 | ---- | M] () -- C:UsersZachDesktopContagion.avi

[2012/01/25 22:26:43 | 1573,583,956 | ---- | M] () -- C:UsersZachDesktopReal.Steel.2011.DVDRip.XviD.AC3-3LT0N.avi

[2012/01/25 21:49:54 | 740,870,510 | ---- | M] () -- C:UsersZachDesktopThe Ides OF March.avi

[2012/01/25 15:44:14 | 000,040,288 | ---- | M] () -- C:UsersZachDesktopcat.jpg

[2012/01/24 16:40:26 | 000,002,517 | ---- | M] () -- C:UsersZachDesktopHiJackThis.lnk

[2012/01/24 16:29:23 | 001,402,880 | ---- | M] () -- C:UsersZachDesktopHiJackThis.msi

[2012/01/24 13:36:08 | 000,000,923 | ---- | M] () -- C:UsersZachDesktopMSI Afterburner.lnk

[2012/01/24 13:33:07 | 000,002,039 | ---- | M] () -- C:UsersZachDesktopGoogle Chrome.lnk

[2012/01/24 13:33:07 | 000,002,001 | ---- | M] () -- C:UsersZachApplication DataMicrosoftInternet ExplorerQuick LaunchGoogle Chrome.lnk

[2012/01/23 17:53:49 | 000,000,941 | ---- | M] () -- C:UsersZachDesktopInternet Explorer.lnk

[2012/01/23 15:46:21 | 000,001,690 | ---- | M] () -- C:UsersZachApplication DataMicrosoftInternet ExplorerQuick LaunchImgBurn.lnk

[2012/01/23 15:46:21 | 000,001,666 | ---- | M] () -- C:UsersPublicDesktopImgBurn.lnk

[2012/01/23 15:45:50 | 006,055,875 | ---- | M] (LIGHTNING UK!) -- C:UsersZachDesktopSetupImgBurn_2.5.6.0.exe

[2012/01/23 15:37:45 | 522,565,534 | ---- | M] () -- C:UsersZachDesktopHirens.BootCD.15.1.zip

[2012/01/23 15:06:37 | 000,000,732 | ---- | M] () -- C:UsersZachAppDataLocald3d9caps64.dat

[2012/01/23 15:02:11 | 000,002,373 | ---- | M] () -- C:UsersPublicDesktopSkype.lnk

[2012/01/23 15:01:38 | 000,002,032 | ---- | M] () -- C:UsersZachAppDataLocald3d9caps.dat

[2012/01/22 17:46:13 | 495,533,502 | ---- | M] () -- C:UsersZachDocumentsOld Registry.REG

[2012/01/21 23:12:34 | 000,000,024 | ---- | M] () -- C:UsersZachrandom.dat

[2012/01/21 22:53:59 | 000,000,129 | ---- | M] () -- C:UsersZachjagex_runescape_preferences2.dat

[2012/01/21 22:52:49 | 000,000,046 | ---- | M] () -- C:UsersZachjagex_runescape_preferences.dat

[2012/01/21 22:52:49 | 000,000,043 | ---- | M] () -- C:UsersZachjagex_cl_runescape_LIVE.dat

[2012/01/21 22:30:57 | 000,001,783 | ---- | M] () -- C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupRalink Wireless Utility.lnk

[2012/01/21 22:16:08 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:WindowsDIFxAPI.dll

[2012/01/20 16:47:33 | 000,001,656 | ---- | M] () -- C:UsersPublicDesktopiTunes.lnk

[2012/01/18 21:19:38 | 000,000,884 | ---- | M] () -- C:UsersZach.recently-used.xbel

[2012/01/18 21:17:49 | 000,006,425 | ---- | M] () -- C:UsersZachDesktopBomberman_bead_sprite_by_yellow_switch_palace.png.jpg

[2012/01/18 20:35:37 | 000,000,959 | ---- | M] () -- C:UsersPublicDesktopTeamViewer 7.lnk

[2012/01/17 22:07:00 | 000,020,353 | ---- | M] () -- C:UsersZachDesktopmodvaultstock.ods

[2012/01/15 19:10:33 | 000,261,659 | ---- | M] () -- C:UsersZachDesktop2012-01-15_20.07.31.png

[2012/01/15 10:42:22 | 000,751,292 | ---- | M] () -- C:WindowsSysWow64PerfStringBackup.INI

[2012/01/15 01:16:12 | 000,008,111 | ---- | M] () -- C:UsersZachDocumentsasdgf.ods

[2012/01/14 23:59:19 | 000,002,529 | ---- | M] () -- C:UsersZachDesktopSystem Monitor.lnk

[2012/01/14 18:22:39 | 000,000,935 | ---- | M] () -- C:UsersZachApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk

[2012/01/14 17:55:03 | 000,008,798 | ---- | M] () -- C:WindowsSysWow64icrav03.rat

[2012/01/14 17:55:03 | 000,008,798 | ---- | M] () -- C:WindowsSysNativeicrav03.rat

[2012/01/14 17:55:03 | 000,001,988 | ---- | M] () -- C:WindowsSysWow64ticrf.rat

[2012/01/14 17:55:03 | 000,001,988 | ---- | M] () -- C:WindowsSysNativeticrf.rat

[2012/01/14 17:54:52 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dat

[2012/01/14 17:54:52 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64inetcpl.cpl

[2012/01/14 17:54:52 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dll

[2012/01/14 17:54:52 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64html.iec

[2012/01/14 17:54:52 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64url.dll

[2012/01/14 17:54:52 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieui.dll

[2012/01/14 17:54:52 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64msrating.dll

[2012/01/14 17:54:52 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64iesysprep.dll

[2012/01/14 17:54:52 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64SetIEInstalledDate.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64RegisterIEPKEYs.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64iesetup.dll

[2012/01/14 17:54:52 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ie4uinit.exe

[2012/01/14 17:54:52 | 000,072,822 | ---- | M] () -- C:WindowsSysWow64ieuinit.inf

[2012/01/14 17:54:52 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64icardie.dll

[2012/01/14 17:54:52 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64tdc.ocx

[2012/01/14 17:54:52 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64mshtmler.dll

[2012/01/14 17:54:52 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64iernonce.dll

[2012/01/14 17:54:52 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64licmgr10.dll

[2012/01/14 17:54:51 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64jscript.dll

[2012/01/14 17:54:51 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieaksie.dll

[2012/01/14 17:54:51 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieakui.dll

[2012/01/14 17:54:51 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64wextract.exe

[2012/01/14 17:54:51 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64iexpress.exe

[2012/01/14 17:54:51 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieUnatt.exe

[2012/01/14 17:54:51 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64occache.dll

[2012/01/14 17:54:51 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64iepeers.dll

[2012/01/14 17:54:51 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64advpack.dll

[2012/01/14 17:54:51 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64IEAdvpack.dll

[2012/01/14 17:54:51 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64admparse.dll

[2012/01/14 17:54:51 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64inseng.dll

[2012/01/14 17:54:51 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64mshtmled.dll

[2012/01/14 17:54:51 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64pngfilt.dll

[2012/01/14 17:54:51 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64msfeedssync.exe

[2012/01/14 17:54:50 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:WindowsSysNativemsls31.dll

[2012/01/14 17:54:50 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:WindowsSysNativemsrating.dll

[2012/01/14 17:54:50 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:WindowsSysWow64ieakeng.dll

[2012/01/14 17:54:49 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:WindowsSysNativeie

Link to comment
Share on other sites

OTL Extras logfile created on: 1/28/2012 1:10:49 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersZachDesktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

6.00 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 44.85% Memory free

12.18 Gb Paging File | 7.61 Gb Available in Paging File | 62.45% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 582.50 Gb Total Space | 362.50 Gb Free Space | 62.23% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 2.16 Gb Free Space | 15.79% Space Free | Partition Type: NTFS

 

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

.html[@ = htmlfile] -- C:Program FilesInternet ExplorerIEXPLORE.EXE (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:WindowsSysNativerundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

.cpl [@ = cplfile] -- C:WindowsSysWow64control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:Program FilesInternet ExplorerIEXPLORE.EXE (Microsoft Corporation)

 

[HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREClasses<extension>]

.html [@ = FirefoxHTML] -- C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:Program FilesInternet ExplorerIEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%System32control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:Program FilesInternet ExplorerIEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

"VistaSp2" = 90 9B F7 39 36 5C CB 01 [binary data]

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

"oobe_av" = 1

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]

"C:Program Files (x86)Orbitdownloaderorbitdm.exe" = C:Program Files (x86)Orbitdownloaderorbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)Orbitdownloaderorbitnet.exe" = C:Program Files (x86)Orbitdownloaderorbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)xchatxchat.exe" = C:Program Files (x86)xchatxchat.exe:*:Enabled:XChat IRC Client -- ()

"C:Program Files (x86)Orbitdownloaderorbitdm.exe" = C:Program Files (x86)Orbitdownloaderorbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)Orbitdownloaderorbitnet.exe" = C:Program Files (x86)Orbitdownloaderorbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)xchatxchat.exe" = C:Program Files (x86)xchatxchat.exe:*:Enabled:XChat IRC Client -- ()

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]

"{0D4DF174-294B-4BF8-81ED-31FCDDE26D29}" = lport=138 | protocol=17 | dir=in | app=system |

"{1167A667-23E4-4CEC-B2FB-3263E4FD5E7D}" = lport=5720 | protocol=17 | dir=in | name=jumi controller |

"{22DC92B3-CF15-42FD-84B3-065BF41FEC7B}" = rport=10243 | protocol=6 | dir=out | app=system |

"{271835E9-E988-49ED-827A-0FDF1503A4C8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{2CB122CF-C45E-43D3-936A-3328C025A532}" = lport=445 | protocol=6 | dir=in | app=system |

"{3EF14E90-C4B0-45E3-9B25-9C818C380057}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |

"{4E5727EF-9194-4CCB-AB0E-65DC4A1B3C92}" = lport=10243 | protocol=6 | dir=in | app=system |

"{5669EF91-C742-458B-AA51-7A074D7981F1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%system32svchost.exe |

"{5C1DD1C8-2920-4A8A-8F2F-82731CD3103A}" = rport=138 | protocol=17 | dir=out | app=system |

"{5D00F39B-517C-4EA6-93C3-241AF0C47AA3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%system32svchost.exe |

"{679A94AC-EAAE-4949-A6DD-315907FF3795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%system32svchost.exe |

"{6866256B-7B38-4B16-9F7E-CD49C9D9487A}" = lport=5720 | protocol=6 | dir=in | name=jumi controller |

"{6A6A3EBB-A46A-4355-A13C-6C20F695CE3F}" = rport=139 | protocol=6 | dir=out | app=system |

"{6C61E7D8-FE7B-4E90-B1D7-B85FE093D30E}" = lport=139 | protocol=6 | dir=in | app=system |

"{73679221-BF21-45D9-9F1E-6CBFC130CD0B}" = lport=6881 | protocol=6 | dir=in | name=blizzard downloader: 6881 |

"{784894D1-B1F9-4CD1-93FC-4C4BF509C692}" = lport=2869 | protocol=6 | dir=in | app=system |

"{7A8ACB61-24B1-4644-99BC-0394EBBB0580}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%system32svchost.exe |

"{8B342ECE-CECD-41B7-8250-4EDECB7B6B4D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%system32spoolsv.exe |

"{955C5CA0-8D04-4C8B-BDC1-600CEDA58B75}" = rport=445 | protocol=6 | dir=out | app=system |

"{B6FECBEE-A660-44A4-9F09-849C430F8382}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:windowssystem32svchost.exe |

"{CCDA41AF-A5EC-47BB-9B8E-7DFA09730A2C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{D80C0471-C424-4394-B75D-0AE82F484CAF}" = lport=25565 | protocol=6 | dir=in | name=minecraft server |

"{DD19EBB2-DD2D-4E50-A87E-CB6176CDE461}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%system32svchost.exe |

"{E87E07B7-D36D-466A-8F11-6AE93AC6BBF5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{ECB59535-2C37-49AA-BA00-79F49906A614}" = lport=137 | protocol=17 | dir=in | app=system |

"{F0B4BD2B-0BE4-4C29-ACF5-F5BB75B30BB5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%system32svchost.exe |

"{FE0DFC55-0341-425C-8C82-89B0795EDF8D}" = rport=137 | protocol=17 | dir=out | app=system |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]

"{0019B2D0-153E-49BD-B3CC-E6B3C8C92E37}" = dir=in | app=c:program files (x86)itunesitunes.exe |

"{012CB307-5B3B-4095-B61A-ECFC01D945DF}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdhptouchsmartvideo.exe |

"{028F3170-85AE-460E-9A6D-AC767DE4CAAA}" = dir=in | app=c:program files (x86)cyberlinkpowerdirectorpdr.exe |

"{03766284-1C9C-46B0-955C-2E88BE0745E1}" = protocol=17 | dir=in | app=c:program files (x86)steamsteamappscommonborderlandsbinariesborderlands.exe |

"{04ADF495-4124-4EBC-81E7-1C0547E4E9A2}" = dir=in | app=c:program files (x86)windows livemessengermsnmsgr.exe |

"{067322CC-00AE-4194-B534-C6C7F667B9D7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{097B01F1-823F-4744-84C6-2646518C9D2E}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdhpdvdsmart.exe |

"{0B76E405-CC0A-4C0D-8557-C1C08643FE8B}" = protocol=17 | dir=in | app=c:program files (x86)frostwirefrostwire.exe |

"{19C6B4DE-AFF8-49FB-B9C0-885E85A08B11}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftbackgrounddownloader.exe |

"{1A0A0C1E-FDFB-4AA1-BF71-546BFD2FE18E}" = protocol=6 | dir=in | app=c:program files (x86)ralinkcommonramediaserver.exe |

"{1A3B3A53-0D8B-426B-B495-EBBD0BBCB86C}" = protocol=17 | dir=in | app=c:program files (x86)pinnaclestudio 12programsstudio.exe |

"{24A8CADB-04AD-4420-B1C0-A1065883A490}" = protocol=6 | dir=in | app=%programfiles%windows media playerwmpnetwk.exe |

"{283789BF-2744-4E06-9BD5-D58FD9CE723C}" = protocol=17 | dir=in | app=c:program files (x86)teamviewerversion6teamviewer.exe |

"{28D25FD0-32B4-42EA-BC18-53A6D461CB48}" = protocol=17 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |

"{295A07D7-88D1-44E3-90B3-D5352E5178C0}" = protocol=17 | dir=in | app=c:program filesventriloventrilo.exe |

"{2F6BD4CC-F317-42A1-B90A-C7BDC1B61508}" = protocol=17 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |

"{30876046-9A88-428E-BA20-8A4E578243E1}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdkernelclmlclmlsvc.exe |

"{341D2B71-D894-442B-94A5-594EE0FB6EDE}" = protocol=6 | dir=out | app=%programfiles%windows media playerwmpnetwk.exe |

"{354B835E-24BC-40AE-921B-82DE8825AA68}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftwow-x.x.x.x-4.0.0.12911-downloader.exe |

"{38537002-7F67-4D0B-88AC-26ADAA998D36}" = protocol=17 | dir=in | app=%programfiles%windows media playerwmplayer.exe |

"{3F65FBB9-4FB0-4A3E-B700-B930AC43E778}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftlauncher.exe |

"{432D317C-D076-4331-84E2-F67D55D71C6B}" = protocol=17 | dir=in | app=c:program files (x86)steamsteamappscommonspiral knightsjava_vmbinjavaw.exe |

"{4534D34C-8C72-4194-8474-45F08281D38E}" = protocol=6 | dir=in | app=c:program files (x86)steamsteamappscommonleft 4 dead 2left4dead2.exe |

"{468A3144-4CAC-47DB-9427-05713120F2EC}" = protocol=6 | dir=in | app=c:program files (x86)frostwirefrostwire.exe |

"{4EB88677-58FB-4F34-A41B-EEFE884A062B}" = protocol=6 | dir=in | app=c:program filesbonjourmdnsresponder.exe |

"{502E8506-8489-49C4-A65E-AEB889EA27EA}" = protocol=6 | dir=in | app=c:program files (x86)teamviewerversion7teamviewer.exe |

"{518BAD2B-0F37-4F12-93A9-6427E0CC96FD}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdhptouchsmartphoto.exe |

"{52D74B3D-022E-4374-B7FB-E5AFDD359542}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftlauncher.exe |

"{5311B347-D2C7-45D2-BD41-1434109A8269}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftlauncher.exe |

"{5530B98B-0730-476C-A6C4-8CCCBF79E8F1}" = dir=in | app=c:program filesbelkinbelkin usb print and storage centerconnect.exe |

"{58407F86-8854-4E1D-8EB7-8647CB3198B2}" = dir=in | app=c:program files (x86)hewlett-packardtouchsmartmediahptouchsmartmusic.exe |

"{59BBE264-DA7C-4981-A6BC-DA29BF4BE79C}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftlauncher.patch.exe |

"{5C5747A6-FE93-4E28-9540-5CE21B35B00E}" = protocol=6 | dir=out | app=%programfiles%windows media playerwmplayer.exe |

"{5D6A8C0D-5327-427E-A299-FDF61F69FD08}" = protocol=6 | dir=out | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{5FA752D3-7EC2-4BDA-B309-3F88150AC869}" = protocol=17 | dir=in | app=c:program files (x86)pinnaclestudio 12programsrm.exe |

"{6217E6ED-E0F5-4C46-92FD-802592FB104C}" = protocol=17 | dir=out | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{66209430-B454-43C2-ABA4-8E58CD26FB4C}" = protocol=6 | dir=in | app=c:program files (x86)teamviewerversion7teamviewer_service.exe |

"{6B17FFBD-B862-467D-A3F9-1352B5D1F04C}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdhptouchsmartmusic.exe |

"{6BCD2063-98F5-4D1F-84D1-1366F2A2D300}" = protocol=6 | dir=in | app=c:program files (x86)pinnaclestudio 12programsumi.exe |

"{6C140B73-1CE8-4B0C-9604-9D3E0EC53A03}" = dir=in | app=c:program files (x86)hewlett-packardtouchsmartmediatsmagent.exe |

"{70AD4F12-9A71-493D-8454-D2E69B9C7DE0}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftlauncher.exe |

"{7582CF65-408D-4238-8FEB-45A31D11993A}" = protocol=6 | dir=in | app=c:program files (x86)steamsteamappscommonleft 4 dead 2left4dead2.exe |

"{7BACA448-C004-4575-B7BA-64D312B782A3}" = protocol=17 | dir=in | app=c:program files (x86)teamviewerversion7teamviewer.exe |

"{83839921-3F25-489C-AD63-0DDF5B48D0CF}" = protocol=17 | dir=in | app=c:program filesbonjourmdnsresponder.exe |

"{8623ABD1-2360-41D8-9CF8-59A16B8A899B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{86DC4107-4EDE-4DE3-A83A-F35E9338C3CE}" = protocol=17 | dir=in | app=c:program files (x86)ralinkcommonramediaserver.exe |

"{86E8EB39-D2DC-4C32-88AC-DE68905DC7A1}" = protocol=17 | dir=in | app=c:userszachappdatalocaltversitymedia servermediaserver.exe |

"{87EEADDB-85A2-4773-A389-6D088A56FFFC}" = protocol=6 | dir=in | app=c:program files (x86)teamviewerversion6teamviewer.exe |

"{8BB7200C-44A7-479E-B9CC-0CC02B5C52AB}" = protocol=17 | dir=in | app=c:program files (x86)teamviewerversion6teamviewer_service.exe |

"{90767BB5-620B-4880-A59A-8F6DC0DAC03F}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftlauncher.patch.exe |

"{92DD1AAD-6D8D-4972-8E10-B209302448C4}" = protocol=6 | dir=out | app=%programfiles%windows media playerwmplayer.exe |

"{97A95688-1D6A-488D-B2DD-7E113D5E666B}" = protocol=6 | dir=in | app=c:userszachappdataroamingdropboxbindropbox.exe |

"{9BDA8DDF-5AF9-4653-B2E1-07DEE0D88C06}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftlauncher.patch.exe |

"{A107596E-D3B3-4929-A740-A1CD57C9FACB}" = protocol=6 | dir=in | app=c:program files (x86)pinnaclestudio 12programsstudio.exe |

"{A29B06A6-DBBE-4287-B232-B29C60F6AC66}" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftwow-x.x.x.x-4.0.0.12911-downloader.exe |

"{A3BF6482-C24B-4857-BD0C-067574001130}" = dir=in | app=c:program files (x86)hewlett-packardtouchsmartmediahptouchsmartphoto.exe |

"{A7E8A3B8-6366-472B-9D22-2B152D0ED701}" = protocol=17 | dir=in | app=c:userszachappdataroamingdropboxbindropbox.exe |

"{A86DAFE9-E9D1-43CB-9031-470112DB8988}" = dir=in | app=c:program files (x86)hewlett-packardmediadvdtsmagent.exe |

"{AB31AC84-556D-4699-A218-EC1C0EE999EC}" = protocol=6 | dir=in | app=c:program files (x86)steamsteam.exe |

"{AC1F4B36-F60F-4189-B6F7-BB0D20A92935}" = protocol=17 | dir=in | app=c:program files (x86)teamviewerversion7teamviewer_service.exe |

"{AE31F51E-AD6E-41A4-9C95-860CD9CF5270}" = protocol=6 | dir=out | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{AF2B14DE-6B5F-43CC-A08A-B538BDE66B8B}" = protocol=6 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |

"{AFDB42D2-5CB5-4FEA-A84E-85BC1E1774C7}" = protocol=17 | dir=in | app=c:program files (x86)steamsteamappscommonleft 4 dead 2left4dead2.exe |

"{B18E07D3-7B98-4370-831E-655ACC88C3CB}" = protocol=6 | dir=in | app=c:program files (x86)steamsteamappscommonspiral knightsjava_vmbinjavaw.exe |

"{B1D6518C-2836-4A58-BD17-4E5006C7F09E}" = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe |

"{B289EEFA-FFD3-4150-8D84-7F6792CF6DFF}" = protocol=6 | dir=in | app=c:program files (x86)bonjourmdnsresponder.exe |

"{B5117061-56E4-40C4-81C2-AE13B8B28A5A}" = protocol=17 | dir=out | app=%programfiles%windows media playerwmpnetwk.exe |

"{BF2ABF05-85E0-4AFA-B94E-460E43FB323D}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftlauncher.patch.exe |

"{C12533F9-04D8-4225-9B75-37D1A4231054}" = dir=in | app=c:program files (x86)skypephoneskype.exe |

"{C67BACB6-71B7-429A-A5D5-571A800B5425}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%system32svchost.exe |

"{CD80AEEE-26B0-4BF4-A90A-4ABC0473690B}" = protocol=17 | dir=out | app=%programfiles%windows media playerwmplayer.exe |

"{CD987B84-B3F3-4F14-8C84-1D8B10C98A60}" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftbackgrounddownloader.exe |

"{CDFE6E1B-6A7D-46D7-83F5-964EC4D76CC1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{CFB696CF-D3C2-4DCD-9592-E9763E4E667C}" = dir=in | app=c:program files (x86)common filesappleapple application supportwebkit2webprocess.exe |

"{D179812F-6F30-4E80-9BEE-35599385C7AB}" = protocol=6 | dir=in | app=c:program files (x86)ralinkcommonraui.exe |

"{D5B01E62-AE55-4652-9854-944C35B780CA}" = dir=in | app=c:program files (x86)hewlett-packardtouchsmartmediahptouchsmartvideo.exe |

"{D8417454-7431-4EDF-8589-EA447F496B48}" = protocol=17 | dir=in | app=%programfiles%windows media playerwmpnetwk.exe |

"{D8C4A34E-209C-468C-AB1E-FDDDF61ECE39}" = protocol=17 | dir=out | app=%programfiles%windows media playerwmplayer.exe |

"{DA3BCF41-1CF2-43FD-A882-0E246A8C7E7B}" = protocol=6 | dir=in | app=c:program files (x86)pinnaclestudio 12programsrm.exe |

"{DA9E76F7-2F62-42BE-B9A1-269FE7D8DB3C}" = protocol=17 | dir=in | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{DB8C1132-B45E-4370-B12F-E2C6720630A0}" = dir=in | app=c:program files (x86)windows livecontactswlcomm.exe |

"{DC0DBC42-2891-4FA7-AF75-1385FBF7B3C3}" = protocol=17 | dir=in | app=c:program files (x86)ralinkcommonraui.exe |

"{DD9C1914-9DA1-4355-BA21-3B3F89E9F968}" = protocol=17 | dir=out | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{E1B1A9A4-C235-49D0-A469-E15A1BFE9D6C}" = dir=in | app=c:program files (x86)hewlett-packardtouchsmartmediakernelclmlclmlsvc.exe |

"{E2825030-8797-419D-A400-B4C233F8C38A}" = protocol=17 | dir=in | app=%programfiles(x86)%windows media playerwmplayer.exe |

"{E617B77E-0B71-4A86-80E1-C4A809934AB0}" = protocol=17 | dir=in | app=c:program files (x86)pinnaclestudio 12programsumi.exe |

"{E680F000-C8E8-4E58-84D7-77CEAB86BA05}" = protocol=17 | dir=in | app=%programfiles%windows media playerwmplayer.exe |

"{EB149DA9-4477-4B72-92D9-477C2D5AA5B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{EBC38B85-4E80-4CB5-9985-B1FAB9979481}" = protocol=17 | dir=in | app=c:program files (x86)steamsteam.exe |

"{F4048F7A-5F04-448F-BAA4-03C62CC54EA5}" = protocol=6 | dir=in | app=c:program files (x86)steamsteamappscommonborderlandsbinariesborderlands.exe |

"{F4DC61B2-565A-48D5-9591-99B65941F2B6}" = protocol=6 | dir=in | app=c:program files (x86)teamviewerversion6teamviewer_service.exe |

"{F6260E02-7947-4692-8D33-826E0D38275C}" = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe |

"{F63D071A-7C61-4AE2-941B-37500E8A8D8D}" = protocol=17 | dir=in | app=c:program files (x86)steamsteamappscommonleft 4 dead 2left4dead2.exe |

"{F668FF0E-5629-4CF4-9232-F86DA2E5E7D7}" = protocol=6 | dir=in | app=c:program filesventriloventrilo.exe |

"{F88B15C5-FF37-423A-B1EB-B2B99BC7C672}" = protocol=6 | dir=in | app=c:userszachappdatalocaltversitymedia servermediaserver.exe |

"{FF866998-5231-4353-BA8B-8950387C9181}" = protocol=6 | dir=out | app=system |

"TCP Query User{00EFF3ED-56D7-48C6-B709-C34ED48320B2}C:userszachappdataroamingcacaowebcacaoweb.exe" = protocol=6 | dir=in | app=c:userszachappdataroamingcacaowebcacaoweb.exe |

"TCP Query User{01E1FA7D-99A9-4A69-BB51-2C9A2EDFF286}C:program files (x86)frostwirefrostwire.exe" = protocol=6 | dir=in | app=c:program files (x86)frostwirefrostwire.exe |

"TCP Query User{0312120A-401A-4D39-9B9A-DC7EDA62DE44}C:program files (x86)warcraft iiiwar3.exe" = protocol=6 | dir=in | app=c:program files (x86)warcraft iiiwar3.exe |

"TCP Query User{0724D420-0C31-482B-B82E-956C3FA022F1}C:program files (x86)orbitdownloaderorbitnet.exe" = protocol=6 | dir=in | app=c:program files (x86)orbitdownloaderorbitnet.exe |

"TCP Query User{196B23B4-CF70-410A-B993-DD0132FE66EE}C:userszachappdataroamingcacaowebcacaoweb.exe" = protocol=6 | dir=in | app=c:userszachappdataroamingcacaowebcacaoweb.exe |

"TCP Query User{20FD91DF-8B78-4616-B753-75F9467DB631}C:program files (x86)world of warcraftbackgrounddownloader.exe" = protocol=6 | dir=in | app=c:program files (x86)world of warcraftbackgrounddownloader.exe |

"TCP Query User{32CEF874-7DE7-4924-A1CE-1846A43997E5}C:program files (x86)mozilla firefoxfirefox.exe" = protocol=6 | dir=in | app=c:program files (x86)mozilla firefoxfirefox.exe |

"TCP Query User{5E4B51B1-02E7-4093-B9EF-547D3D3B0A1A}C:program files (x86)aresares.exe" = protocol=6 | dir=in | app=c:program files (x86)aresares.exe |

"TCP Query User{8412E128-E391-4666-AAE6-97945D064A69}C:program files (x86)aresares.exe" = protocol=6 | dir=in | app=c:program files (x86)aresares.exe |

"TCP Query User{9F8289B0-5B0F-401C-8872-C27C12F9563E}C:program files (x86)safarisafari.exe" = protocol=6 | dir=in | app=c:program files (x86)safarisafari.exe |

"TCP Query User{C808F634-3C0D-4E89-8054-13A7580F9F17}C:program filesjavajre6binjavaw.exe" = protocol=6 | dir=in | app=c:program filesjavajre6binjavaw.exe |

"TCP Query User{CA213038-86EA-4FA7-B159-D3480C732914}C:program files (x86)secondlifeviewer2slvoice.exe" = protocol=6 | dir=in | app=c:program files (x86)secondlifeviewer2slvoice.exe |

"TCP Query User{CE73E0A3-8327-45C2-AF0A-74F6B75CAAF2}C:program files (x86)orbitdownloaderorbitnet.exe" = protocol=6 | dir=in | app=c:program files (x86)orbitdownloaderorbitnet.exe |

"TCP Query User{EA67E8DF-5C01-4291-8C63-A3627CD590F4}C:program files (x86)mozilla firefoxfirefox.exe" = protocol=6 | dir=in | app=c:program files (x86)mozilla firefoxfirefox.exe |

"TCP Query User{F23EEB5E-63A3-450B-9227-32512EA9197D}C:program files (x86)easy-hide-ipeasy-hide-ip.exe" = protocol=6 | dir=in | app=c:program files (x86)easy-hide-ipeasy-hide-ip.exe |

"UDP Query User{07E72BF0-BDFA-45D9-B42E-34E8FDBB754C}C:program files (x86)orbitdownloaderorbitnet.exe" = protocol=17 | dir=in | app=c:program files (x86)orbitdownloaderorbitnet.exe |

"UDP Query User{306FF8DC-B93C-4170-898B-AB779A70FB2D}C:program files (x86)aresares.exe" = protocol=17 | dir=in | app=c:program files (x86)aresares.exe |

"UDP Query User{393DDBF6-757B-48CA-BBA8-AFDAABBCAFE3}C:program files (x86)aresares.exe" = protocol=17 | dir=in | app=c:program files (x86)aresares.exe |

"UDP Query User{42570CD1-CC11-47A6-9DE7-96A83894C322}C:program files (x86)world of warcraftbackgrounddownloader.exe" = protocol=17 | dir=in | app=c:program files (x86)world of warcraftbackgrounddownloader.exe |

"UDP Query User{65D37B7E-3E2B-45B7-9702-66B14460A83F}C:userszachappdataroamingcacaowebcacaoweb.exe" = protocol=17 | dir=in | app=c:userszachappdataroamingcacaowebcacaoweb.exe |

"UDP Query User{7217A2F9-01C7-4B39-8BEE-CA13D7CE28F3}C:program files (x86)safarisafari.exe" = protocol=17 | dir=in | app=c:program files (x86)safarisafari.exe |

"UDP Query User{76CF7930-277D-4FB7-8849-F0D1D19A670D}C:userszachappdataroamingcacaowebcacaoweb.exe" = protocol=17 | dir=in | app=c:userszachappdataroamingcacaowebcacaoweb.exe |

"UDP Query User{A1791C74-86CD-4002-A9D3-FB4AD2823974}C:program filesjavajre6binjavaw.exe" = protocol=17 | dir=in | app=c:program filesjavajre6binjavaw.exe |

"UDP Query User{A4CC1ED6-B28E-44A3-BFF4-02154AA5994C}C:program files (x86)orbitdownloaderorbitnet.exe" = protocol=17 | dir=in | app=c:program files (x86)orbitdownloaderorbitnet.exe |

"UDP Query User{B7DA5903-479D-48F3-B04C-899724C295AF}C:program files (x86)frostwirefrostwire.exe" = protocol=17 | dir=in | app=c:program files (x86)frostwirefrostwire.exe |

"UDP Query User{C0C0A26E-586A-4EBB-B055-98C535485625}C:program files (x86)secondlifeviewer2slvoice.exe" = protocol=17 | dir=in | app=c:program files (x86)secondlifeviewer2slvoice.exe |

"UDP Query User{D04BA398-FCBA-46AC-A7BD-3BE74C85976B}C:program files (x86)mozilla firefoxfirefox.exe" = protocol=17 | dir=in | app=c:program files (x86)mozilla firefoxfirefox.exe |

"UDP Query User{E8CAE136-CCCE-4BE2-A6AD-479C039D7B63}C:program files (x86)mozilla firefoxfirefox.exe" = protocol=17 | dir=in | app=c:program files (x86)mozilla firefoxfirefox.exe |

"UDP Query User{E8FBE484-AF7A-4A44-A405-5DB928203E63}C:program files (x86)easy-hide-ipeasy-hide-ip.exe" = protocol=17 | dir=in | app=c:program files (x86)easy-hide-ipeasy-hide-ip.exe |

"UDP Query User{FBFC8945-3714-4970-B9C8-7B2177EBD1CF}C:program files (x86)warcraft iiiwar3.exe" = protocol=17 | dir=in | app=c:program files (x86)warcraft iiiwar3.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{240FCE0B-F553-4ab3-9C7B-3CD082FCA117}" = NetDeviceManager64

"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java 7 Update 2 (64-bit)

"{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard

"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes

"{5F240DB8-0D74-4F13-86C3-929760392A8D}" = HP Remote Software

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java SE Development Kit 7 Update 2 (64-bit)

"{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}" = HP Officejet All-In-One Series

"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel

"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64

"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud

"{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}" = HP MediaSmart SmartMenu

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"3921FF37F830F5D806C272CFE7BE2D77C3DDC8CF" = Windows Driver Package - Pinnacle Systems (BENDER) Media (11/21/2006 2.0.19.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem

"Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center

"Bitdefender" = Bitdefender Total Security 2012

"CCleaner" = CCleaner

"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18

"HDMI" = Intel® Graphics Media Accelerator Driver

"HP Document Manager" = HP Document Manager 1.0

"HP Imaging Device Functions" = HP Imaging Device Functions 10.0

"HP Photosmart Essential" = HP Photosmart Essential 2.5

"HP Smart Web Printing" = HP Smart Web Printing

"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0

"HPExtendedCapabilities" = HP Customer Participation Program 10.0

"HPOCR" = OCR Software by I.R.I.S. 10.0

"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1

"OfficeTrial" = Microsoft Office Home and Student 60 day trial

"PC-Doctor for Windows" = Hardware Diagnostic Tools

"Shop for HP Supplies" = Shop for HP Supplies

"SP6" = Logitech SetPoint 6.32

"Speccy" = Speccy

"WinRAR archiver" = WinRAR 4.00 beta 4 (64-bit)

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.0.0

"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional

"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext

"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian

"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French

"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox

"{1147FF9A-D576-4cb5-B5E7-FCA21D1E7D26}" = J4680

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish

"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService

"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status

"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English

"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30

"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish

"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding

"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)

"{30C01299-554C-4B62-BD0F-849F43E01C91}_is1" = Pokemon World Online version 1.81

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant

"{3825B383-7880-48C8-AADD-49B0D764B151}" = 4660_4680_Help

"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese

"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50802F8E-03B4-479D-A643-16DE5A3586CB}" = BPDSoftware_Ini

"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5828A6FD-32BC-46E2-AC81-5AD9D866F48F}" = Pinnacle Bender 64-bit

"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp

"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm

"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard

"{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software

"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian

"{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1" = Minecraft Note Block Studio version 3.1.0

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese

"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1

"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS

"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy

"{A3B31D43-75F4-4CF4-8330-6DE62C3540FA}_is1" = Standalone Flash Player 1.2

"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter

"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6

"{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All

"{AE469025-08BA-4B2A-915D-CC7765132419}" = Default Manager

"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision

"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer

"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply

"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish

"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean

"{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = Catalyst Control Center

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C79BF5BB-5671-41C0-A028-E9A2097D1AAD}" = Microsoft Live Search Toolbar

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg

"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek

"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition

"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12

"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch

"{D3737952-FF6E-4E72-BDEE-B0DC1C69F80B}" = BPD_HPSU

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag

"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar

"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch

"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai

"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari

"{F4EAEBEA-3E46-43b8-A63C-AD180AE86918}" = BPDSoftware

"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Afterburner" = MSI Afterburner 2.1.0

"Any Video Converter_is1" = Any Video Converter 3.2.7

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

"CraftBukkit v8.2" = CraftBukkit v8.2

"DivX Setup.divx.com" = DivX Setup

"FLV Player" = FLV Player 2.0 (build 25)

"FormatFactory" = FormatFactory 2.90

"Fraps" = Fraps

"FrostWire" = FrostWire 4.21.8

"Handbrake" = Handbrake 0.9.4

"ImgBurn" = ImgBurn

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe

"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)

"Notepad++" = Notepad++

"Orbit_is1" = Orbit Downloader

"Privoxy" = Privoxy (remove only)

"pywin32-py2.6" = Python 2.6 pywin32-212

"Revo Uninstaller" = Revo Uninstaller 1.91

"SpeedFan" = SpeedFan (remove only)

"Steam App 550" = Left 4 Dead 2

"Steam App 8980" = Borderlands

"Steam App 99900" = Spiral Knights

"TeamViewer 6" = TeamViewer 6

"TeamViewer 7" = TeamViewer 7

"TVersity Codec Pack" = TVersity Codec Pack 1.2

"uTorrent" = µTorrent

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.2

"World of Warcraft" = World of Warcraft

"xchat" = XChat 2 (remove only)

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"090215de958f1060" = Curse Client

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

"UnityWebPlayer" = Unity Web Player

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10/27/2011 11:44:02 PM | Computer Name = Zach-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 10/28/2011 12:11:13 AM | Computer Name = Zach-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 10/28/2011 5:50:47 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/28/2011 9:32:23 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/28/2011 11:38:04 PM | Computer Name = Zach-PC | Source = Application Error | ID = 1000

Description = Faulting application svchost.exe_Net Driver HPZ12, version 6.0.6001.18000,

time stamp 0x47919291, faulting module hpzinw12.dll, version 12.2.1.54, time stamp

0x4551bab4, exception code 0xc0000005, fault offset 0x000000000000a524, process

id 0xb4c, application start time 0x01cc95da7be80c26.

 

Error - 10/29/2011 7:38:36 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/30/2011 12:53:11 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/30/2011 5:58:23 PM | Computer Name = Zach-PC | Source = Application Error | ID = 1000

Description = Faulting application Skype.exe, version 5.3.0.120, time stamp 0x4df89ed9,

faulting module Skype.exe, version 5.3.0.120, time stamp 0x4df89ed9, exception

code 0xc0000005, fault offset 0x005183e8, process id 0x1a60, application start time

0x01cc9725e3346f7b.

 

Error - 10/30/2011 6:10:19 PM | Computer Name = Zach-PC | Source = Application Hang | ID = 1002

Description = The program javaw.exe version 6.0.290.11 stopped interacting with

Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: 9b4 Start Time: 01cc974f495be07b Termination Time: 45

 

Error - 10/31/2011 5:51:47 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

[ System Events ]

Error - 1/27/2012 9:53:06 PM | Computer Name = Zach-PC | Source = cdrom | ID = 262151

Description = The device, DeviceCdRom0, has a bad block.

 

Error - 1/28/2012 2:35:55 PM | Computer Name = Zach-PC | Source = Microsoft-Windows-ResourcePublication | ID = 1002

Description =

 

Error - 1/28/2012 2:37:14 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 1/28/2012 2:37:14 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 1/28/2012 2:37:14 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 1/28/2012 2:37:14 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7009

Description =

 

Error - 1/28/2012 2:37:53 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 1/28/2012 2:37:53 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7026

Description =

 

Error - 1/28/2012 2:56:48 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7009

Description =

 

Error - 1/28/2012 2:56:48 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

Link to comment
Share on other sites

Hi. :)

 

I apologize for late reply, got a little busy lately and forgot to check here. I will go ahead and run those scans as requested. Thanks for your help.

Not a problem and you're welcome! My apologies also as I forgot to mention I am rarely online during a Sunday etc.

 

My computer is currently running ok, my internet dropped connection a few times last night but im now fairly certain its my router. It hasn't frozen in the past couple of days, but the freezing hasn't been regular its been fairly off an on when it would freeze. (I.E. be ok for a day or two then freeze around 6 times in one day)

OK and thanks for the update.

 

PeerBlock & Privoxy Advice:

 

Neither of these applications are particularly good and or effective in my humble opinion. Plus they tend to cause a myriad of actual connectivity problems and the proported security aspects are vastly overrated.

 

My friendly advice would be to uninstall both of the aforementioned. The choice to do so is yours however.

 

Peer to Peer Advice:

 

I see you have both µTorrent and FrostWire installed. If you have used either recently, you can be fairly confident this is a principal reason your computer is infected for example.

 

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, FrostWire, Limewire and Vuze.

 

Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

It's also very important to avoid any "cracks" or "Keygens" that allow unauthorized use of programs. Besides being illegal, these files also are loaded with "planted" malware.

 

My friendly advice would be to uninstall both of the aforementioned. However if you opt not to, please refrain from using them during the course of the Malware Removal process.

 

Next:

 

I would like to check your machines actual MBR(master boot record) as awsMBR is reporting it as unknown. Though this may be due to the fact your machine appears to be a HP Modal and it may relate to the Recovery Partition. Do not be alarmed by this but merely view it as myself erring on the side of caution.

 

So please right click on the file MBR.dat, it is located:-

 

C:UsersZachDocumentsMBR.dat

 

Send To > >> Compressed (zipped) folder >> There should now be a Zip folder on the desktop named MBR. Please attach this zipfile in your next reply.

 

Next:

 

Out of date Adobe and Java installations pose a security risk. They can be used by malware as a means to infect a computer and or re-infect. We will update both in due course.

 

Now please go to Start(Vista Orb) >> Control Panel >> Programs and Features and remove the following (if present):

 

Adobe Reader 9.4.6

Java™ 6 Update 30 <-- You do have Java™ 7 Update 2 (64-bit) installed, leave this in place as it will be the 32 bit version of Java we will update.

 

To do so click once on each of the above to highlight then click on Uninstall/Change and follow the prompts.

 

Backup the Registry:

 

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Right-click on erunt-setup.exe and select Run as Administrator to Install ERUNT by following the prompts.
  • Use the default install settings but say No to the portion that asks you to add ERUNT to the Start-Up folder.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:WINDOWSERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

 

Reset Vista SP2 Firewall:

 

Click on Start(Vista Orb) >> Run... and cut/paste in the following and click on OK

firewall.cpl
Or Start(Vista Orb) >> Control Panel >> Windows Firewall

 

Click on the Change Settings >> Advanced >> Restore Defaults >> At the prompt click on Yes >> OK

 

Now click back on Change Settings again >> General >> and select Off(not recommended) >> Apply >> OK.

 

Note: No need for it to be active after the reset because the installed Bitdefender Total Security 2012 has a firewall component.

 

Next:

 

When completed the above, attach the requested zipfile and post a new OTL log. Then we will go from there, thank you.

Link to comment
Share on other sites

Okay got them all done.

 

OTL logfile created on: 1/30/2012 3:35:25 PM - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Zach\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

6.00 Gb Total Physical Memory | 3.66 Gb Available Physical Memory | 61.06% Memory free

12.19 Gb Paging File | 9.49 Gb Available in Paging File | 77.84% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 582.50 Gb Total Space | 327.24 Gb Free Space | 56.18% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 2.16 Gb Free Space | 15.79% Space Free | Partition Type: NTFS

Drive E: | 2.06 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Zach\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Users\Zach\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

PRC - C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)

PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe (Apple Inc.)

PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)

PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

PRC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

PRC - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)

PRC - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Ralink\Common\RaWLAPI.dll ()

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (SafeBox) -- C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe (Bitdefender)

SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender)

SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (Update Server) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender)

SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)

SRV:64bit: - (Belkin Local Backup Service) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe ()

SRV:64bit: - (Belkin Network USB Helper) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe ()

SRV:64bit: - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agr64svc.exe (LSI Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (RaMediaServer) -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe ()

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (FreeAgentGoNext Service) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Seagate Technology LLC)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\DRIVERS\bdfsfltr.sys (BitDefender)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (avc3) -- C:\Windows\SysNative\DRIVERS\avc3.sys (BitDefender)

DRV:64bit: - (avchv) -- C:\Windows\SysNative\DRIVERS\avchv.sys (BitDefender)

DRV:64bit: - (avckf) -- C:\Windows\SysNative\DRIVERS\avckf.sys (BitDefender)

DRV:64bit: - (bdftdif) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys (BitDefender LLC)

DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)

DRV:64bit: - (netr28x) -- C:\Windows\SysNative\DRIVERS\netr28x.sys (Ralink Technology, Corp.)

DRV:64bit: - (trufos) -- C:\Windows\SysNative\DRIVERS\trufos.sys (BitDefender S.R.L.)

DRV:64bit: - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)

DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdLH6.sys (Advanced Micro Devices)

DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek )

DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\DRIVERS\LEqdUsb.Sys (Logitech, Inc.)

DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\DRIVERS\LHidEqd.Sys (Logitech, Inc.)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)

DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)

DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)

DRV:64bit: - (jumi) -- C:\Windows\SysNative\DRIVERS\jumi.sys (Windows ® Codename Longhorn DDK provider)

DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (LSI Corporation)

DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\DRIVERS\bdvedisk.sys (BitDefender)

DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)

DRV:64bit: - (sxuptp) -- C:\Windows\SysNative\DRIVERS\sxuptp.sys (silex technology, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\DRIVERS\serscan.sys (Microsoft Corporation)

DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM) -- C:\Windows\SysNative\DRIVERS\vrtaucbl.sys (Eugene V. Muzychenko)

DRV:64bit: - (emAudio) -- C:\Windows\SysNative\drivers\emAudio64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (DCamUSBEMPIA) -- C:\Windows\SysNative\DRIVERS\emDevice64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (FiltUSBEMPIA) -- C:\Windows\SysNative\DRIVERS\emFilter64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (ScanUSBEMPIA) -- C:\Windows\SysNative\DRIVERS\emScan64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\DRIVERS\MarvinBus64.sys (Pinnacle Systems GmbH)

DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Almico Software)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-695846412-1422135498-510312126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-695846412-1422135498-510312126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-695846412-1422135498-510312126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-695846412-1422135498-510312126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

IE - HKU\S-1-5-21-695846412-1422135498-510312126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=127.0.0.1:4021

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.5.1

FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4c9be010&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.2.1: C:\Windows\system32\npDeployJava1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.2.0: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\PROGRA~2\MEADCO~1\npmeadax.dll (MeadCo Corp.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zach\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zach\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Zach\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/04/07 16:02:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/04/07 16:02:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/01/25 16:20:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/30 15:13:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

 

[2010/09/21 19:06:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Extensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] () -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}

[2010/09/24 14:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/20 20:39:48 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}

[2011/05/03 18:58:47 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\8dcmsll8.default\extensions\cacaoweb@cacaoweb.org

[2012/01/30 15:14:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/01/03 03:15:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011/08/29 17:38:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011/11/20 21:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011/12/19 22:38:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011/11/20 18:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011/11/20 18:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: MeadCo's Neptune (Enabled) = C:\PROGRA~2\MEADCO~1\npmeadax.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\Zach\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Zach\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: DivX HiQ = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: Skype Click to Call = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

 

O1 HOSTS File: ([2012/01/14 20:07:43 | 000,000,021 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found

O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

O3 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O4:64bit: - HKLM..\Run: [bDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [updateLBPShortCut] c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-695846412-1422135498-510312126-1000..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-695846412-1422135498-510312126-1000..\Run: [JumiController] File not found

O4 - HKU\S-1-5-21-695846412-1422135498-510312126-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-21-695846412-1422135498-510312126-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Zach\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )

O15 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-21-695846412-1422135498-510312126-1000\..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)

O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.3.25

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AC38E91-358B-4B65-A39D-007F67156745}: DhcpNameServer = 192.168.0.1 205.171.3.25

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:\Users\Zach\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\Zach\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/09/29 09:06:55 | 000,155,648 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]

O32 - AutoRun File - [2005/10/04 08:48:21 | 000,000,000 | ---D | M] - E:\Autorun -- [ CDFS ]

O32 - AutoRun File - [2005/03/14 08:30:41 | 000,000,045 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]

O33 - MountPoints2\{122626b3-c5ec-11df-91fb-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{122626b3-c5ec-11df-91fb-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2005/09/29 09:06:55 | 000,155,648 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/01/30 15:30:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2012/01/30 15:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2012/01/30 15:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT

[2012/01/29 20:18:44 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\Stronghold 2

[2012/01/29 20:07:10 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\stronghold2_v1_41_update

[2012/01/29 20:04:30 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\FLV DL

[2012/01/29 19:57:48 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt.dll

[2012/01/29 00:39:28 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Local\Geckofx

[2012/01/29 00:39:18 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Firefly Studios

[2012/01/29 00:39:15 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\Stronghold Kingdoms

[2012/01/29 00:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Firefly Studios

[2012/01/29 00:31:46 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll

[2012/01/29 00:31:46 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll

[2012/01/29 00:31:46 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll

[2012/01/29 00:31:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll

[2012/01/29 00:31:45 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll

[2012/01/29 00:31:45 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll

[2012/01/29 00:31:45 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll

[2012/01/29 00:31:45 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll

[2012/01/29 00:31:44 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2012/01/29 00:31:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll

[2012/01/29 00:31:44 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll

[2012/01/29 00:31:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll

[2012/01/29 00:31:43 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll

[2012/01/29 00:31:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll

[2012/01/29 00:31:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll

[2012/01/29 00:31:41 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2012/01/29 00:31:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2012/01/28 23:19:27 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade

[2012/01/28 23:18:10 | 000,316,488 | ---- | C] (Softonic) -- C:\Users\Zach\Desktop\SoftonicDownloader_for_gamespy-arcade.exe

[2012/01/28 22:35:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade

[2012/01/28 22:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameSpy Arcade

[2012/01/28 22:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firefly Studios

[2012/01/28 22:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefly Studios

[2012/01/28 21:01:27 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll

[2012/01/28 21:01:25 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2012/01/28 21:00:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp

[2012/01/28 20:57:18 | 000,058,624 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys

[2012/01/28 20:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable

[2012/01/28 20:57:18 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable

[2012/01/28 20:55:39 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\Virtual_Audio_Cable_4.08

[2012/01/28 13:09:55 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Zach\Desktop\OTL.exe

[2012/01/28 13:06:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Users\Zach\Desktop\aswMBR.exe

[2012/01/28 11:59:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2012/01/28 11:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP

[2012/01/28 11:58:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center

[2012/01/26 19:10:38 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\NeroVision

[2012/01/26 19:08:36 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\Nero Home

[2012/01/26 19:07:21 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Local\Ahead

[2012/01/26 19:07:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition

[2012/01/26 19:06:19 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Ahead

[2012/01/26 19:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead

[2012/01/26 18:10:59 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\FFOutput

[2012/01/26 18:10:55 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2012/01/26 18:10:08 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

[2012/01/26 18:09:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2012/01/23 16:10:44 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\ImgBurn

[2012/01/23 15:48:48 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\Hirens.BootCD.15.1

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn

[2012/01/23 15:45:45 | 006,055,875 | ---- | C] (LIGHTNING UK!) -- C:\Users\Zach\Desktop\SetupImgBurn_2.5.6.0.exe

[2012/01/23 15:08:29 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2012/01/21 23:15:52 | 000,508,520 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rtlh64.sys

[2012/01/21 23:15:52 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll

[2012/01/21 23:15:52 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll

[2012/01/21 22:37:18 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll

[2012/01/21 22:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink

[2012/01/21 22:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless

[2012/01/21 22:29:17 | 001,813,056 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr28x.sys

[2012/01/21 22:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink Driver

[2012/01/21 22:28:52 | 001,121,856 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll

[2012/01/21 22:28:52 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll

[2012/01/21 22:28:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RaLanguages

[2012/01/21 22:28:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ralink

[2012/01/21 22:16:00 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll

[2012/01/21 22:16:00 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

[2012/01/21 22:15:59 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

[2012/01/21 22:15:59 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

[2012/01/21 22:15:59 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

[2012/01/21 22:15:59 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

[2012/01/21 22:15:59 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

[2012/01/21 22:15:59 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll

[2012/01/21 22:15:58 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

[2012/01/21 22:15:58 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

[2012/01/21 22:15:58 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll

[2012/01/21 22:15:58 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll

[2012/01/21 22:15:58 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll

[2012/01/21 22:15:58 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll

[2012/01/21 22:15:58 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll

[2012/01/21 22:15:52 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

[2012/01/21 22:15:52 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll

[2012/01/21 22:15:52 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll

[2012/01/21 22:15:32 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

[2012/01/21 22:14:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield

[2012/01/20 16:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012/01/20 16:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2012/01/14 17:54:52 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2012/01/14 17:54:52 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012/01/14 17:54:52 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2012/01/14 17:54:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2012/01/14 17:54:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012/01/14 17:54:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012/01/14 17:54:52 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2012/01/14 17:54:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2012/01/14 17:54:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2012/01/14 17:54:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2012/01/14 17:54:52 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2012/01/14 17:54:52 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2012/01/14 17:54:52 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2012/01/14 17:54:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2012/01/14 17:54:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2012/01/14 17:54:51 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012/01/14 17:54:51 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2012/01/14 17:54:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2012/01/14 17:54:51 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2012/01/14 17:54:51 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2012/01/14 17:54:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012/01/14 17:54:51 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2012/01/14 17:54:51 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2012/01/14 17:54:51 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll

[2012/01/14 17:54:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2012/01/14 17:54:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2012/01/14 17:54:51 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2012/01/14 17:54:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012/01/14 17:54:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2012/01/14 17:54:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2012/01/14 17:54:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2012/01/14 17:54:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2012/01/14 17:54:50 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2012/01/14 17:54:49 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2012/01/14 17:54:49 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012/01/14 17:54:49 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012/01/14 17:54:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2012/01/14 17:54:49 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2012/01/14 17:54:49 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2012/01/14 17:54:49 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2012/01/14 17:54:49 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2012/01/14 17:54:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012/01/14 17:54:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012/01/14 17:54:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2012/01/14 17:54:49 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2012/01/14 17:54:49 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2012/01/14 17:54:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll

[2012/01/14 17:54:49 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative

MBR.zip

Link to comment
Share on other sites

Hi. :)

 

Okay got them all done.

Good, lets proceed as follows shall we...

 

Next:

 

Your machines MBR(master boot record) is both clean and legitimate, so no further action is required on my behalf with regard to that.

 

Trusted Zone Advice:

 

You really should not have any website in the Trusted Zone of Internet Explorer. The reason being the default security settings in the Trusted Zone are set too low, which makes it unsafe. Plus it should not be necessary for any remote server to have that level of access. Plenty of good and reputable sites get hacked to host malware; advertising networks are renowned for serving malware which can appear on any site. The best policy is to remove anything from the Trusted Zone unless it's absolutely required in order for the site to work and you trust that site implicitly.

 

Custom OTL Script:

  • Right-click OTL.exe and select Run as Administrator to start the program.
  • Copy the lines from the quote-box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

IE - HKU.DEFAULT..URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKUS-1-5-18..URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page = about:blank

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyOverride" = local;*.local

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyServer" = socks=127.0.0.1:4021

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27

FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4c9be010&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q="

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O3 - HKLM..Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKUS-1-5-21-695846412-1422135498-510312126-1000..ToolbarWebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

O3 - HKUS-1-5-21-695846412-1422135498-510312126-1000..ToolbarWebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found

O15 - HKU.DEFAULT..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU.DEFAULT..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKUS-1-5-18..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKUS-1-5-19..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: freerealms.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: soe.com ([]* in )

O15 - HKUS-1-5-19..Trusted Domains: sony.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: freerealms.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: soe.com ([]* in )

O15 - HKUS-1-5-20..Trusted Domains: sony.com ([]* in )

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Trusted Domains: sony.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.2.0)

O18:64bit: - ProtocolHandlerlivecall - No CLSID value found

O18:64bit: - ProtocolHandlerms-help - No CLSID value found

O18:64bit: - ProtocolHandlerms-itss - No CLSID value found

O18:64bit: - ProtocolHandlermsnim - No CLSID value found

O18:64bit: - ProtocolHandlerskype-ie-addon-data - No CLSID value found

@Alternate Data Stream - 144 bytes -> C:ProgramDataTemp:07BF512B

 

:Files

ipconfig /flushdns /c

 

:Commands

[Purity]

[ResetHosts]

[EmptyTemp]

[CreateRestorePoint]

[Reboot]

  • Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
  • Then click the red Run Fix button.
  • Let the program run unhindered.
  • If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

 

Malwarebytes Anti-Malware:

 

At present the version you have installed is 1.51.2.1300, the current is 1.60.1.1000. So after updating you may be prompted to reboot your machine too complete the update/new installation, please do so if advised.

 

Note: Remember to right click MBAM and select Run As Administrator.

  • Launch the application, Check for Updates >> Perform quick scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • OTL Log from the Custom Script.
  • Malwarebytes Anti-Malware Log.
Link to comment
Share on other sites

Computer is performing good, no freezes since last update and dropping internet has seemed to slow down to a minimal occurrence.

 

All processes killed

========== OTL ==========

HKLMSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

Registry value HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerURLSearchHooks{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.

Registry value HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerURLSearchHooks{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.

HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully!

HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyOverride| /E : value set successfully!

HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyServer| /E : value set successfully!

Prefs.js: "AVG Secure Search" removed from browser.search.defaultenginename

Prefs.js: "AVG Secure Search" removed from browser.search.selectedEngine

Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems

Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems

Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems

Prefs.js: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27 removed from extensions.enabledItems

Prefs.js: "http://search.avg.com/route/?d=4c9be010&v=6.103.018.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q=" removed from keyword.URL

Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} not found.

Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.

Registry value HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} not found.

Registry value HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{92780B25-18CC-41C8-B9BE-3C9C571A8263} deleted successfully.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{92780B25-18CC-41C8-B9BE-3C9C571A8263} not found.

Registry key HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com deleted successfully.

Registry key HKEY_USERS.DEFAULTSOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com deleted successfully.

Registry key HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com not found.

Registry key HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com not found.

Registry key HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com not found.

Registry key HKEY_USERSS-1-5-18SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com not found.

Registry key HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com deleted successfully.

Registry key HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com deleted successfully.

Registry key HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com deleted successfully.

Registry key HKEY_USERSS-1-5-19SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com deleted successfully.

Registry key HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com deleted successfully.

Registry key HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com deleted successfully.

Registry key HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com deleted successfully.

Registry key HKEY_USERSS-1-5-20SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com deleted successfully.

Registry key HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsclonewarsadventures.com deleted successfully.

Registry key HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsfreerealms.com deleted successfully.

Registry key HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssoe.com deleted successfully.

Registry key HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainssony.com deleted successfully.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftCode Store DatabaseDistribution Units{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{8AD9C840-044E-11D1-B3E9-00805F499D93} not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerlivecall deleted successfully.

File ProtocolHandlerlivecall - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerms-help deleted successfully.

File ProtocolHandlerms-help - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerms-itss deleted successfully.

File ProtocolHandlerms-itss - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlermsnim deleted successfully.

File ProtocolHandlermsnim - No CLSID value found not found.

64bit-Registry key HKEY_LOCAL_MACHINESOFTWAREClassesPROTOCOLSHandlerskype-ie-addon-data deleted successfully.

File ProtocolHandlerskype-ie-addon-data - No CLSID value found not found.

ADS C:ProgramDataTemp:07BF512B deleted successfully.

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:UsersZachDesktopcmd.bat deleted successfully.

C:UsersZachDesktopcmd.txt deleted successfully.

========== COMMANDS ==========

File move failed. C:WindowsSystem32driversetcHosts scheduled to be moved on reboot.

HOSTS file reset successfully

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56502 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Zach

->Temp folder emptied: 101323 bytes

->Temporary Internet Files folder emptied: 6327931 bytes

->Java cache emptied: 7030038 bytes

->FireFox cache emptied: 61478121 bytes

->Google Chrome cache emptied: 0 bytes

->Apple Safari cache emptied: 0 bytes

->Flash cache emptied: 57223 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%System32 .tmp files removed: 0 bytes

%systemroot%System32 (64bit) .tmp files removed: 0 bytes

%systemroot%System32drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 2853 bytes

%systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 33186 bytes

%systemroot%sysnativeconfigsystemprofileAppDataLocalLowSunJavaDeployment folder emptied: 749 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 72.00 mb

 

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.31.0 log created on 01312012_151429

 

FilesFolders moved on Reboot...

File move failed. C:WindowsSystem32driversetcHosts scheduled to be moved on reboot.

FileFolder C:UsersZachAppDataLocalTemphsperfdata_Zach1152 not found!

 

Registry entries deleted on Reboot...

Link to comment
Share on other sites

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

 

Database version: v2012.01.31.08

 

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Zach :: ZACH-PC [administrator]

 

1/31/2012 3:21:52 PM

mbam-log-2012-01-31 (15-21-52).txt

 

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 520113

Time elapsed: 2 hour(s), 18 minute(s), 39 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 1

C:UsersZachDownloadsNero 7.10.1.0Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

 

(end)

Link to comment
Share on other sites

Hi. :)

 

Computer is performing good, no freezes since last update and dropping internet has seemed to slow down to a minimal occurrence.

OK and thanks for the update...

 

The intermittent Internet connectivity issues may due to your actual ISP(internet service provider). You do appear to be using Qwest Communications/CentuaryLink. Also it would be probably prudent to reset your actual Router at some point and apply a new admin password as a precaution.

 

Off-course I am not ruling out malware as the culprit just yet.

 

CKScanner:

  • Please download CKScanner from here to your Desktop.
Make sure that CKScanner.exe is on the your Desktop before running the application!

  • Right-click on CKScanner.exe and select Run as Administrator, then click Search For Files. Only run the application once.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.
ESET Online Scanner:

 

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

 

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:Program Files (x86)/ESET/ESET Online Scannerlog.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
Link to comment
Share on other sites

wow... that was the longest 8 hours of my life O_O

and i think i may have copied the wrong log file :bawling:

 

CKScanner - Additional Security Risks - These are not necessarily bad

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapifp-1.1javasecurityspecrsakeygenparameterspec.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapifp-1.1javasecurityspecclass-usersakeygenparameterspec.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapijce10javaxcryptokeygenerator.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapijce10javaxcryptokeygeneratorspi.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapijce10javaxcryptoclass-usekeygenerator.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapijce10javaxcryptoclass-usekeygeneratorspi.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapipbp11javasecurityspecrsakeygenparameterspec.html

c:program filesnetbeans 7.0.1mobilityjava_me_platform_sdk_3.0docsapipbp11javasecurityspecclass-usersakeygenparameterspec.html

c:program files (x86)adobeadobe dreamweaver cs5.5configurationtaglibrarieshtmlkeygen.vtm

c:program files (x86)firefly studiosstronghold 2meshesbuildingscastle_wall_crack.dds

c:program files (x86)firefly studiosstronghold 2meshesbuildingscastle_wall_crack.heightmap.dds

c:program files (x86)firefly studiosstronghold 2meshesbuildingscastle_wall_crack.normalmap.dds

c:program files (x86)firefly studiosstronghold 2terraincracked_peat.dds

c:program files (x86)firefly studiosstronghold crusadergmcracks.gm1

c:program files (x86)gimp-2.0sharegimp2.0patternscracked.pat

c:userszachdownloadspdxsb40akeygenmpeg_ac3.reg

c:userszachdownloadsstronghold 2stronghold 2 deluxecrackhatred.nfo

c:userszachdownloadsstronghold 2stronghold 2 deluxecrackstronghold2.exe

c:userszachmusicitunesitunes mediamobile applicationscrackle 2.3.7.ipa

scanner sequence 3.IJ.11.AFAPWE

----- EOF -----

 

ESET Online Scanner

C:Program Files (x86)FREEzeFlipbin1.0.6.0FREEzeFlipSAHook.dll probably a variant of Win32/Adware.180Solutions application

C:UsersZachAppDataRoamingFrostWire.AppSpecialSharefrostwire-4.21.8.windows.exe Win32/OpenCandy application

C:UsersZachDesktopHirens.BootCD.15.1.zip Win32/PSWTool.KonBoot.A application

C:UsersZachDesktopSoftonicDownloader_for_gamespy-arcade.exe Win32/SoftonicDownloader.C application

C:UsersZachDesktopHirens.BootCD.15.1Hiren's.BootCD.15.1.iso Win32/PSWTool.KonBoot.A application

C:UsersZachDownloadsavc-free.exe Win32/OpenCandy application

C:UsersZachDownloadsCNET_TechTracker_2_0_3_59_a_Setup.exe Win32/OpenCandy application

C:UsersZachDownloadsFreeYouTubeDownloaderSetup.exe multiple threats

C:UsersZachDownloadsfrostwire-4-1.21.7.windows.exe Win32/OpenCandy application

C:UsersZachDownloadsfrostwire-4.20.9.windows.exe Win32/OpenCandy application

C:UsersZachDownloadsfrostwire-4.21.7.windows.exe Win32/OpenCandy application

C:UsersZachDownloadsfrostwire-4.21.8.windows.exe Win32/OpenCandy application

C:UsersZachDownloadsNero 7.10.1.0Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar application

Link to comment
Share on other sites

*Sigh*

Man it is just one thing after another.

A new symptom has appeared, for some reason an application will fail/crash and the windows error report/helper wont ever come up and give me the option to either "End Program" "Wait For Program To Respond" "Cancel" etc. and it wont let me open up Task Manager or lock my computer either, via ctrl+alt+del or ctrl+shift+esc.

 

So after that my only option is to shutdown/restart my computer.

 

EDIT: as soon as i tried to open "run" it froze. (it being the run application)

 

EDIT2: Computer ended up locking up in a "Stopped responding state" and nothing that i tried would get me anywhere, and i ended up having to manually shut down my computer.

Edited by Z4CK56
Link to comment
Share on other sites

Hi. :)

 

My sincere apologies for the prolonged delay on my behalf, unforeseen circumstances I'm afraid due to recent inclement weather in my locale.

 

Next:

 

Before we address the results of the prior scans I asked for and so I can ascertain what is occurring now. Carry out the below for me again and we will go from there, thank you.

 

Re-scan with OTL:

 

Delete the last set of OTL logs and empty the Recycle Bin.

 

  • Right-click on OTL.exe and select Run as Administrator to start OTL.
  • Ensure Include 64bit Scans is selected.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.

    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.
When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • Both OTL logs. <-- Post them individually please, IE: one Log per post/reply.
Edited by Dakeyras
Link to comment
Share on other sites

Computer seems to be running "OK" so far but the day before yesterday my computer had completely frozen/locked up and i had to manually restart, it didn't happen yesterday and hasn't happened yet today (Crosses Fingers) so im not entirely sure on what caused it.

 

Thank you for your time/continuous help.

Link to comment
Share on other sites

OTL logfile created on: 2/10/2012 3:50:53 PM - Run 3

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersZachDesktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

6.00 Gb Total Physical Memory | 3.92 Gb Available Physical Memory | 65.28% Memory free

12.18 Gb Paging File | 9.59 Gb Available in Paging File | 78.76% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 582.50 Gb Total Space | 306.30 Gb Free Space | 52.58% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 2.16 Gb Free Space | 15.79% Space Free | Partition Type: NTFS

Drive E: | 1.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

 

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:UsersZachDesktopOTL.exe (OldTimer Tools)

PRC - C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (Malwarebytes Corporation)

PRC - C:Program Files (x86)TeamViewerVersion7TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

PRC - C:Program Files (x86)RalinkCommonRaUI.exe (Ralink Technology, Corp.)

PRC - C:Program Files (x86)TeamViewerVersion6TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe (Seagate Technology LLC)

PRC - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)

PRC - C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (Intel Corporation)

PRC - C:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe (Hewlett-Packard)

PRC - C:Program Files (x86)Common FilesAheadLibNMIndexStoreSvr.exe (Nero AG)

PRC - C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe (Nero AG)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:Program Files (x86)RalinkCommonRaWLAPI.dll ()

MOD - C:Program Files (x86)Mozilla Firefoxmozjs.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (UPDATESRV) -- C:Program FilesBitdefenderBitdefender 2012updatesrv.exe (Bitdefender)

SRV:64bit: - (VSSERV) -- C:Program FilesBitdefenderBitdefender 2012vsserv.exe (Bitdefender)

SRV:64bit: - (SafeBox) -- C:Program FilesBitdefenderBitdefender SafeBoxsafeboxservice.exe (Bitdefender)

SRV:64bit: - (AMD External Events Utility) -- C:WindowsSysNativeatiesrxx.exe (AMD)

SRV:64bit: - (Update Server) -- C:Program FilesCommon FilesBitdefenderBitdefender Arrakis Serverbinarrakis3.exe (BitDefender)

SRV:64bit: - (LBTServ) -- C:Program FilesCommon FilesLogiShrdBluetoothLBTServ.exe (Logitech, Inc.)

SRV:64bit: - (Belkin Local Backup Service) -- C:Program FilesBelkinBelkin USB Print and Storage CenterBkBackupScheduler.exe ()

SRV:64bit: - (Belkin Network USB Helper) -- C:Program FilesBelkinBelkin USB Print and Storage CenterBkapcs.exe ()

SRV:64bit: - (AgereModemAudio) -- C:Program FilesLSI SoftModemagr64svc.exe (LSI Corporation)

SRV:64bit: - (WinDefend) -- C:Program FilesWindows DefenderMpSvc.dll (Microsoft Corporation)

SRV - (MBAMService) -- C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (Malwarebytes Corporation)

SRV - (Steam Client Service) -- C:Program Files (x86)Common FilesSteamSteamService.exe (Valve Corporation)

SRV - (TeamViewer7) -- C:Program Files (x86)TeamViewerVersion7TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (npggsvc) -- C:WindowsSysWow64GameMon.des (INCA Internet Co., Ltd.)

SRV - (TeamViewer6) -- C:Program Files (x86)TeamViewerVersion6TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (RaMediaServer) -- C:Program Files (x86)RalinkCommonRaMediaServer.exe ()

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:Program Files (x86)WinPcaprpcapd.exe (CACE Technologies, Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe (Microsoft Corporation)

SRV - (FreeAgentGoNext Service) -- C:Program Files (x86)SeagateSeagateManagerSyncFreeAgentService.exe (Seagate Technology LLC)

SRV - (clr_optimization_v2.0.50727_32) -- C:WindowsMicrosoft.NETFrameworkv2.0.50727mscorsvw.exe (Microsoft Corporation)

SRV - (IAANTMON) Intel® -- C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTmon.exe (Intel Corporation)

SRV - (HPSLPSVC) -- C:Program Files (x86)HPDigital ImagingbinHPSLPSVC64.DLL (Hewlett-Packard Co.)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - (bdsandbox) -- C:WindowsSysNativedriversbdsandbox.sys (BitDefender SRL)

DRV:64bit: - (avckf) -- C:WindowsSysNativeDRIVERSavckf.sys (BitDefender)

DRV:64bit: - (avc3) -- C:WindowsSysNativeDRIVERSavc3.sys (BitDefender)

DRV:64bit: - (bdfsfltr) -- C:WindowsSysNativeDRIVERSbdfsfltr.sys (BitDefender)

DRV:64bit: - (MBAMProtector) -- C:WindowsSysNativedriversmbam.sys (Malwarebytes Corporation)

DRV:64bit: - (amdkmdag) -- C:WindowsSysNativeDRIVERSatikmdag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdap) -- C:WindowsSysNativeDRIVERSatikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (avchv) -- C:WindowsSysNativeDRIVERSavchv.sys (BitDefender)

DRV:64bit: - (bdftdif) -- C:Program FilesCommon FilesBitdefenderBitdefender Firewallbdftdif.sys (BitDefender LLC)

DRV:64bit: - (BdfNdisf) -- c:Program FilesCommon FilesBitdefenderBitdefender Firewallbdfndisf6.sys (BitDefender LLC)

DRV:64bit: - (netr28x) -- C:WindowsSysNativeDRIVERSnetr28x.sys (Ralink Technology, Corp.)

DRV:64bit: - (trufos) -- C:WindowsSysNativeDRIVERStrufos.sys (BitDefender S.R.L.)

DRV:64bit: - (AtiHDAudioService) -- C:WindowsSysNativedriversAtihdLH6.sys (Advanced Micro Devices)

DRV:64bit: - (RTL8169) -- C:WindowsSysNativeDRIVERSRtlh64.sys (Realtek )

DRV:64bit: - (LMouFilt) -- C:WindowsSysNativeDRIVERSLMouFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LEqdUsb) -- C:WindowsSysNativeDRIVERSLEqdUsb.Sys (Logitech, Inc.)

DRV:64bit: - (LHidFilt) -- C:WindowsSysNativeDRIVERSLHidFilt.Sys (Logitech, Inc.)

DRV:64bit: - (LHidEqd) -- C:WindowsSysNativeDRIVERSLHidEqd.Sys (Logitech, Inc.)

DRV:64bit: - (USBAAPL64) -- C:WindowsSysNativeDriversusbaapl64.sys (Apple, Inc.)

DRV:64bit: - (cpuz135) -- C:WindowsSysNativedriverscpuz135_x64.sys (CPUID)

DRV:64bit: - (taphss) -- C:WindowsSysNativeDRIVERStaphss.sys (AnchorFree Inc)

DRV:64bit: - (NPF) -- C:WindowsSysNativedriversnpf.sys (CACE Technologies, Inc.)

DRV:64bit: - (jumi) -- C:WindowsSysNativeDRIVERSjumi.sys (Windows ® Codename Longhorn DDK provider)

DRV:64bit: - (AgereSoftModem) -- C:WindowsSysNativeDRIVERSagrsm64.sys (LSI Corporation)

DRV:64bit: - (BDVEDISK) -- C:WindowsSysNativeDRIVERSbdvedisk.sys (BitDefender)

DRV:64bit: - (WpdUsb) -- C:WindowsSysNativeDRIVERSwpdusb.sys (Microsoft Corporation)

DRV:64bit: - (sxuptp) -- C:WindowsSysNativeDRIVERSsxuptp.sys (silex technology, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:WindowsSysNativeDRIVERSGEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (hamachi) -- C:WindowsSysNativeDRIVERShamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (igfx) -- C:WindowsSysNativeDRIVERSigdkmd64.sys (Intel Corporation)

DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:Program FilesPC-Doctor for Windowspcdsrvc_x64.pkms (PC-Doctor, Inc.)

DRV:64bit: - (iaStor) -- C:WindowsSysNativedriversiastor.sys (Intel Corporation)

DRV:64bit: - (StillCam) -- C:WindowsSysNativeDRIVERSserscan.sys (Microsoft Corporation)

DRV:64bit: - (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM) -- C:WindowsSysNativeDRIVERSvrtaucbl.sys (Eugene V. Muzychenko)

DRV:64bit: - (emAudio) -- C:WindowsSysNativedriversemAudio64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (DCamUSBEMPIA) -- C:WindowsSysNativeDRIVERSemDevice64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (FiltUSBEMPIA) -- C:WindowsSysNativeDRIVERSemFilter64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (ScanUSBEMPIA) -- C:WindowsSysNativeDRIVERSemScan64.sys (eMPIA Technology, Inc.)

DRV:64bit: - (MarvinBus) -- C:WindowsSysNativeDRIVERSMarvinBus64.sys (Pinnacle Systems GmbH)

DRV - (speedfan) -- C:WindowsSysWOW64speedfan.sys (Almico Software)

DRV - (NPPTNT2) -- C:WindowsSysWOW64npptNT2.sys (INCA Internet Co., Ltd.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE:64bit: - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cndt

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm

IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page =

 

 

IE - HKU.DEFAULTSoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

IE - HKUS-1-5-18SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

 

 

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMain,Start Page =

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftInternet ExplorerMain,StartPageCache = 1

IE - HKUS-1-5-21-695846412-1422135498-510312126-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.selectedEngine: ""

 

FF:64bit: - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:Windowssystem32MacromedFlashNPSWF64_11_1_102.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@java.com/DTPlugin,version=10.2.1: C:Windowssystem32npDeployJava1.dll File not found

FF:64bit: - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin,version=10.2.0: C:Program FilesJavajre7binnew_pluginnpjp2.dll (Oracle Corporation)

FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:WindowsSysWOW64MacromedFlashNPSWF32.dll ()

FF - HKLMSoftwareMozillaPlugins@adobe.com/ShockwavePlayer: C:Windowssystem32AdobeDirectornp32dsw.dll (Adobe Systems, Inc.)

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=: File not found

FF - HKLMSoftwareMozillaPlugins@Apple.com/iTunes,version=1.0: C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll ()

FF - HKLMSoftwareMozillaPlugins@divx.com/DivX Browser Plugin,version=1.0.0: C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

FF - HKLMSoftwareMozillaPlugins@divx.com/DivX VOD Helper,version=1.0.0: C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll (DivX, LLC.)

FF - HKLMSoftwareMozillaPlugins@java.com/JavaPlugin: C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll (Sun Microsystems, Inc.)

FF - HKLMSoftwareMozillaPlugins@meadco.com/neptune plugin,version=2.0.0.29: C:PROGRA~2MEADCO~1npmeadax.dll (MeadCo Corp.)

FF - HKLMSoftwareMozillaPlugins@Microsoft.com/NpCtrl,version=1.0: c:Program Files (x86)Microsoft Silverlight4.0.60831.0npctrl.dll ( Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@microsoft.com/WPF,version=3.5: c:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll (Microsoft Corporation)

FF - HKLMSoftwareMozillaPlugins@pandonetworks.com/PandoWebPlugin: C:Program Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll (Pando Networks)

FF - HKLMSoftwareMozillaPlugins@soe.sony.com/installer,version=1.0.3: C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{000F1EA4-5E08-4564-A29B-29076F63A37A}pluginsnpsoe.dll ()

FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=3: C:UsersZachAppDataLocalGoogleUpdate1.3.21.99npGoogleUpdate3.dll (Google Inc.)

FF - HKCUSoftwareMozillaPlugins@tools.google.com/Google Update;version=9: C:UsersZachAppDataLocalGoogleUpdate1.3.21.99npGoogleUpdate3.dll (Google Inc.)

FF - HKCUSoftwareMozillaPlugins@unity3d.com/UnityPlayer,version=1.0: C:UsersZachAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll (Unity Technologies ApS)

FF - HKCUSoftwareMozillaPluginspandonetworks.com/PandoWebPlugin: C:Program Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll (Pando Networks)

 

64bit-FF - HKEY_LOCAL_MACHINEsoftwaremozillaThunderbirdExtensionsbdThunderbird@bitdefender.com: C:PROGRAM FILESBITDEFENDERBITDEFENDER 2012BDTBEXT [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:Program Files (x86)DivXDivX Plus Web Playerfirefoxhtml5video [2011/04/07 16:02:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaFirefoxExtensions{6904342A-8307-11DF-A508-4AE2DFD72085}: C:Program Files (x86)DivXDivX Plus Web Playerfirefoxwpa [2011/04/07 16:02:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 8.0.1extensionsComponents: C:Program Files (x86)Mozilla Firefoxcomponents [2012/01/25 16:20:58 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaMozilla Firefox 8.0.1extensionsPlugins: C:Program Files (x86)Mozilla Firefoxplugins [2012/01/30 15:13:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINEsoftwaremozillaThunderbirdExtensionsbdThunderbird@bitdefender.com: C:Program FilesBitdefenderBitdefender 2012bdtbext [2011/11/16 14:51:20 | 000,000,000 | ---D | M]

 

[2010/09/21 19:06:45 | 000,000,000 | ---D | M] (No name found) -- C:UsersZachAppDataRoamingMozillaExtensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] (No name found) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions

[2011/12/17 11:29:10 | 000,000,000 | ---D | M] () -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{000F1EA4-5E08-4564-A29B-29076F63A37A}

[2010/09/24 14:53:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{20a82645-c095-46ed-80e3-08825760534b}

[2011/06/20 20:39:48 | 000,000,000 | ---D | M] (HP Detect) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensions{ab91efd4-6975-4081-8552-1b3922ed79e2}

[2011/05/03 18:58:47 | 000,000,000 | ---D | M] (cacaoweb) -- C:UsersZachAppDataRoamingMozillaFirefoxProfiles8dcmsll8.defaultextensionscacaoweb@cacaoweb.org

[2012/02/07 19:06:09 | 000,000,000 | ---D | M] (No name found) -- C:Program Files (x86)Mozilla Firefoxextensions

[2012/01/03 03:15:22 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:Program Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011/08/29 17:38:33 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2012/02/07 19:06:09 | 000,000,000 | ---D | M] (Java Console) -- C:Program Files (x86)Mozilla Firefoxextensions{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011/11/20 21:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:Program Files (x86)mozilla firefoxcomponentsbrowsercomps.dll

[2012/02/07 19:05:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:Program Files (x86)mozilla firefoxpluginsnpdeployJava1.dll

[2011/11/20 18:04:05 | 000,002,252 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginsbing.xml

[2011/11/20 18:04:05 | 000,002,040 | ---- | M] () -- C:Program Files (x86)mozilla firefoxsearchpluginstwitter.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:WindowsSysWOW64MacromedFlashNPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnpqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpdeployJava1.dll

CHR - plugin: Java Platform SE 6 U27 (Enabled) = C:Program Files (x86)Javajre6binnew_pluginnpjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:Program Files (x86)AdobeReader 9.0ReaderBrowsernppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:Program Files (x86)Microsoft Silverlight4.0.60531.0npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:Windowssystem32AdobeDirectornp32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnprpjplug.dll

CHR - plugin: RealNetworks RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprpchromebrowserrecordext.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:ProgramDataRealRealPlayerBrowserRecordPluginMozillaPluginsnprphtml5videoshim.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:Program Files (x86)Mozilla FirefoxpluginsNPOFF12.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:UsersZachAppDataLocalGoogleChromeApplication15.0.874.121pdf.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:Program Files (x86)Mozilla Firefoxpluginsnprjplug.dll

CHR - plugin: MeadCo's Neptune (Enabled) = C:PROGRA~2MEADCO~1npmeadax.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:Program Files (x86)DivXDivX OVS Helpernpovshelper.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:Program Files (x86)iTunesMozilla Pluginsnpitunes.dll

CHR - plugin: Unity Player (Enabled) = C:UsersZachAppDataLocalLowUnityWebPlayerloadernpUnity3D32.dll

CHR - plugin: Google Update (Enabled) = C:UsersZachAppDataLocalGoogleUpdate1.3.21.69npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:WindowsMicrosoft.NETFrameworkv3.5Windows Presentation FoundationNPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: DivX HiQ = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsfnjbmmemklcjgepojigaapkoodmkgbae2.1.1.94_0

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsjfmjfhklogoienhpfnppmbcbjfjnkonk1.5_0

CHR - Extension: Skype Click to Call = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl5.6.0.8442_0

CHR - Extension: DivX Plus Web Player HTML5 u003Cvideou003E = C:UsersZachAppDataLocalGoogleChromeUser DataDefaultExtensionsnneajnkjbffgblleaoojgaacokifdkhm2.1.1.94_0

 

O1 HOSTS File: ([2012/01/31 15:14:32 | 000,000,098 | ---- | M]) - C:WindowsSysNativedriversetcHosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre7binjp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:Program Files (x86)Hotspot ShieldHssIEHssIE_64.dll File not found

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:Program Files (x86)Orbitdownloaderorbitcth.dll (Orbitdownloader.com)

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:Program Files (x86)DivXDivX Plus Web Playernpdivx32.dll (DivX, LLC)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll (Microsoft Corp.)

O3 - HKLM..Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:Program Files (x86)MSNToolbar3.0.0552.0msneshellx.dll (Microsoft Corp.)

O4:64bit: - HKLM..Run: [bDAgent] C:Program FilesBitdefenderBitdefender 2012bdagent.exe (Bitdefender)

O4:64bit: - HKLM..Run: [EvtMgr6] C:Program FilesLogitechSetPointPSetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..Run: [HotKeysCmds] C:WindowsSysNativehkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [iAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [igfxTray] C:WindowsSysNativeigfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [Persistence] C:WindowsSysNativeigfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..Run: [smartMenu] C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe (Hewlett-Packard)

O4 - HKLM..Run: [hpsysdrv] c:Program Files (x86)Hewlett-PackardHP Odometerhpsysdrv.exe (Hewlett-Packard)

O4 - HKLM..Run: [Malwarebytes' Anti-Malware] C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (Malwarebytes Corporation)

O4 - HKLM..Run: [startCCC] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..Run: [updateLBPShortCut] c:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updateP2GoShortCut] c:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updatePDIRShortCut] c:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [updatePSTShortCut] c:Program Files (x86)CyberLinkCyberLink DVD Suite DeluxeMUITransferMUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..Run: [WinampAgent] "C:Program Files (x86)Winampwinampa.exe" File not found

O4 - HKUS-1-5-19..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-19..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [sidebar] C:Program Files (x86)Windows SidebarSidebar.exe (Microsoft Corporation)

O4 - HKUS-1-5-20..Run: [WindowsWelcomeCenter] C:WindowsSysWow64oobefldr.dll (Microsoft Corporation)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:Program Files (x86)Common FilesAheadLibNMBgMonitor.exe (Nero AG)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [JumiController] File not found

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [uTorrent] C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent, Inc.)

O4 - HKUS-1-5-21-695846412-1422135498-510312126-1000..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe File not found

O4 - HKLM..RunOnce: [AvgUninstallURL] C:WindowsSysWow64cmd.exe (Microsoft Corporation)

O4 - Startup: C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDropbox.lnk = C:UsersZachAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc.)

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktop = 1

O6 - HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: &Download by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: &Grab video by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8:64bit: - Extra context menu item: Down&load all by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Download by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:Program Files (x86)Orbitdownloaderorbitmxt.dll (Orbitdownloader.com)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:Program Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5Catalog_Entries64000000000007 [] - C:Program FilesBonjourmdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5Catalog_Entries000000000007 [] - C:Program Files (x86)BonjourmdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)

O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll (PCPitstop Exam)

O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.0.1 205.171.3.25

O17 - HKLMSystemCCSServicesTcpipParametersInterfaces{8AC38E91-358B-4B65-A39D-007F67156745}: DhcpNameServer = 192.168.0.1 205.171.3.25

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:Windowsexplorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) - C:WindowsSysNativeuserinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:WindowsSysWow64explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:Windowssystem32userinit.exe) -C:WindowsSysWOW64userinit.exe (Microsoft Corporation)

O20:64bit: - WinlogonNotifyigfxcui: DllName - (igfxdev.dll) - C:WindowsSysNativeigfxdev.dll (Intel Corporation)

O24 - Desktop WallPaper: C:UsersZachAppDataRoamingMicrosoftWindows Photo GalleryWindows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:UsersZachAppDataRoamingMicrosoftWindows Photo GalleryWindows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM..comfile [open] -- "%1" %*

O35:64bit: - HKLM..exefile [open] -- "%1" %*

O35 - HKLM..comfile [open] -- "%1" %*

O35 - HKLM..exefile [open] -- "%1" %*

O37:64bit: - HKLM...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM...exe [@ = exefile] -- "%1" %*

O37 - HKLM...com [@ = comfile] -- "%1" %*

O37 - HKLM...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/02/07 19:06:25 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesJava

[2012/02/07 19:06:07 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaws.exe

[2012/02/07 19:06:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64javaw.exe

[2012/02/07 19:06:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:WindowsSysWow64java.exe

[2012/02/07 19:05:49 | 000,000,000 | ---D | C] -- C:Program Files (x86)Java

[2012/02/06 21:02:10 | 000,000,000 | ---D | C] -- C:UsersZachDesktop0223 - Animal Crossing - Wild World (U)(SCZ)

[2012/02/06 21:01:13 | 000,000,000 | ---D | C] -- C:UsersZachDesktopNO$GBA 2.6a + NO$Zoomer 2.3.0.1

[2012/02/05 16:06:37 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingEurekaLog

[2012/02/05 16:06:09 | 003,993,576 | ---- | C] (INCA Internet Co., Ltd.) -- C:WindowsSysWow64GameMon.des

[2012/02/05 16:05:33 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:WindowsSysWow64npptNT2.sys

[2012/02/05 16:05:27 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesINCA Shared

[2012/02/05 16:01:09 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsGamesCampus

[2012/02/05 16:01:07 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsGamesCampus

[2012/02/05 16:00:39 | 000,000,000 | ---D | C] -- C:GamesCampus

[2012/02/05 15:26:25 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalPMB Files

[2012/02/05 15:26:22 | 000,000,000 | ---D | C] -- C:ProgramDataPMB Files

[2012/02/05 15:26:03 | 000,000,000 | ---D | C] -- C:Program Files (x86)Pando Networks

[2012/02/03 21:22:04 | 000,000,000 | ---D | C] -- C:ProgramDataBDLogging

[2012/02/03 19:50:30 | 000,000,000 | ---D | C] -- C:Program Files (x86)Microsoft XNA

[2012/02/03 19:37:15 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsZachtronics Industries

[2012/02/03 19:37:15 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsZachtronics Industries

[2012/02/03 19:37:15 | 000,000,000 | ---D | C] -- C:Program Files (x86)Zachtronics Industries

[2012/02/01 17:50:51 | 000,000,000 | ---D | C] -- C:ProgramDataRELOADED

[2012/02/01 17:25:31 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalSKIDROW

[2012/02/01 17:25:29 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsStronghold 3

[2012/02/01 17:22:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_7.dll

[2012/02/01 17:22:44 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_7.dll

[2012/02/01 17:22:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_7.dll

[2012/02/01 17:22:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_7.dll

[2012/02/01 17:22:44 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_5.dll

[2012/02/01 17:22:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_5.dll

[2012/02/01 17:22:43 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_43.dll

[2012/02/01 17:22:43 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_43.dll

[2012/02/01 17:22:43 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_43.dll

[2012/02/01 17:22:43 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_43.dll

[2012/02/01 17:22:42 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_43.dll

[2012/02/01 17:22:42 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_43.dll

[2012/02/01 17:22:41 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_43.dll

[2012/02/01 17:22:41 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_43.dll

[2012/02/01 17:22:41 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_43.dll

[2012/02/01 17:22:41 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_43.dll

[2012/02/01 17:22:40 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_6.dll

[2012/02/01 17:22:40 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_6.dll

[2012/02/01 17:22:40 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_4.dll

[2012/02/01 17:22:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_4.dll

[2012/02/01 17:22:39 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_6.dll

[2012/02/01 17:22:39 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_6.dll

[2012/02/01 17:22:39 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_7.dll

[2012/02/01 17:22:39 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_7.dll

[2012/02/01 17:22:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_5.dll

[2012/02/01 17:22:37 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_5.dll

[2012/02/01 17:22:29 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_41.dll

[2012/02/01 17:22:29 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_41.dll

[2012/02/01 17:22:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_41.dll

[2012/02/01 17:22:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_41.dll

[2012/02/01 17:22:26 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_4.dll

[2012/02/01 17:22:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_4.dll

[2012/02/01 17:22:25 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_4.dll

[2012/02/01 17:22:25 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_4.dll

[2012/02/01 17:22:22 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_40.dll

[2012/02/01 17:22:21 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_2.dll

[2012/02/01 17:22:21 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_2.dll

[2012/02/01 17:22:21 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_1.dll

[2012/02/01 17:22:21 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_1.dll

[2012/02/01 17:22:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_2.dll

[2012/02/01 17:22:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_2.dll

[2012/02/01 17:22:17 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_39.dll

[2012/02/01 17:22:17 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_39.dll

[2012/02/01 17:22:17 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_39.dll

[2012/02/01 17:22:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_39.dll

[2012/02/01 17:22:15 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_39.dll

[2012/02/01 17:22:15 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_39.dll

[2012/02/01 17:22:14 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_0.dll

[2012/02/01 17:22:14 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_0.dll

[2012/02/01 17:22:13 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_1.dll

[2012/02/01 17:22:13 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_1.dll

[2012/02/01 17:22:13 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_1.dll

[2012/02/01 17:22:13 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_1.dll

[2012/02/01 17:22:12 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_4.dll

[2012/02/01 17:22:12 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_4.dll

[2012/02/01 17:22:10 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_38.dll

[2012/02/01 17:22:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_38.dll

[2012/02/01 17:22:10 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_38.dll

[2012/02/01 17:22:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_38.dll

[2012/02/01 17:22:08 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_38.dll

[2012/02/01 17:22:08 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_38.dll

[2012/02/01 17:22:07 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_0.dll

[2012/02/01 17:22:07 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_0.dll

[2012/02/01 17:22:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine3_0.dll

[2012/02/01 17:22:06 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine3_0.dll

[2012/02/01 17:22:06 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_3.dll

[2012/02/01 17:22:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_3.dll

[2012/02/01 17:22:04 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_37.dll

[2012/02/01 17:22:04 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_37.dll

[2012/02/01 17:22:04 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_37.dll

[2012/02/01 17:22:04 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_37.dll

[2012/02/01 17:22:02 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_37.dll

[2012/02/01 17:22:02 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_37.dll

[2012/02/01 17:22:01 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_10.dll

[2012/02/01 17:22:01 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_10.dll

[2012/02/01 17:21:59 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_36.dll

[2012/02/01 17:21:59 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_36.dll

[2012/02/01 17:21:59 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_36.dll

[2012/02/01 17:21:59 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_36.dll

[2012/02/01 17:21:57 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_36.dll

[2012/02/01 17:21:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_36.dll

[2012/02/01 17:21:56 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_9.dll

[2012/02/01 17:21:56 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_9.dll

[2012/02/01 17:21:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_35.dll

[2012/02/01 17:21:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_35.dll

[2012/02/01 17:21:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_35.dll

[2012/02/01 17:21:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_35.dll

[2012/02/01 17:21:52 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_35.dll

[2012/02/01 17:21:52 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_35.dll

[2012/02/01 17:21:50 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_8.dll

[2012/02/01 17:21:50 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_8.dll

[2012/02/01 17:21:50 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_2.dll

[2012/02/01 17:21:50 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_2.dll

[2012/02/01 17:21:49 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_34.dll

[2012/02/01 17:21:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_34.dll

[2012/02/01 17:21:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_34.dll

[2012/02/01 17:21:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_34.dll

[2012/02/01 17:21:47 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_34.dll

[2012/02/01 17:21:47 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_34.dll

[2012/02/01 17:21:46 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_7.dll

[2012/02/01 17:21:46 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_7.dll

[2012/02/01 17:21:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_33.dll

[2012/02/01 17:21:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_33.dll

[2012/02/01 17:21:44 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_33.dll

[2012/02/01 17:21:44 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_33.dll

[2012/02/01 17:21:43 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_33.dll

[2012/02/01 17:21:43 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_33.dll

[2012/02/01 17:21:41 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_6.dll

[2012/02/01 17:21:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_6.dll

[2012/02/01 17:21:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_5.dll

[2012/02/01 17:21:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_1.dll

[2012/02/01 17:21:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_1.dll

[2012/02/01 17:21:40 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10.dll

[2012/02/01 17:21:40 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10.dll

[2012/02/01 17:21:39 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_32.dll

[2012/02/01 17:21:39 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_32.dll

[2012/02/01 17:21:38 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_3.dll

[2012/02/01 17:21:38 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_3.dll

[2012/02/01 17:21:37 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_2.dll

[2012/02/01 17:21:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_2.dll

[2012/02/01 17:21:36 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_2.dll

[2012/02/01 17:21:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_2.dll

[2012/02/01 17:21:35 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_1.dll

[2012/02/01 17:21:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_1.dll

[2012/02/01 17:21:33 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_1.dll

[2012/02/01 17:21:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_1.dll

[2012/02/01 17:21:24 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_30.dll

[2012/02/01 17:21:24 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_30.dll

[2012/02/01 17:21:21 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_29.dll

[2012/02/01 17:21:21 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexactengine2_0.dll

[2012/02/01 17:21:21 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xactengine2_0.dll

[2012/02/01 17:21:21 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativex3daudio1_0.dll

[2012/02/01 17:21:21 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64x3daudio1_0.dll

[2012/02/01 17:21:18 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_28.dll

[2012/02/01 17:21:18 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_28.dll

[2012/02/01 17:21:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_27.dll

[2012/02/01 17:21:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_27.dll

[2012/02/01 17:21:15 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_26.dll

[2012/02/01 17:21:15 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_26.dll

[2012/02/01 17:21:13 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_25.dll

[2012/02/01 17:21:13 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_25.dll

[2012/02/01 17:21:10 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx9_24.dll

[2012/02/01 17:21:10 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_24.dll

[2012/02/01 17:15:45 | 000,000,000 | ---D | C] -- C:UsersZachDesktopNew Folder

[2012/01/31 21:06:35 | 000,000,000 | ---D | C] -- C:UsersZachDesktopMovies

[2012/01/31 15:14:29 | 000,000,000 | ---D | C] -- C:_OTL

[2012/01/30 15:30:56 | 000,000,000 | ---D | C] -- C:WindowsERDNT

[2012/01/30 15:30:17 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsERUNT

[2012/01/30 15:30:17 | 000,000,000 | ---D | C] -- C:Program Files (x86)ERUNT

[2012/01/29 20:18:44 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsStronghold 2

[2012/01/29 20:07:10 | 000,000,000 | ---D | C] -- C:UsersZachDesktopstronghold2_v1_41_update

[2012/01/29 20:04:30 | 000,000,000 | ---D | C] -- C:UsersZachDesktopFLV DL

[2012/01/29 19:57:48 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:WindowsSysWow64CmdLineExt.dll

[2012/01/29 00:39:28 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalGeckofx

[2012/01/29 00:39:18 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingFirefly Studios

[2012/01/29 00:39:15 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsStronghold Kingdoms

[2012/01/29 00:33:33 | 000,000,000 | ---D | C] -- C:ProgramDataFirefly Studios

[2012/01/29 00:31:46 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAudio2_5.dll

[2012/01/29 00:31:46 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAudio2_5.dll

[2012/01/29 00:31:46 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeXAPOFX1_3.dll

[2012/01/29 00:31:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64XAPOFX1_3.dll

[2012/01/29 00:31:45 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dcsx_42.dll

[2012/01/29 00:31:45 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dcsx_42.dll

[2012/01/29 00:31:45 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DCompiler_42.dll

[2012/01/29 00:31:45 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DCompiler_42.dll

[2012/01/29 00:31:44 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx10_42.dll

[2012/01/29 00:31:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx10_42.dll

[2012/01/29 00:31:44 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNatived3dx11_42.dll

[2012/01/29 00:31:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx11_42.dll

[2012/01/29 00:31:43 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeD3DX9_42.dll

[2012/01/29 00:31:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativeX3DAudio1_6.dll

[2012/01/29 00:31:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64X3DAudio1_6.dll

[2012/01/29 00:31:41 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:WindowsSysNativexinput1_3.dll

[2012/01/29 00:31:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64xinput1_3.dll

[2012/01/28 23:19:27 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsGameSpy Arcade

[2012/01/28 23:18:10 | 000,316,488 | ---- | C] (Softonic) -- C:UsersZachDesktopSoftonicDownloader_for_gamespy-arcade.exe

[2012/01/28 22:35:15 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsGameSpy Arcade

[2012/01/28 22:35:09 | 000,000,000 | ---D | C] -- C:Program Files (x86)GameSpy Arcade

[2012/01/28 22:31:51 | 000,000,000 | ---D | C] -- C:Program Files (x86)Firefly Studios

[2012/01/28 22:31:50 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefly Studios

[2012/01/28 21:01:27 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64D3DX9_42.dll

[2012/01/28 21:01:25 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64d3dx9_31.dll

[2012/01/28 21:00:39 | 000,000,000 | ---D | C] -- C:Program Files (x86)Winamp

[2012/01/28 20:57:18 | 000,058,624 | ---- | C] (Eugene V. Muzychenko) -- C:WindowsSysNativedriversvrtaucbl.sys

[2012/01/28 20:57:18 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsVirtual Audio Cable

[2012/01/28 20:57:18 | 000,000,000 | ---D | C] -- C:Program FilesVirtual Audio Cable

[2012/01/28 20:55:39 | 000,000,000 | ---D | C] -- C:UsersZachDesktopVirtual_Audio_Cable_4.08

[2012/01/28 13:09:55 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:UsersZachDesktopOTL.exe

[2012/01/28 13:06:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:UsersZachDesktopaswMBR.exe

[2012/01/28 11:59:36 | 000,000,000 | ---D | C] -- C:ProgramDataATI

[2012/01/28 11:59:03 | 000,000,000 | ---D | C] -- C:Program Files (x86)AMD APP

[2012/01/28 11:58:51 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsCatalyst Control Center

[2012/01/26 19:10:38 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsNeroVision

[2012/01/26 19:08:36 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsNero Home

[2012/01/26 19:07:21 | 000,000,000 | ---D | C] -- C:UsersZachAppDataLocalAhead

[2012/01/26 19:07:13 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsNero 7 Ultra Edition

[2012/01/26 19:06:19 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingAhead

[2012/01/26 19:06:01 | 000,000,000 | ---D | C] -- C:ProgramDataAhead

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:ProgramDataNero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:Program Files (x86)Nero

[2012/01/26 19:04:54 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesAhead

[2012/01/26 18:10:59 | 000,000,000 | ---D | C] -- C:UsersZachDocumentsFFOutput

[2012/01/26 18:10:55 | 000,272,896 | ---- | C] (Progressive Networks) -- C:WindowsSysWow64pncrt.dll

[2012/01/26 18:10:08 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsFormatFactory

[2012/01/26 18:09:58 | 000,000,000 | ---D | C] -- C:Program Files (x86)FreeTime

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:Program Files (x86)Trend Micro

[2012/01/24 16:31:26 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingMicrosoftWindowsStart MenuProgramsHiJackThis

[2012/01/23 16:10:44 | 000,000,000 | ---D | C] -- C:UsersZachAppDataRoamingImgBurn

[2012/01/23 15:48:48 | 000,000,000 | ---D | C] -- C:UsersZachDesktopHirens.BootCD.15.1

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsImgBurn

[2012/01/23 15:46:20 | 000,000,000 | ---D | C] -- C:Program Files (x86)ImgBurn

[2012/01/23 15:45:45 | 006,055,875 | ---- | C] (LIGHTNING UK!) -- C:UsersZachDesktopSetupImgBurn_2.5.6.0.exe

[2012/01/23 15:08:29 | 000,000,000 | ---D | C] -- C:WindowsSun

[2012/01/21 23:15:52 | 000,508,520 | ---- | C] (Realtek ) -- C:WindowsSysNativedriversRtlh64.sys

[2012/01/21 23:15:52 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:WindowsSysNativeRTNUninst64.dll

[2012/01/21 23:15:52 | 000,074,344 | ---- | C] (Realtek Semiconductor Corporation) -- C:WindowsSysNativeRtNicProp64.dll

[2012/01/21 22:37:18 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:WindowsSysWow64CSVer.dll

[2012/01/21 22:31:03 | 000,000,000 | ---D | C] -- C:ProgramDataRalink

[2012/01/21 22:30:57 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsRalink Wireless

[2012/01/21 22:29:17 | 001,813,056 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysNativedriversnetr28x.sys

[2012/01/21 22:29:16 | 000,000,000 | ---D | C] -- C:ProgramDataRalink Driver

[2012/01/21 22:28:52 | 001,121,856 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysWow64RAIHV.dll

[2012/01/21 22:28:52 | 000,128,864 | ---- | C] (Ralink Technology, Corp.) -- C:WindowsSysWow64RAEXTUI.dll

[2012/01/21 22:28:52 | 000,000,000 | ---D | C] -- C:WindowsSysNativeRaLanguages

[2012/01/21 22:28:51 | 000,000,000 | ---D | C] -- C:Program Files (x86)Ralink

[2012/01/21 22:16:00 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSTSX64.dll

[2012/01/21 22:16:00 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:WindowsSysNativeSRSWOW64.dll

[2012/01/21 22:15:59 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkAPO64.dll

[2012/01/21 22:15:59 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtPgEx64.dll

[2012/01/21 22:15:59 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRTSnMg64.cpl

[2012/01/21 22:15:59 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtlCPAPI64.dll

[2012/01/21 22:15:59 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkCfg64.dll

[2012/01/21 22:15:59 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkCoLDR64.dll

[2012/01/21 22:15:58 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRtkApi64.dll

[2012/01/21 22:15:58 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRTCOM64.dll

[2012/01/21 22:15:58 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEP64A.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DHT64.dll

[2012/01/21 22:15:58 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRP3DAA64.dll

[2012/01/21 22:15:58 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEED64A.dll

[2012/01/21 22:15:58 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEL64A.dll

[2012/01/21 22:15:58 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsSysNativeRCoInstII64.dll

[2012/01/21 22:15:58 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:WindowsSysNativeRTEEG64A.dll

[2012/01/21 22:15:52 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:WindowsSysNativeFMAPO64.dll

[2012/01/21 22:15:52 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:WindowsSysNativeAERTAC64.dll

[2012/01/21 22:15:52 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:WindowsSysNativeAERTAR64.dll

[2012/01/21 22:15:32 | 001,698,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:WindowsRtlExUpd.dll

[2012/01/21 22:14:38 | 000,000,000 | ---D | C] -- C:Program Files (x86)Common FilesInstallShield

[2012/01/20 16:47:32 | 000,000,000 | ---D | C] -- C:ProgramDataMicrosoftWindowsStart MenuProgramsiTunes

[2012/01/20 16:47:07 | 000,000,000 | ---D | C] -- C:Program FilesiPod

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:Program FilesiTunes

[2012/01/20 16:47:05 | 000,000,000 | ---D | C] -- C:Program Files (x86)iTunes

[2012/01/14 17:54:52 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dat

[2012/01/14 17:54:52 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64inetcpl.cpl

[2012/01/14 17:54:52 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieapfltr.dll

[2012/01/14 17:54:52 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64html.iec

[2012/01/14 17:54:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64url.dll

[2012/01/14 17:54:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64ieui.dll

[2012/01/14 17:54:52 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64msrating.dll

[2012/01/14 17:54:52 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64iesysprep.dll

[2012/01/14 17:54:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64SetIEInstalledDate.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:WindowsSysWow64RegisterIEPKEYs.exe

[2012/01/14 17:54:52 | 000,074,752 | ---- | C] (Microsoft Cor

Link to comment
Share on other sites

OTL Extras logfile created on: 2/10/2012 3:50:53 PM - Run 3

OTL by OldTimer - Version 3.2.31.0 Folder = C:UsersZachDesktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

6.00 Gb Total Physical Memory | 3.92 Gb Available Physical Memory | 65.28% Memory free

12.18 Gb Paging File | 9.59 Gb Available in Paging File | 78.76% Paging File free

Paging file location(s): ?:pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:Windows | %ProgramFiles% = C:Program Files (x86)

Drive C: | 582.50 Gb Total Space | 306.30 Gb Free Space | 52.58% Space Free | Partition Type: NTFS

Drive D: | 13.67 Gb Total Space | 2.16 Gb Free Space | 15.79% Space Free | Partition Type: NTFS

Drive E: | 1.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

 

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

.html[@ = htmlfile] -- C:Program FilesInternet ExplorerIEXPLORE.EXE (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:WindowsSysNativerundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINESOFTWAREClasses<extension>]

.cpl [@ = cplfile] -- C:WindowsSysWow64control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:Program FilesInternet ExplorerIEXPLORE.EXE (Microsoft Corporation)

 

[HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREClasses<extension>]

.html [@ = FirefoxHTML] -- C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:Program FilesInternet ExplorerIEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:WindowsSystem32rundll32.exe" "C:WindowsSystem32mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINESOFTWAREClasses<key>shell[command]command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%System32control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:Program FilesInternet ExplorerIEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%System32InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%system32rundll32.exe %SystemRoot%system32shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoring]

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

"VistaSp2" = 90 9B F7 39 36 5C CB 01 [binary data]

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvcVol]

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center]

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterSvc]

"oobe_av" = 1

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyPublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList]

"C:Program Files (x86)Orbitdownloaderorbitdm.exe" = C:Program Files (x86)Orbitdownloaderorbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)Orbitdownloaderorbitnet.exe" = C:Program Files (x86)Orbitdownloaderorbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)xchatxchat.exe" = C:Program Files (x86)xchatxchat.exe:*:Enabled:XChat IRC Client -- ()

"C:Program Files (x86)Orbitdownloaderorbitdm.exe" = C:Program Files (x86)Orbitdownloaderorbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)Orbitdownloaderorbitnet.exe" = C:Program Files (x86)Orbitdownloaderorbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:Program Files (x86)xchatxchat.exe" = C:Program Files (x86)xchatxchat.exe:*:Enabled:XChat IRC Client -- ()

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyFirewallRules]

"{131CF278-B7D9-4143-B71F-BCD05AF44300}" = protocol=17 | dir=in | app=c:program files (x86)pando networksmedia boosterpmb.exe |

"{40271634-C30A-4CF4-B681-FB33E1BCCFE6}" = dir=in | app=c:program files (x86)pando networksmedia boosterpmb.exe |

"{43710057-072E-4AF4-AFAA-18484A25DF12}" = protocol=6 | dir=in | app=c:program files (x86)pando networksmedia boosterpmb.exe |

"{56E4B79C-39FD-4EF0-B6AB-85446299E0E0}" = protocol=17 | dir=in | app=c:program files (x86)pando networksmedia boosterpmb.exe |

"{73E68C03-C337-42FD-8B7C-D31A98F66516}" = protocol=6 | dir=in | app=c:program files (x86)pando networksmedia boosterpmb.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{240FCE0B-F553-4ab3-9C7B-3CD082FCA117}" = NetDeviceManager64

"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java 7 Update 2 (64-bit)

"{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{35B226DA-E3F6-21FD-31AB-0046C6E87043}" = ATI Problem Report Wizard

"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes

"{5F240DB8-0D74-4F13-86C3-929760392A8D}" = HP Remote Software

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java SE Development Kit 7 Update 2 (64-bit)

"{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}" = HP Officejet All-In-One Series

"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel

"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64

"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B45B5123-C009-F8B4-FE93-45B42C8A786F}" = ATI AVIVO64 Codecs

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector

"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud

"{D2E8F543-D23A-4A38-AFFC-4BDEBFBA6FDA}" = HP MediaSmart SmartMenu

"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148

"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"3921FF37F830F5D806C272CFE7BE2D77C3DDC8CF" = Windows Driver Package - Pinnacle Systems (BENDER) Media (11/21/2006 2.0.19.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem

"Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center

"Bitdefender" = Bitdefender Total Security 2012

"CCleaner" = CCleaner

"CPUID HWMonitor_is1" = CPUID HWMonitor 1.18

"HDMI" = Intel® Graphics Media Accelerator Driver

"HP Document Manager" = HP Document Manager 1.0

"HP Imaging Device Functions" = HP Imaging Device Functions 10.0

"HP Photosmart Essential" = HP Photosmart Essential 2.5

"HP Smart Web Printing" = HP Smart Web Printing

"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0

"HPExtendedCapabilities" = HP Customer Participation Program 10.0

"HPOCR" = OCR Software by I.R.I.S. 10.0

"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1

"OfficeTrial" = Microsoft Office Home and Student 60 day trial

"PC-Doctor for Windows" = Hardware Diagnostic Tools

"Shop for HP Supplies" = Shop for HP Supplies

"SP6" = Logitech SetPoint 6.32

"Speccy" = Speccy

"Virtual Audio Cable 4.8" = Virtual Audio Cable 4.8

"WinRAR archiver" = WinRAR 4.00 beta 4 (64-bit)

 

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.0.0

"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional

"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext

"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian

"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French

"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox

"{1147FF9A-D576-4cb5-B5E7-FCA21D1E7D26}" = J4680

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish

"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe

"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService

"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status

"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English

"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29

"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish

"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding

"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)

"{30C01299-554C-4B62-BD0F-849F43E01C91}_is1" = Pokemon World Online version 1.81

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE

"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help

"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant

"{3825B383-7880-48C8-AADD-49B0D764B151}" = 4660_4680_Help

"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0

"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg

"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese

"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50802F8E-03B4-479D-A643-16DE5A3586CB}" = BPDSoftware_Ini

"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery

"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5828A6FD-32BC-46E2-AC81-5AD9D866F48F}" = Pinnacle Bender 64-bit

"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp

"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm

"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard

"{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}" = AMD System Monitor

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software

"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan

"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger

"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian

"{85725958-E3A1-4D0F-862B-4CE4EDC71A5E}_is1" = Minecraft Note Block Studio version 3.1.0

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese

"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1

"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS

"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy

"{A3B31D43-75F4-4CF4-8330-6DE62C3540FA}_is1" = Standalone Flash Player 1.2

"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter

"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax

"{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All

"{AE469025-08BA-4B2A-915D-CC7765132419}" = Default Manager

"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B80BE2E3-EA77-53D4-7A56-C53D452E6D50}" = HydraVision

"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer

"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply

"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5

"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish

"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser

"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean

"{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = Catalyst Control Center

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C79BF5BB-5671-41C0-A028-E9A2097D1AAD}" = Microsoft Live Search Toolbar

"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg

"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek

"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition

"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12

"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D1D632A2-E249-466D-A094-B1B934D37645}_is1" = Stronghold Kingdoms

"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch

"{D3737952-FF6E-4E72-BDEE-B0DC1C69F80B}" = BPD_HPSU

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component

"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag

"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar

"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch

"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai

"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari

"{F4EAEBEA-3E46-43b8-A63C-AD180AE86918}" = BPDSoftware

"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Afterburner" = MSI Afterburner 2.1.0

"Any Video Converter_is1" = Any Video Converter 3.2.7

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser

"CraftBukkit v8.2" = CraftBukkit v8.2

"DivX Setup.divx.com" = DivX Setup

"ERUNT_is1" = ERUNT 1.1j

"FLV Player" = FLV Player 2.0 (build 25)

"FormatFactory" = FormatFactory 2.90

"Fraps" = Fraps

"FrostWire" = FrostWire 4.21.8

"GameSpy Arcade" = GameSpy Arcade

"Handbrake" = Handbrake 0.9.4

"ImgBurn" = ImgBurn

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe

"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000

"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)

"Notepad++" = Notepad++

"Orbit_is1" = Orbit Downloader

"Privoxy" = Privoxy (remove only)

"pywin32-py2.6" = Python 2.6 pywin32-212

"Revo Uninstaller" = Revo Uninstaller 1.91

"ShotOnline" = ShotOnline

"SpeedFan" = SpeedFan (remove only)

"Steam App 550" = Left 4 Dead 2

"Steam App 8980" = Borderlands

"Steam App 99900" = Spiral Knights

"Stronghold 3_is1" = Stronghold 3

"TeamViewer 6" = TeamViewer 6

"TeamViewer 7" = TeamViewer 7

"TVersity Codec Pack" = TVersity Codec Pack 1.2

"uTorrent" = µTorrent

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.2

"World of Warcraft" = World of Warcraft

"xchat" = XChat 2 (remove only)

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERSS-1-5-21-695846412-1422135498-510312126-1000SOFTWAREMicrosoftWindowsCurrentVersionUninstall]

"090215de958f1060" = Curse Client

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

"UnityWebPlayer" = Unity Web Player

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10/25/2011 6:11:22 PM | Computer Name = Zach-PC | Source = Bonjour Service | ID = 100

Description = 456: ERROR: read_msg errno 10054 (An existing connection was forcibly

closed by the remote host.)

 

Error - 10/25/2011 6:11:22 PM | Computer Name = Zach-PC | Source = Bonjour Service | ID = 100

Description = 464: ERROR: read_msg errno 10054 (An existing connection was forcibly

closed by the remote host.)

 

Error - 10/26/2011 4:52:32 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/26/2011 6:12:29 PM | Computer Name = Zach-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 10/27/2011 4:54:05 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/27/2011 7:33:25 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 10/27/2011 11:25:49 PM | Computer Name = Zach-PC | Source = Application Hang | ID = 1002

Description = The program javaw.exe version 7.0.0.147 stopped interacting with Windows

and was closed. To see if more information about the problem is available, check

the problem history in the Problem Reports and Solutions control panel. Process

ID: de4 Start Time: 01cc95211e0913af Termination Time: 75

 

Error - 10/27/2011 11:44:02 PM | Computer Name = Zach-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 10/28/2011 12:11:13 AM | Computer Name = Zach-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 10/28/2011 5:50:47 PM | Computer Name = Zach-PC | Source = WinMgmt | ID = 10

Description =

 

[ System Events ]

Error - 2/8/2012 6:47:28 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 2/8/2012 6:47:28 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7026

Description =

 

Error - 2/8/2012 10:30:15 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2/8/2012 10:30:57 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7034

Description =

 

Error - 2/10/2012 6:07:45 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2/10/2012 6:07:45 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2/10/2012 6:07:45 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7000

Description =

 

Error - 2/10/2012 6:07:45 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7009

Description =

 

Error - 2/10/2012 6:08:29 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 2/10/2012 6:08:29 PM | Computer Name = Zach-PC | Source = Service Control Manager | ID = 7026

Description =

 

 

< End of report >

Link to comment
Share on other sites

Hi. :)

 

Carry out the below for myself please and post the resulting log for my review, thank you.

 

Check Hard Disk For Errors:

  • Open Notepad.
  • Copy and Paste everything from the Quote Box below into Notepad:(do not copy the word quote)

@Echo off

cmd /c chkdsk c: |find /v "percent" >> "%userprofile%desktopcheckhd.txt"

del %0

  • Go to File >> Save As
  • Save File name as "Dakeyras.bat" <-- Make sure to include the quotes.
  • Change Save as Type to All Files and save the file to your Desktop.
  • It should look similar to this: Posted Image
Now right-click on the desktop Dakeyras.bat and select Run as Administrator to run the batch file. It will self-delete when completed.

 

A blank command window will open on your Desktop, then close in a few minutes. This is normal.

 

A file icon named checkhd.txt should appear on your Desktop. Please post the contents of this file in your next reply.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share


×
×
  • Create New...