This topic is locked
Im glad my friend recommended this forum.
i dont know when exactly this redirect occur because i havent search anyhitng on google as i have the bookmarks on websites i often visit. as far as i know my brother used my pc and i found this problem about 3rd of July.
I've seen the topic about the google redirects but and tried the steps but the redirect keeps occuring.
i run a full scan using Malwarebytes Anti-Malware and found a trojan and was deleted but my problem was not resolve. I also deleted all the cookies and temp files.
i also run a scan using Spybot S&D and it fix some things but it didnt resolve my problem.
then i follow the steps on How to fix Google Redirects
i run the TDSSkiller and found malicious objects and it was deleted. i tested if my problem was resolve but 50% of the time it will redirect again.
i also tried free trial of hitman pro and found something and was deleted but i still have the same problem.wish someone could help
ive downloaded the OTL as instructed and it created a log.
OTL.Txt
----------------------------------------------------------------------------------------
OTL logfile created on: 05/07/2011 11:11:28 - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\GJ\Downloads\IDM Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 41.05% Memory free
4.94 Gb Paging File | 2.84 Gb Available in Paging File | 57.51% Paging File free
Paging file location(s): C:\pagefile.sys 3067 3067 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226.04 Gb Total Space | 35.64 Gb Free Space | 15.77% Space Free | Partition Type: NTFS
Computer Name: GJ2008 | User Name: GJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/07/05 11:11:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\GJ\Downloads\IDM Programs\OTL.exe
PRC - [2011/06/29 11:42:01 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/23 23:01:32 | 003,380,632 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2011/06/02 13:32:58 | 001,045,256 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/23 17:27:26 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
PRC - [2011/04/28 14:28:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/20 02:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/06 21:06:46 | 000,099,840 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2010/10/13 12:41:00 | 002,954,608 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/10/13 12:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/10/13 12:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/10/13 12:40:54 | 001,153,392 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/09/13 16:26:14 | 000,012,592 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
PRC - [2010/05/25 15:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/01/02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Users\GJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe
========== Modules (SafeList) ==========
MOD - [2011/07/05 11:11:12 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\GJ\Downloads\IDM Programs\OTL.exe
MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/29 18:53:37 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/06/29 11:42:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/02 13:32:58 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/28 14:28:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/10/13 12:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/10/13 12:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/09/13 16:26:14 | 000,012,592 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe -- (SRSHDAudioService)
SRV - [2009/11/23 19:02:37 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2008/05/14 22:19:49 | 000,087,288 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - [2011/06/29 11:42:06 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 11:42:06 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/06/09 16:50:58 | 000,089,888 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/10/05 14:26:10 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010/10/05 14:26:02 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/10/05 14:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/08/15 22:41:42 | 000,100,368 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010/07/02 11:08:32 | 000,384,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service)
DRV - [2010/07/01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/12/07 12:50:48 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/12/07 12:50:46 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/08/07 07:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CAMTHWDM.sys -- (CAMTHWDM)
DRV - [2009/06/10 16:59:32 | 000,024,576 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RPGMOUSEV1.sys -- (KMWDFilterV1)
DRV - [2008/12/26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008/10/31 01:04:32 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2008/10/31 01:04:16 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/03/14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008/02/13 17:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2008/01/19 06:55:21 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2007/08/24 19:34:00 | 000,015,872 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2007/06/07 06:42:08 | 000,083,456 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2005/02/01 15:55:40 | 000,021,442 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Users\GJ\Downloads\MyRO\MyRO\npkcrypt.sys -- (npkcrypt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.2.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: [email protected]:7.2.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://www.mywebsear...kwd&searchfor="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@fileplanet.com/fpdlm: C:\Program Files\Download Manager\npfpdlm.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\GJ\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\GJ\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/28 17:53:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 11:41:11 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/02/28 17:53:45 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 11:41:11 | 000,000,000 | ---D | M]
[2009/09/11 18:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GJ\AppData\Roaming\Mozilla\Extensions
[2009/03/12 12:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GJ\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/06/02 19:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\extensions
[2009/09/12 11:08:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/03 14:13:18 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/01/03 14:13:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\extensions\[email protected]
[2010/03/11 23:30:05 | 000,000,000 | ---D | M] (Illimitux) -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\extensions\[email protected]
[2009/09/12 11:56:06 | 000,009,949 | ---- | M] () -- C:\Users\GJ\AppData\Roaming\Mozilla\Firefox\Profiles\wwlq5tfo.default\searchplugins\mywebsearch.xml
[2011/05/14 13:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/20 23:29:49 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/04/29 11:26:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/27 16:17:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/16 09:29:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/14 13:54:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\GJ\APPDATA\ROAMING\IDM\IDMMZCC3
[2009/08/27 21:25:26 | 000,308,096 | ---- | M] (British Telecommunications Plc) -- C:\Program Files\mozilla firefox\plugins\npBTEmailConfig.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/22 19:38:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010/03/04 00:06:54 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/03/04 00:06:54 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/03/04 00:06:54 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/03/04 00:06:54 | 000,000,831 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
Hosts file not found
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files\Veoh_Web_Player\prxtbVeo0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Users\GJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Users\GJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Little%20Shop%20-%20Road%20Trip/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplu...lug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...b/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane...C_2.3.7.109.cab (CDownloadCtrl Object)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} http://appdirectory....ap/PhtPkMSN.cab (PhotoPickConvert Class)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://ares.netgame....ch_USAv1002.cab (MGLaunch_USAv1001 Class)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Little%20Shop%20-%20Road%20Trip/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/d...lugin_0.5.1.cab (Imikimi_activex_plugin Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\GJ\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\GJ\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\FFVIII_autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (bootdelete) - C:\Windows\System32\bootdelete.exe (SurfRight B.V.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/07/05 10:18:24 | 000,000,000 | ---D | C] -- C:\Users\GJ\Desktop\GooredFix Backups
[2011/06/28 14:52:16 | 000,000,000 | ---D | C] -- C:\Users\GJ\AppData\Roaming\Malwarebytes
[2011/06/28 14:52:05 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/28 14:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/28 14:52:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/28 14:51:57 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/06/28 14:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/28 14:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manga Studio EX 4.0
[2011/06/28 13:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CELSYS
[2011/06/28 13:49:04 | 000,000,000 | ---D | C] -- C:\Users\GJ\AppData\Roaming\Smith Micro
[2011/06/28 13:47:54 | 000,000,000 | ---D | C] -- C:\Users\GJ\Documents\Smith Micro
[2011/06/28 13:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\Smith Micro
[2011/06/28 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\GJ\Desktop\MSEX405
[2011/06/23 16:50:47 | 000,089,888 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2011/06/21 00:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2011/06/18 21:59:14 | 000,000,000 | ---D | C] -- C:\Users\GJ\Documents\eden eternal
[2011/06/17 03:07:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/06/17 03:07:10 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/06/17 03:07:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011/06/17 03:07:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/06/13 19:34:56 | 000,000,000 | ---D | C] -- C:\Users\GJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/06/13 19:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/06/13 19:34:17 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\libmfxsw32.dll
[2011/06/13 19:34:16 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\libmfxhw32.dll
[2011/06/13 09:49:21 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/09 12:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/06/09 12:36:25 | 000,000,000 | ---D | C] -- C:\Users\GJ\AppData\Roaming\ATI
[2011/06/09 12:36:25 | 000,000,000 | ---D | C] -- C:\Users\GJ\AppData\Local\ATI
[2011/06/09 12:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/06/09 12:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/06/09 12:28:42 | 000,100,368 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtihdLH3.sys
[2011/06/09 12:26:30 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2011/06/06 13:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2049/12/31 16:00:00 | 002,378,136 | ---- | M] () -- C:\Users\Public\Documents\AA0001.jpg
[2049/12/31 16:00:00 | 002,335,753 | ---- | M] () -- C:\Users\Public\Documents\AA0002.jpg
[2049/12/31 16:00:00 | 002,307,980 | ---- | M] () -- C:\Users\Public\Documents\AA0004.jpg
[2049/12/31 16:00:00 | 002,228,849 | ---- | M] () -- C:\Users\Public\Documents\AA0003.jpg
[2049/12/31 16:00:00 | 000,919,231 | ---- | M] () -- C:\Users\Public\Documents\AA0005.jpg
[2011/07/05 11:08:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723858854-2387825460-2792907647-1000UA.job
[2011/07/05 10:47:51 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/05 10:47:51 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/05 10:09:06 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2011/07/05 10:09:06 | 000,000,144 | ---- | M] () -- C:\Windows\System32\bootdelete.lst
[2011/07/05 10:00:13 | 000,020,552 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/07/04 20:48:05 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2011/07/04 20:47:38 | 000,000,308 | -HS- | M] () -- C:\Windows\tasks\yhkeeoqlfi.job
[2011/07/04 20:47:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/04 20:47:33 | 2145,570,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/04 20:45:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/07/04 16:08:00 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3723858854-2387825460-2792907647-1000Core.job
[2011/07/01 09:58:26 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/06/30 10:01:03 | 002,315,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/30 09:52:12 | 000,598,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/30 09:52:12 | 000,104,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/29 11:42:06 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/06/29 11:42:06 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/06/29 08:09:00 | 000,002,032 | ---- | M] () -- C:\Users\GJ\Desktop\Google Chrome.lnk
[2011/06/29 08:09:00 | 000,001,994 | ---- | M] () -- C:\Users\GJ\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/28 15:48:14 | 000,080,384 | ---- | M] () -- C:\Users\GJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/28 14:52:05 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/28 14:35:20 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk
[2011/06/28 14:26:04 | 172,907,324 | ---- | M] () -- C:\Users\GJ\Desktop\MangaStudioEXWinDemo_4_0.zip
[2011/06/25 11:41:11 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/21 01:10:49 | 000,000,000 | ---- | M] () -- C:\Users\GJ\.TFileChooserFavourites
[2011/06/16 10:57:41 | 000,130,958 | ---- | M] () -- C:\Windows\hpoins18.dat
[2011/06/13 19:34:58 | 000,001,091 | ---- | M] () -- C:\Users\GJ\Desktop\AVS4YOU Software Navigator.lnk
[2011/06/13 16:00:10 | 000,045,202 | ---- | M] () -- C:\Users\GJ\AppData\Roaming\room_v3.dat
[2011/06/09 16:50:58 | 000,089,888 | ---- | M] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2011/06/09 12:28:29 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011/06/09 12:15:18 | 000,005,892 | ---- | M] () -- C:\Users\GJ\AppData\Local\d3d9caps.dat
[2011/06/08 10:53:24 | 010,915,840 | ---- | M] (Intel Corporation) -- C:\Windows\System32\libmfxhw32.dll
[2011/06/08 10:53:12 | 010,833,920 | ---- | M] (Intel Corporation) -- C:\Windows\System32\libmfxsw32.dll
[2011/06/06 17:16:45 | 000,000,725 | ---- | M] () -- C:\Users\GJ\Desktop\EdenEternal.lnk
[2011/06/06 16:08:22 | 1743,655,704 | ---- | M] () -- C:\Users\GJ\Desktop\edeneternal_install_20110527.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/07/05 10:09:06 | 000,000,144 | ---- | C] () -- C:\Windows\System32\bootdelete.lst
[2011/06/28 14:52:05 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/28 14:42:59 | 000,000,308 | -HS- | C] () -- C:\Windows\tasks\yhkeeoqlfi.job
[2011/06/28 14:32:40 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Manga Studio EX 4.0.lnk
[2011/06/28 14:13:39 | 172,907,324 | ---- | C] () -- C:\Users\GJ\Desktop\MangaStudioEXWinDemo_4_0.zip
[2011/06/21 01:10:49 | 000,000,000 | ---- | C] () -- C:\Users\GJ\.TFileChooserFavourites
[2011/06/13 19:34:58 | 000,001,091 | ---- | C] () -- C:\Users\GJ\Desktop\AVS4YOU Software Navigator.lnk
[2011/06/09 12:35:03 | 2145,570,816 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/09 12:28:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/06/06 17:16:45 | 000,000,725 | ---- | C] () -- C:\Users\GJ\Desktop\EdenEternal.lnk
[2011/06/06 13:04:40 | 1743,655,704 | ---- | C] () -- C:\Users\GJ\Desktop\edeneternal_install_20110527.exe
[2011/06/02 13:33:12 | 000,384,752 | ---- | C] () -- C:\Windows\System32\drivers\SRS_HDAL_i386.sys
[2011/05/29 18:00:27 | 000,130,811 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2011/05/29 18:00:27 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011/05/26 21:21:57 | 000,045,202 | ---- | C] () -- C:\Users\GJ\AppData\Roaming\room_v3.dat
[2011/04/22 23:09:57 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011/03/22 23:42:53 | 000,046,658 | ---- | C] () -- C:\Users\GJ\AppData\Roaming\room.dat
[2011/03/17 17:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/02/28 21:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010/10/13 17:23:16 | 000,020,552 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2010/09/28 13:13:08 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2009/12/14 20:08:02 | 000,004,380 | ---- | C] () -- C:\Windows\wininit.ini
[2009/09/29 12:39:17 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CAMTHWDM.sys
[2009/09/24 08:33:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 08:33:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/04 17:04:19 | 000,130,958 | ---- | C] () -- C:\Windows\hpoins18.dat
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/12 11:14:29 | 000,005,892 | ---- | C] () -- C:\Users\GJ\AppData\Local\d3d9caps.dat
[2009/04/29 22:19:22 | 000,041,808 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/02/11 17:32:29 | 000,000,487 | ---- | C] () -- C:\Windows\eReg.dat
[2008/12/09 03:00:54 | 000,000,029 | ---- | C] () -- C:\Windows\Index.ini
[2008/11/07 04:05:52 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008/10/31 01:04:32 | 000,165,376 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008/10/31 01:04:16 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008/09/18 07:49:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/21 12:18:17 | 000,023,888 | ---- | C] () -- C:\Users\GJ\AppData\Roaming\UserTile.png
[2008/04/27 15:56:07 | 000,055,257 | ---- | C] () -- C:\Windows\War3Unin.dat
[2008/03/25 23:20:19 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/03/22 12:57:04 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS7K.DLL
[2008/03/21 13:02:38 | 000,080,384 | ---- | C] () -- C:\Users\GJ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/21 12:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2008/03/19 21:18:08 | 000,000,355 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/03/19 01:45:59 | 000,651,264 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2008/03/19 01:45:59 | 000,192,512 | R--- | C] () -- C:\Windows\System32\AegisI5.exe
[2008/03/19 01:45:59 | 000,147,456 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008/01/02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2007/12/01 08:50:37 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll
[2007/10/25 23:02:54 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2007/03/01 00:41:30 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 002,315,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,598,702 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,104,716 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1997/06/14 03:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:1409277B
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:126591AF
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:ED810E46
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:404390E0
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:07BF512B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D2A5A561
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:60C897F3
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:FE2D31D5
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:81653DC8
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:38E2864F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:A97FF73C
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:943E8182
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:114BD271
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:9DAAA6AF
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:6BD304B9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:F264BECE
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:B741B2C2
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:5A8F8A0C
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:605864D7
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:AC8ECED1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:891E6CB1
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:708BB0FA
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:B3BAC02F
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:0459F5AC
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:57EE48CA
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:4F96D8E6
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:A468A21E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:7ADA8871
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:883EDFB5
< End of report >
--------------------------------------------------------------------
the other one
Extras.Txt
--------------------------------------------------------------------
OTL Extras logfile created on: 05/07/2011 11:11:28 - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\GJ\Downloads\IDM Programs
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 41.05% Memory free
4.94 Gb Paging File | 2.84 Gb Available in Paging File | 57.51% Paging File free
Paging file location(s): C:\pagefile.sys 3067 3067 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 226.04 Gb Total Space | 35.64 Gb Free Space | 15.77% Space Free | Partition Type: NTFS
Computer Name: GJ2008 | User Name: GJ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0005BCDF-CC6F-4AE9-9DB1-7F8AD6481ABE}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{0F29F66D-8544-45E1-A23B-F7D94D1CAFC1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{105A9C85-00C5-4ADF-8768-D3B9F8512C3A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2385B8EC-BF45-4EB0-863B-09A76DDC69A8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{43EBB69E-3A09-4184-A294-5B1BE9035684}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D2519FB-2757-43AD-A367-5F88DB7AA0C2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4E4F9713-1202-4BD6-BD64-D9D68628C24D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{50DB8502-E28E-4703-8246-FD29A1DF0837}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{61A43992-0353-4FD4-8AFF-A960581D9151}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B933977-417F-4687-9A90-818D80FFE9EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{73EEEFFF-AB38-4805-A84A-F8F4DAD9CC63}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{81218024-7860-4999-AA0C-007BF9ED9C72}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8926D18E-7487-4E85-A073-66883183C85B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8FCAF812-948A-4BA5-A7AF-D4DC88600958}" = lport=10243 | protocol=6 | dir=in | app=system |
"{91767DB5-67A2-4553-BF4F-53E9B6E61FEB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{92ED3A4E-81D0-47A4-8613-57E76A43A8F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9DBD248E-4B79-41F8-A68C-7F43A5AF9A0D}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{AD7BDDCE-E947-4E03-95DC-1E1394F84C77}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DB35BA32-2870-4EF0-86A4-A20EF418EA67}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8BF5C3B-79D1-4401-A2D3-C37C675151A2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FD6E6FE8-515B-4468-B2A8-4B5C09A149F5}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA29D4A-3031-4517-9E86-954847E96DC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B0A14CE-077F-410C-AB5D-794780D94A88}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{0F8CFF99-C946-4C3F-8AC9-AE0B82372374}" = protocol=6 | dir=in | app=e:\x86\ibiscont.exe |
"{11FBA204-FBFE-4419-A6B4-1DA81D934E38}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1699974F-FD83-46EE-B9EB-705ADD49D396}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{17BF1BB5-D908-436A-84BB-6AC7B0F5600E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1ADDB04E-CCB3-4037-8037-AD80E9824BC8}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{20E3EAA6-A641-4E9D-9ACB-7FF3AD396A6E}" = protocol=6 | dir=in | app=c:\users\gj\appdata\local\google\chrome\application\chrome.exe |
"{25896E52-7E41-4872-8B33-5ED5577A70F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25BFF2D1-5F8F-4818-B53D-85F44FE484CA}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{27FD4394-50CF-428D-B08A-2CCDC93BCCC6}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{30BAB036-46D7-4830-B99D-C87165206137}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{32F1A57F-E772-4726-B662-255852065C87}" = protocol=17 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{342C5D57-2F8B-4672-9A37-A90E697F0E51}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3AE9EE08-D5FB-4EE1-ABAD-6BF8C757B7A9}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{3B69F60A-4A83-46FB-A844-28F25C386FBB}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{3CD3C90E-23A7-42F9-B2A1-89E86DFE5EFB}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\launcher.exe |
"{4315FCC2-4D4E-48EC-9267-D249893ACA31}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DFE8CD5-BBC6-4C61-BE17-9F8C8C43B3DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50B5A574-A0B1-4495-8076-A3B8A9713C99}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\launcher.exe |
"{50E88647-8DD4-4C22-A3F9-00B9AB1F46C6}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{54A600F7-8EC5-4636-A07A-1F8F972203AD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5D0FFF76-7CD2-435B-80FD-51E61E17B55A}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{5DC415DD-1EC0-4A00-AECA-70255EFA78BC}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{5F1CE5D3-4E1D-4592-AE59-F2EDE425DA67}" = protocol=6 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{620545B6-9F19-4F61-AA71-386574B1D404}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{6D5300CB-2609-4A9C-A3C7-178FE83AE1BF}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{6DF9EFD3-5017-4DFD-8155-FB9A094BE221}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7240EE51-ED76-4EAD-B912-4C94C14F5D03}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{7CC015C0-3D56-4692-9EE9-66E2D0B2BAA1}" = protocol=17 | dir=in | app=e:\x86\ibiscont.exe |
"{7CD12402-5EBF-4929-BA86-127E7D9E85BB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{875AACB9-11C9-4695-B648-83A69F95A9B8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{8F2BDF20-DD88-4AA4-8849-A4A2961C5C88}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{96972832-1051-4728-98EF-8237A206F589}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{98C39B45-EED0-4579-B873-170775ADBAE5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9F7C4ED7-69BA-488C-B27E-5FE75D1CB182}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2EFC8F6-B71A-4761-A93C-2063AD898963}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A3B84401-C909-43AA-805C-D486EDA00D61}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\launcher.exe |
"{A79E2CC8-0E06-4835-A533-510771720BC7}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A80A355A-2CF0-4751-A1C2-F7FE2B0013F1}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{A97277BF-8EB2-49DF-BE87-D5C22DBFCF0B}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\launcher.exe |
"{AA06DCA4-AA55-4AB7-ADF4-711BF7FF9A7F}" = protocol=6 | dir=in | app=c:\program files\thq\gas powered games\supreme commander\bin\supremecommander.exe |
"{AD1A9E48-1A6C-4AA6-9F3D-63F39BD48412}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{BA24B160-AEEC-407D-A347-CE5B13E9A567}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAB4B373-6A91-4FCE-82A1-FB3F60814729}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C3264ECE-94F9-47EB-8D30-EA21DCBF3C7F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C412D3E5-5887-4212-9D4B-DAF7627F5D58}" = protocol=17 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{C8C17606-B019-46E2-92CE-9377AF6B2B1C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE0EF023-2971-4AF8-B142-C2E194470BF0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DC0A30BA-C49F-450F-956E-6E78D2F73718}" = protocol=17 | dir=in | app=c:\users\gj\appdata\local\google\chrome\application\chrome.exe |
"{E4C62E3B-EC0C-4C34-9A67-9FB01F1D503A}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{E936E398-9755-4FF7-962C-F935BC14255D}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{EA89A0CD-75BD-497E-A851-3892871C9B5A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EC2728EB-C987-41F3-8A7E-86D5FAFCEC95}" = protocol=6 | dir=out | app=system |
"{F73BAEE7-9EB0-4180-BC7B-B07BE83A1EBE}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{FD23DA86-51C6-4206-B5CE-98B46E25F46D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{2E4963CE-B954-4E3A-9106-5DE9205487E2}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{34838471-7259-4BB9-AD36-BC8E2C15FC5B}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{35F7ACCE-BD84-4BCB-A690-D4965700603B}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{47B305D1-43B2-4D41-A941-B1C4980F00E6}C:\users\gj\downloads\rgc\ranked gaming client\rgc.exe" = protocol=6 | dir=in | app=c:\users\gj\downloads\rgc\ranked gaming client\rgc.exe |
"TCP Query User{5F3D5246-6EDE-4EBB-BD19-DFFA7FB629DF}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{62E9A31C-F92A-4C31-A9D0-BDE19D2E2614}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{63BFF4CF-7E7C-41A5-AB99-73E505D83417}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{689F4CAD-7FCA-4E8B-946B-28A7135F4EBC}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{84E77AE5-A8F6-46DB-A097-9A47D39C356B}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{8733C40E-E608-4647-A918-D3403AD5F175}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"TCP Query User{89D55476-A4F6-4971-A258-B3165E0827B5}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{95B7AEFC-4639-4D39-86DC-A6468B6260C7}C:\program files\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files\xfire\xfire.exe |
"TCP Query User{9DBF7000-4C31-4885-933F-B9E8C95E2BF8}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{A1C638D2-5E2B-4A94-AA3F-474B7A3D695C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AF3DA76E-1D1E-4A4B-9312-457498E70287}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{D5DB5ADB-D7D3-4623-8DB6-7695B87B3B4D}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{D8816B66-EA2F-4A51-9AF9-2AE33F484CFB}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{D97B4962-43B3-4D84-9A66-466D0223CEA3}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{F312144D-D539-4C14-92CD-41117BF3D706}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{00E0F073-537C-40F0-BC74-79E0AD79ED42}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{097CC1A1-905B-444A-A638-E7821753928F}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{2BDC66E1-0B4B-4FCE-88BB-9098136FC3D8}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"UDP Query User{389D282E-D6FB-41F7-8AF0-38E7B2C6C5D6}C:\program files\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files\xfire\xfire.exe |
"UDP Query User{3E624A5E-27AA-476D-9712-C0662FBB3B81}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{46D2FDCC-8849-4A51-83BC-855E3E8040C1}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{4CCE35EA-8CBD-46EA-A49B-FBD5E7AB47E2}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{552AE0DD-8322-4B91-B2B0-C292D348977F}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{5AECB889-F7C2-495D-BFE9-0058A733E2D3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{5C7B697E-139D-4EDB-A1C0-89DDCEE0DF93}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{6DB51176-3A6B-496E-9461-B87700E0B374}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{74417C5A-9A10-4781-B13E-A94F81AEA35A}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{A3BF6190-087B-4005-984E-2038084CB43A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{AB1E7948-C22B-4043-9065-F02B23891DCF}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{B3AE13ED-8D90-4A56-8454-AF0F4F912244}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{B4F6FCA2-00C7-4A3B-B987-A009A603CB41}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{BD52E286-D193-4C6C-B929-807AF6ECD8AD}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{DA839F2D-3217-46F8-951B-107B944B6B1D}C:\users\gj\downloads\rgc\ranked gaming client\rgc.exe" = protocol=17 | dir=in | app=c:\users\gj\downloads\rgc\ranked gaming client\rgc.exe |
"UDP Query User{DB532892-F517-4385-8C85-DBFE32063177}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{0110F866-6DC8-D528-AD84-99A2A64A67A8}" = ccc-utility
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{11812362-F737-6874-FA40-F845ABFC9F2F}" = CCC Help Spanish
"{1453977F-19E6-7172-45A3-64DFD0EE7921}" = CCC Help Portuguese
"{153EF7B7-1D60-0B47-80AC-2A61930995D7}" = CCC Help Polish
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19C4B355-08AA-050E-AAEF-96D5F43C5E17}" = CCC Help Swedish
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{234014C1-6F1D-D54E-AC70-CE00400126BB}" = CCC Help Finnish
"{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}" = Supreme Commander
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 25
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A407AF3-B8B3-54C0-9C6E-78D12DC4E728}" = CCC Help German
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3369417B-D079-A2EB-CC29-5EE8E74150F6}" = CCC Help Hungarian
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{41552C47-1379-D9D1-A8AF-E4494A4B03D7}" = CCC Help Chinese Standard
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D91AC93-9A94-6D3E-325E-9F3ACAEFBBF2}" = CCC Help English
"{4DCD596A-3C70-4175-8241-5947E1CCE312}_is1" = Cat Girl Alliance 1.0
"{4EADF4F5-C1C3-B865-8E72-E555BA29B65C}" = CCC Help Dutch
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{553A7BDF-211A-6A44-6420-874F8D31C9D4}" = Catalyst Control Center Localization All
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{588A57A4-4E74-427D-8D0C-AA18EBE439F7}" = MorphVOX Pro
"{5B616A3F-43D9-4F0B-9F49-D39342A98592}" = Creatures of Darkness
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Teen Style Stuff
"{5D4EF6E3-E1F5-CB27-5DE5-309A477F0CFF}" = Catalyst Control Center Graphics Previews Common
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EBBC850-8E86-4CBB-BD63-403D4808C402}" = Manga Studio EX 4.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{611BD998-34B9-4DDA-00AE-0CB4632E86FA}" = SimCity 4
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.3
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6B09A944-8B70-9A88-43D3-34DD9EF62F8C}" = CCC Help Czech
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{76F85EAD-4ACF-1826-1E3D-9DF55DA1FAB3}" = CCC Help Russian
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7E8A67A0-AD62-BBE3-DE3C-5FB84377DBF3}" = ATI Catalyst Install Manager
"{7E982B9C-017D-1941-806F-F1E3D2972A3A}" = CCC Help French
"{7F1F3BC5-A34F-F2F0-B8C7-068550CA9572}" = CCC Help Danish
"{8061C2C9-C2A3-4550-A3FC-585B646840CB}" = Fantasy Voice Pack
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Fashion Stuff
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87EF6287-15B7-968B-E66F-A6E22EDE3842}" = CCC Help Korean
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 FreeTime
"{888C0C02-162C-8C2E-A3BB-8028B76EDCE9}" = Catalyst Control Center Graphics Previews Vista
"{89C89156-A70F-4C6D-9CAE-2EA71F1396FE}" = Garena
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9275098D-F695-4248-8D14-C22AD04B6CC9}" = AsdaStory
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{979A5B37-C4F6-CC52-F1D8-AAE72FBA4E71}" = HydraVision
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983CE4AE-052A-4AD6-92ED-177DFC85DAE5}" = Warcraft III 1.22 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims 2 Glamour Life Stuff
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F41545E-B404-1013-875D-2D7959378605}" = CCC Help Turkish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A34BE684-D648-DD14-B75E-8DBD5EF11376}" = CCC Help Norwegian
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAD47011-8518-4608-9656-951DA35B587B}" = iTunes
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AE14E46C-16DB-8BA9-EDD1-9FF9BC29CF0A}" = CCC Help Japanese
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF83CA55-2DD8-AE45-CE08-BA71492C8B3A}" = ATI AVIVO Codecs
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FDE441-6522-AA0C-1034-07E2BDB1EC05}" = Catalyst Control Center InstallProxy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}" = Camtasia Studio 7
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CA9A3609-3ECC-4574-8824-A8161A71A603}" = Canon MP150
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D33D19AF-FFF1-E134-768B-C795C561A685}" = CCC Help Greek
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA898F5C-4C85-4CF4-825B-E05D07DC39DD}" = BT Broadband Support Tools
"{DAB01298-B142-6ACB-14F8-B696A0CA0063}" = CCC Help Italian
"{DAB5C521-80B2-48C3-B0DA-326A1B331F55}" = GoToAssist Corporate
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF80E056-3F24-4C02-8F1B-C247E42A59BF}" = SRS HD Audio Lab
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E47DF794-4A16-C9B0-56E2-66FC958E67D7}" = ccc-core-static
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{EAA38532-7AD0-4f78-918A-4F4F02096ECE}" = The Sims™ 2 Celebration! Stuff
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Bon Voyage
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4446870-977C-96AD-9866-35EF0029296B}" = CCC Help Thai
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF5C192E-97D8-2896-7685-6355EA95CC60}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"Akamai" = Akamai NetSession Interface
"AV Voice Changer Software 7.0" = AV Voice Changer Software 7.0
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"AV Voice Changer Software DIAMOND 7.0" = AV Voice Changer Software DIAMOND 7.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"BT Broadband Desktop Help" = BT Broadband Desktop Help
"BTHomeHub" = BTHomeHub
"Camfrog 5.1" = Camfrog Video Chat 5.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"conduitEngine" = Conduit Engine
"CorumOnline" = CorumOnline
"Counter-Strike 1.6" = Counter-Strike 1.6
"DivX Setup.divx.com" = DivX Setup
"Download Manager" = Download Manager 2.3.7
"Dream Of Mirror Online" = Dream Of Mirror Online
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Easy-WebPrint" = Easy-WebPrint
"EAX™ Unified (SHELL)" = EAX™ Unified (SHELL)
"EdenEternal" = EdenEternal
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Free Window Registry Repair" = Free Window Registry Repair
"FrostWire" = FrostWire 4.21.8
"G-ForceBlue" = G-Force Blue
"GoToAssist" = GoToAssist Corporate
"HangARoo_is1" = HangARoo v2.052
"HDMI" = Intel® Graphics Media Accelerator Driver
"hon" = Heroes of Newerth
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Imikimi Plugin" = Imikimi Plugin
"Internet Download Manager" = Internet Download Manager
"LimeWire" = LimeWire 5.5.8
"Magic Video Converter_is1" = Magic Video Converter Trial Version (English) 8.0.2.18
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"My Ragnarok Online" = My Ragnarok Online
"Pen Tablet Driver" = Bamboo
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"Rainmeter" = Rainmeter
"RocketDock_is1" = RocketDock 1.3.5
"SpeedConnect Internet Accelerator v.8.0 Retail zoo_is1" = SpeedConnect Internet Accelerator v.8.0
"The Sims 2 Super Pack 2007_is1" = The Sims 2 Super Pack 2007
"Veetle TV" = Veetle TV 0.9.18
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"Veoh_Web_Player Toolbar" = Veoh Web Player Toolbar
"VLC media player" = VLC media player 0.9.8a
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Warcraft III" = Warcraft III
"WebcamMax" = WebcamMax
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Xfire" = Xfire (remove only)
"Yahoo! Applications" = BT Yahoo! Applications
"Yahoo! Extras" = Yahoo! Browser Services
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 28/06/2011 09:36:08 | Computer Name = GJ2008 | Source = Windows Search Service | ID = 3013
Description =
Error - 28/06/2011 09:36:10 | Computer Name = GJ2008 | Source = Windows Search Service | ID = 3013
Description =
Error - 28/06/2011 09:36:10 | Computer Name = GJ2008 | Source = Windows Search Service | ID = 3013
Description =
Error - 28/06/2011 09:36:28 | Computer Name = GJ2008 | Source = Windows Search Service | ID = 3013
Description =
Error - 28/06/2011 09:36:28 | Computer Name = GJ2008 | Source = Windows Search Service | ID = 3013
Description =
Error - 28/06/2011 09:47:38 | Computer Name = GJ2008 | Source = Application Error | ID = 1000
Description = Faulting application Lhi.exe, version 2.0.0.122, time stamp 0x4df61dd3,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x01d7eaa7, process id 0x1dd4, application start time 0x01cc3599489dfdd7.
Error - 02/07/2011 18:29:24 | Computer Name = GJ2008 | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 3d5c Start Time: 01cc3906f5384ad3 Termination Time: 20
Error - 03/07/2011 10:10:22 | Computer Name = GJ2008 | Source = TabletServicePen | ID = 1
Description =
Error - 04/07/2011 16:18:20 | Computer Name = GJ2008 | Source = Application Error | ID = 1000
Description = Faulting application iekn9skn.exe, version 1.0.15.15640, time stamp
0x4de220a0, faulting module iekn9skn.exe, version 1.0.15.15640, time stamp 0x4de220a0,
exception code 0xc0000005, fault offset 0x0000c676, process id 0xb8c, application
start time 0x01cc3a8737fd4054.
Error - 04/07/2011 16:20:31 | Computer Name = GJ2008 | Source = Application Error | ID = 1000
Description = Faulting application iekn9skn.exe, version 1.0.15.15640, time stamp
0x4de220a0, faulting module iekn9skn.exe, version 1.0.15.15640, time stamp 0x4de220a0,
exception code 0xc0000005, fault offset 0x0000c676, process id 0x1074, application
start time 0x01cc3a878fbbde04.
[ OSession Events ]
Error - 27/09/2009 13:36:14 | Computer Name = GJ2008 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 27 seconds with 0 seconds of active time. This session ended with a crash.
Error - 07/12/2009 22:17:47 | Computer Name = GJ2008 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 59
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30/03/2010 13:44:29 | Computer Name = GJ2008 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 114 seconds with 60 seconds of active time. This session ended with a crash.
Error - 30/03/2010 13:50:00 | Computer Name = GJ2008 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 31
seconds with 0 seconds of active time. This session ended with a crash.
Error - 30/03/2010 13:50:40 | Computer Name = GJ2008 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26/06/2011 06:33:19 | Computer Name = GJ2008 | Source = Service Control Manager | ID = 7009
Description =
Error - 26/06/2011 06:33:19 | Computer Name = GJ2008 | Source = Service Control Manager | ID = 7000
Description =
Error - 28/06/2011 14:13:28 | Computer Name = GJ2008 | Source = DCOM | ID = 10010
Description =
Error - 30/06/2011 04:57:01 | Computer Name = GJ2008 | Source = DCOM | ID = 10010
Description =
Error - 30/06/2011 22:07:00 | Computer Name = GJ2008 | Source = DCOM | ID = 10010
Description =
Error - 02/07/2011 19:44:00 | Computer Name = GJ2008 | Source = DCOM | ID = 10010
Description =
Error - 02/07/2011 21:33:33 | Computer Name = GJ2008 | Source = DCOM | ID = 10010
Description =
Error - 04/07/2011 16:25:40 | Computer Name = GJ2008 | Source = DCOM | ID = 10005
Description =
Error - 04/07/2011 16:25:40 | Computer Name = GJ2008 | Source = Service Control Manager | ID = 7009
Description =
Error - 04/07/2011 16:25:40 | Computer Name = GJ2008 | Source = Service Control Manager | ID = 7000
Description =
< End of report >
i would be very greatful for your help thank you.
Sign In
Create Account
