Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CD and DVD drives are missing (both from My Computer and Device Manage

Started by kdramawanderer , Feb 02 2012 06:42 AM

  • Please log in to reply

#1
kdramawanderer
Posted 02 February 2012 - 06:42 AM

kdramawanderer

    New Member

  • Member
  • Pip
  • 1 posts

Hello everyone!
I'm so happy that I'm already part of this forum.
I just wanna ask something regarding my problem.
One time, when I opened my laptop, I just found out that my CD and DVD Drive is missing.
I can't find the drive from My Computer as well as in Device Manager.
On the other hand, the icon of the CD/DVD Drive can be found in the other partition drive (E://).
I installed ITunes just before this happened.
I don't know if my laptop's infected by malware, virus or anything.
Posted here are the contents of OTL.txt and Extras.txt of my laptop.
Hope you'll help me with this matter.
Thank you so much in advance.
I'll be waiting for any response. God Bless!


OTL.Txt contents

OTL logfile created on: 2/2/2012 8:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\arathegreat\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy

764.56 Mb Total Physical Memory | 143.63 Mb Available Physical Memory | 18.79% Memory free
1.76 Gb Paging File | 0.63 Gb Available in Paging File | 35.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 10.70 Gb Free Space | 18.27% Space Free | Partition Type: NTFS
Drive E: | 51.73 Gb Total Space | 50.94 Gb Free Space | 98.47% Space Free | Partition Type: NTFS

Computer Name: ARATHEGREAT-PC | User Name: arathegreat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/02 20:07:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\arathegreat\Downloads\OTL.exe
PRC - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/09/01 19:27:08 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011/09/01 19:23:52 | 001,526,080 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011/04/19 01:25:12 | 003,460,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/19 01:25:10 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/04/19 01:25:09 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2010/11/14 13:41:41 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2010/09/17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
PRC - [2010/09/17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
PRC - [2010/04/01 11:34:36 | 000,243,000 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Search Protection\YspService.exe
PRC - [2009/08/02 10:25:54 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/11 00:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/09/18 04:09:04 | 000,552,960 | R--- | M] (Silicon Integrated Systems Corporation) -- C:\Program Files\SiS VGA Utilities\SiSTray.exe
PRC - [2007/05/30 20:31:44 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/18 23:11:02 | 004,472,832 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/05/16 22:52:38 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007/03/29 23:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/03/29 17:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007/02/26 04:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/15 03:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006/11/02 17:45:25 | 001,790,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
PRC - [2006/08/23 23:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/26 02:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/20 13:35:35 | 000,411,120 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\ppgooglenaclpluginchrome.dll
MOD - [2012/01/20 13:35:34 | 003,767,792 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012/01/20 13:34:10 | 000,122,880 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012/01/20 13:34:09 | 000,222,208 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012/01/20 13:34:07 | 001,746,432 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012/01/20 10:14:40 | 008,593,056 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/03/26 02:11:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2010/03/26 02:09:46 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2010/03/26 02:08:09 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2010/03/26 01:55:14 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2010/03/26 01:54:28 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2009/12/12 23:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Fix-It Task Manager)
SRV - [2012/01/03 21:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/01 19:23:52 | 001,526,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/01 19:18:56 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/04/19 01:25:10 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/04/19 01:25:09 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2010/11/14 13:41:41 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010/09/17 11:14:50 | 000,098,304 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2010/09/17 11:14:42 | 003,735,552 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2009/09/10 00:15:14 | 001,174,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/02/11 00:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/11/10 04:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/05/30 20:31:44 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/29 17:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/02/26 04:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/10 05:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/11/15 03:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/08/23 23:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/26 02:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)


========== Driver Services (SafeList) ==========

DRV - [2011/04/19 01:18:45 | 000,102,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011/04/19 01:17:46 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/04/19 01:17:34 | 000,307,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/04/19 01:17:20 | 000,192,984 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011/04/19 01:16:18 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/04/19 01:13:21 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/04/19 01:13:09 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/04/19 01:12:58 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/19 00:49:53 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/09/10 00:14:08 | 000,115,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/12/30 18:57:52 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008/12/13 18:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/12/09 16:59:30 | 000,020,392 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\elrawdsk.sys -- (ElRawDisk)
DRV - [2008/03/04 23:40:04 | 000,097,408 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmusbser.sys -- (qcusbser)
DRV - [2007/09/18 04:09:36 | 000,452,968 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SISGRKMD.sys -- (SiS6350)
DRV - [2007/06/20 11:12:00 | 000,047,616 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2007/05/30 22:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/04/16 17:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/04/09 22:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV - [2007/03/22 05:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 03:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/02/24 21:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/13 17:29:30 | 000,011,776 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\EMSC.SYS -- (EMSC)
DRV - [2007/01/24 17:08:06 | 000,056,184 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2007/01/23 23:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/01/18 22:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007/01/18 22:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2007/01/09 22:32:13 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/01/09 22:32:13 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2006/11/28 22:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/02 15:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/23 23:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 19:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/06 05:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ph.yahoo.com/?fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ph.yahoo.com/?fr=mkg029
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/421
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/Chem3D,version=11.0: C:\Program Files\CambridgeSoft\ChemOffice2008\Chem3D\npChem3DPlugin.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@cambridgesoft.com/ChemDraw,version=11.0: C:\Program Files\CambridgeSoft\ChemOffice2008\ChemDraw\npcdp32.dll (CambridgeSoft Corp.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\arathegreat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\arathegreat\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\arathegreat\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin [2011/03/24 00:53:42 | 000,000,000 | ---D | M]

[2011/03/02 00:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\arathegreat\AppData\Roaming\Mozilla\Extensions
[2010/11/03 10:50:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\arathegreat\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://www.searchqu....q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\arathegreat\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = E:\PFiles\Plugins\np-mswmp.dll
CHR - plugin: Chem3D Plugin (Enabled) = C:\Program Files\CambridgeSoft\ChemOffice2008\Chem3D\npChem3DPlugin.dll
CHR - plugin: ChemDraw (Enabled) = C:\Program Files\CambridgeSoft\ChemOffice2008\ChemDraw\npcdp32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\arathegreat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\arathegreat\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\arathegreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1091_0\
CHR - Extension: Simple Plan = C:\Users\arathegreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipolgaockcoijiegbcmpkcgmbknofhai\1_0\

O1 HOSTS File: ([2009/08/29 07:29:13 | 000,001,143 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 update.bitdefender.com
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiSTray] C:\Program Files\SiS VGA Utilities\SiSTray.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\YspService.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O9 - Extra Button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.co...-44557-9400-3/4 File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co...nk-21&site=home File not found
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 124.106.4.2 124.106.5.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CEE5161-5CE0-45C1-ABCB-0ADC222FB2DC}: DhcpNameServer = 124.106.4.2 124.106.5.2
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0d4b40a2-9f43-11df-8515-a625cf0329a5}\Shell\AutoRun\command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{0d4b40a2-9f43-11df-8515-a625cf0329a5}\Shell\Open\Command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{161534b1-c4f0-11de-8fa3-c7df557d95a1}\Shell - "" = AutoRun
O33 - MountPoints2\{161534b1-c4f0-11de-8fa3-c7df557d95a1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{16ad67db-c4f4-11de-af22-efc9e19237a0}\Shell - "" = AutoRun
O33 - MountPoints2\{16ad67db-c4f4-11de-af22-efc9e19237a0}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{2957848a-b0a6-11df-b754-dc7336c051a5}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{295784b3-b0a6-11df-b754-dc7336c051a5}\Shell\AutoRun\command - "" = D:\kasper/kasper32.exe
O33 - MountPoints2\{295784b3-b0a6-11df-b754-dc7336c051a5}\Shell\explore\command - "" = D:\.////////kasper/\\\\\kasper32.exe
O33 - MountPoints2\{295784b3-b0a6-11df-b754-dc7336c051a5}\Shell\open\command - "" = D:\kasper/////////kasper32.exe
O33 - MountPoints2\{295784e8-b0a6-11df-b754-dc7336c051a5}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\{36436-46377-36235423423}\msconfig.exe
O33 - MountPoints2\{295784e8-b0a6-11df-b754-dc7336c051a5}\Shell\eXPloRe\cOmmAnD - "" = \RECYCLER\{36436-46377-36235423423}\msconfig.exe
O33 - MountPoints2\{295784e8-b0a6-11df-b754-dc7336c051a5}\Shell\Open\CoMManD - "" = \RECYCLER\{36436-46377-36235423423}\msconfig.exe
O33 - MountPoints2\{2ec1521e-eb46-11df-af77-d17e943120b8}\Shell\AutoRun\command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{2ec1521e-eb46-11df-af77-d17e943120b8}\Shell\Open\Command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{3783b5d1-222c-11df-9111-fb6ef3974faa}\Shell - "" = AutoRun
O33 - MountPoints2\{3783b5d1-222c-11df-9111-fb6ef3974faa}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{3e1e76ea-7489-11de-9409-a42b9ab9caa1}\Shell\AutoRun\command - "" = wscript.exe delaMarVirus.vbs
O33 - MountPoints2\{3e1e76ea-7489-11de-9409-a42b9ab9caa1}\Shell\Open\Command - "" = wscript.exe delaMarVirus.vbs
O33 - MountPoints2\{3e3ccb8b-2197-11e0-8b3f-9bc6786ec2a6}\Shell\AutoRun\command - "" = wscript.exe xhv.vbs
O33 - MountPoints2\{3e3ccb8b-2197-11e0-8b3f-9bc6786ec2a6}\Shell\Open\Command - "" = wscript.exe xhv.vbs
O33 - MountPoints2\{4496ac06-d08e-11df-b207-aa1fdb51ecbb}\Shell - "" = AutoRun
O33 - MountPoints2\{4496ac06-d08e-11df-b207-aa1fdb51ecbb}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{5ebeebb1-be47-11de-bb39-fb6025b064a1}\Shell - "" = AutoRun
O33 - MountPoints2\{5ebeebb1-be47-11de-bb39-fb6025b064a1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6bc101ae-d0c9-11df-ad48-8738b126a265}\Shell - "" = AutoRun
O33 - MountPoints2\{6bc101ae-d0c9-11df-ad48-8738b126a265}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{83dddadd-c4ce-11df-a91e-cb37cf1136a5}\Shell - "" = AutoRun
O33 - MountPoints2\{83dddadd-c4ce-11df-a91e-cb37cf1136a5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{83dddb0e-c4ce-11df-a91e-cb37cf1136a5}\Shell - "" = AutoRun
O33 - MountPoints2\{83dddb0e-c4ce-11df-a91e-cb37cf1136a5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{83dddb1b-c4ce-11df-a91e-d4017d119556}\Shell - "" = AutoRun
O33 - MountPoints2\{83dddb1b-c4ce-11df-a91e-d4017d119556}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8b1c8ed0-0b3d-11df-b6c9-a65d62353f6a}\Shell - "" = AutoRun
O33 - MountPoints2\{8b1c8ed0-0b3d-11df-b6c9-a65d62353f6a}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8b8f1a2b-cb43-11df-b710-fc31cbcb2ea4}\Shell - "" = AutoRun
O33 - MountPoints2\{8b8f1a2b-cb43-11df-b710-fc31cbcb2ea4}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8b8f1a39-cb43-11df-b710-fc31cbcb2ea4}\Shell - "" = AutoRun
O33 - MountPoints2\{8b8f1a39-cb43-11df-b710-fc31cbcb2ea4}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8ed2023d-074e-11df-b9c5-b2d1ed4e14a5}\Shell - "" = AutoRun
O33 - MountPoints2\{8ed2023d-074e-11df-b9c5-b2d1ed4e14a5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{91787ecb-c0c5-11de-8600-8613638437c2}\Shell - "" = AutoRun
O33 - MountPoints2\{91787ecb-c0c5-11de-8600-8613638437c2}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91f9d93a-5156-11e0-972d-9f63711c8ba4}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{945629fe-201d-11df-98e9-a0e1b911a6a4}\Shell - "" = AutoRun
O33 - MountPoints2\{945629fe-201d-11df-98e9-a0e1b911a6a4}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{94562a28-201d-11df-98e9-fd7e0cc71eaa}\Shell - "" = AutoRun
O33 - MountPoints2\{94562a28-201d-11df-98e9-fd7e0cc71eaa}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{a5a4663a-bf63-11de-9d50-e3f76f5f1ba2}\Shell - "" = AutoRun
O33 - MountPoints2\{a5a4663a-bf63-11de-9d50-e3f76f5f1ba2}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{a965d678-93d0-11df-a52a-811202dc4ea4}\Shell\AutoRun\command - "" = D:\.\ShowModem.exe
O33 - MountPoints2\{abbd44ba-9453-11df-bd5e-f6eab2bca7a4}\Shell\AutoRun\command - "" = H:\DIJAMANTE\\veciti.exe
O33 - MountPoints2\{abbd44ba-9453-11df-bd5e-f6eab2bca7a4}\Shell\explore\command - "" = H:\DIJAMANTE\\\veciti.exe
O33 - MountPoints2\{abbd44ba-9453-11df-bd5e-f6eab2bca7a4}\Shell\open\command - "" = H:\DIJAMANTE\\\veciti.exe
O33 - MountPoints2\{abbd44bd-9453-11df-bd5e-f6eab2bca7a4}\Shell - "" = AutoRun
O33 - MountPoints2\{abbd44bd-9453-11df-bd5e-f6eab2bca7a4}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{abbd44c3-9453-11df-bd5e-f6eab2bca7a4}\Shell\AutoRun\command - "" = ciao\\amore.exe
O33 - MountPoints2\{abbd44c3-9453-11df-bd5e-f6eab2bca7a4}\Shell\explore\command - "" = ciao\\\amore.exe
O33 - MountPoints2\{abbd44c3-9453-11df-bd5e-f6eab2bca7a4}\Shell\open\command - "" = ciao\\\amore.exe
O33 - MountPoints2\{bd99023c-d094-11df-95f4-f9747c10809c}\Shell - "" = AutoRun
O33 - MountPoints2\{bd99023c-d094-11df-95f4-f9747c10809c}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{c616c514-7e37-11de-bc07-d070ce6587a4}\Shell - "" = AutoRun
O33 - MountPoints2\{c616c514-7e37-11de-bc07-d070ce6587a4}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ca610948-9a2a-11df-981d-e6b257647ba5}\Shell\AutoRun\command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{ca610948-9a2a-11df-981d-e6b257647ba5}\Shell\Open\Command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{cecadd15-4416-11e1-b73d-001eec5bd808}\Shell\AutoRun\command - "" = wilddance//puffy.exe
O33 - MountPoints2\{cecadd15-4416-11e1-b73d-001eec5bd808}\Shell\Explore\command - "" = wilddance/puffy.exe
O33 - MountPoints2\{cecadd15-4416-11e1-b73d-001eec5bd808}\Shell\Open\command - "" = wilddance/puffy.exe
O33 - MountPoints2\{d496168a-c550-11df-9787-dcf3fa0120a5}\Shell - "" = AutoRun
O33 - MountPoints2\{d496168a-c550-11df-9787-dcf3fa0120a5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d649e6c8-0aff-11e0-8da2-eb9c13d40ebb}\Shell\AutoRun\command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{d649e6c8-0aff-11e0-8da2-eb9c13d40ebb}\Shell\Open\Command - "" = wscript.exe tumauini.vbs
O33 - MountPoints2\{dc2b8006-2022-11df-bdb3-a359a7f43ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{dc2b8006-2022-11df-bdb3-a359a7f43ca5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{e5f1bcd5-7e26-11de-ab30-979d7b3355a6}\Shell - "" = AutoRun
O33 - MountPoints2\{e5f1bcd5-7e26-11de-ab30-979d7b3355a6}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ee405da3-c0f6-11de-99be-82dd21db37b0}\Shell - "" = AutoRun
O33 - MountPoints2\{ee405da3-c0f6-11de-99be-82dd21db37b0}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{f1e99604-7f70-11de-bcae-ab93069b2ba8}\Shell - "" = AutoRun
O33 - MountPoints2\{f1e99604-7f70-11de-bcae-ab93069b2ba8}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\D:)
O34 - HKLM BootExecute: (autocheck autochk /p \??\G:)
O34 - HKLM BootExecute: ("autocheck autochk *")
O34 - HKLM BootExecute: (B)
O34 - HKLM BootExecute: ("")
O34 - HKLM BootExecute: (3)
O34 - HKLM BootExecute: (?????????????????????????k~)
O34 - HKLM BootExecute: (??)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/02 19:03:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/02 19:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/01/31 19:09:44 | 000,000,000 | ---D | C] -- C:\RMVFLTR.TEMP
[2012/01/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Roaming\GRETECH
[2012/01/31 16:22:22 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\Documents\GomPlayer
[2012/01/31 16:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2012/01/31 16:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\GRETECH
[2012/01/30 03:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\38FDB89C-1EBD-4366-84B2-336D12CC3209
[2012/01/30 03:35:00 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Roaming\Downloaded Installations
[2012/01/30 02:41:36 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Local\ElevatedDiagnostics
[2012/01/30 02:39:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 1.0
[2012/01/30 02:39:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/01/30 02:23:51 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Roaming\toshiba
[2012/01/25 19:03:30 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\Documents\Downloads
[2012/01/25 18:28:23 | 000,067,312 | ---- | C] (Just Great Software) -- C:\Windows\UnDeployV.exe
[2012/01/23 01:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity
[2012/01/14 08:40:46 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Local\Apple Computer
[2012/01/14 08:40:44 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Roaming\Apple Computer
[2012/01/14 08:39:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2012/01/14 08:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/01/14 08:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/14 08:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/01/14 08:32:02 | 000,000,000 | ---D | C] -- C:\Users\arathegreat\AppData\Local\Apple
[2012/01/14 08:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/01/14 08:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/01/14 08:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012/01/14 08:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/09/15 17:19:43 | 000,020,480 | ---- | C] (steve) -- C:\Users\arathegreat\AppData\Roaming\ctfmon.exe
[2011/06/02 02:04:48 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\arathegreat\AppData\Roaming\pcouffin.sys
[2011/05/29 01:26:24 | 000,139,264 | ---- | C] ( ) -- C:\Windows\System32\sipr.dll
[2011/05/29 01:26:24 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\rv20.dll
[2011/05/29 01:26:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\rv30.dll
[2011/05/29 01:26:24 | 000,049,152 | ---- | C] ( ) -- C:\Windows\System32\rv40.dll
[2011/05/29 01:26:23 | 000,557,056 | ---- | C] ( ) -- C:\Windows\System32\raac.dll
[2011/05/29 01:26:22 | 000,286,720 | ---- | C] ( ) -- C:\Windows\System32\drvc.dll
[2011/05/29 01:26:22 | 000,180,224 | ---- | C] ( ) -- C:\Windows\System32\drv2.dll
[2011/05/29 01:26:21 | 000,065,602 | ---- | C] ( ) -- C:\Windows\System32\cook.dll
[2011/05/29 01:26:20 | 000,548,919 | ---- | C] ( ) -- C:\Windows\System32\colorcvt.dll
[2011/05/29 01:26:20 | 000,090,112 | ---- | C] ( ) -- C:\Windows\System32\atrc.dll
[2010/05/10 09:23:32 | 000,098,304 | ---- | C] ( ) -- C:\Windows\System32\Uwimm.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\arathegreat\Documents\*.tmp files -> C:\Users\arathegreat\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/02 19:57:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000UA.job
[2012/02/02 19:44:09 | 000,004,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/02 19:44:09 | 000,004,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/02 19:25:11 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000UA.job
[2012/02/02 19:03:58 | 000,001,629 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/02/02 18:40:30 | 007,855,420 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/02 18:40:30 | 003,857,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/02 15:44:28 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012/02/02 15:43:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/02 15:43:33 | 802,340,864 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/01 15:41:11 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000Core.job
[2012/02/01 15:41:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000Core.job
[2012/01/31 19:32:21 | 000,002,431 | ---- | M] () -- C:\Users\arathegreat\Desktop\Numerology.lnk
[2012/01/31 18:57:25 | 000,122,368 | ---- | M] () -- C:\Users\arathegreat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/31 18:25:52 | 000,017,112 | ---- | M] () -- C:\Users\arathegreat\Documents\Anek.reg
[2012/01/31 18:23:50 | 000,035,399 | ---- | M] () -- C:\Windows\cdrom.inf
[2012/01/30 02:33:50 | 002,342,912 | ---- | M] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/01/30 02:33:50 | 000,032,768 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/01/30 02:33:49 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/01/25 10:17:14 | 000,002,077 | ---- | M] () -- C:\Users\arathegreat\Desktop\Google Chrome.lnk
[2012/01/25 10:17:14 | 000,002,039 | ---- | M] () -- C:\Users\arathegreat\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/21 23:44:42 | 000,435,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/20 05:54:17 | 000,007,364 | ---- | M] () -- C:\Users\arathegreat\Documents\110.jpg
[2012/01/17 01:04:56 | 000,708,469 | ---- | M] () -- C:\Users\arathegreat\Documents\Thirteen Reasons Why - Jay Asher.pdf
[2012/01/06 04:52:57 | 000,021,504 | -H-- | M] () -- C:\Users\arathegreat\Documents\photothumb.db
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\arathegreat\Documents\*.tmp files -> C:\Users\arathegreat\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/02 19:03:58 | 000,001,629 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/01/31 18:25:52 | 000,017,112 | ---- | C] () -- C:\Users\arathegreat\Documents\Anek.reg
[2012/01/31 18:23:49 | 000,035,399 | ---- | C] () -- C:\Windows\cdrom.inf
[2012/01/30 02:33:19 | 002,342,912 | ---- | C] () -- C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
[2012/01/30 02:33:19 | 000,032,768 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
[2012/01/30 02:33:19 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
[2012/01/20 05:54:12 | 000,007,364 | ---- | C] () -- C:\Users\arathegreat\Documents\110.jpg
[2012/01/17 01:04:32 | 000,708,469 | ---- | C] () -- C:\Users\arathegreat\Documents\Thirteen Reasons Why - Jay Asher.pdf
[2012/01/14 08:31:43 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/08/06 22:07:45 | 000,001,025 | ---- | C] () -- C:\Windows\System32\z93qvc4.dll
[2011/08/06 22:07:45 | 000,000,204 | ---- | C] () -- C:\Windows\System32\udmteci.dll
[2011/08/06 22:07:44 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2011/08/06 22:07:44 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2011/08/06 22:07:44 | 000,000,072 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2011/08/06 22:07:42 | 000,000,016 | -H-- | C] () -- C:\Windows\System32\vd23d61.dll
[2011/06/24 19:26:20 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011/06/24 18:46:40 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2011/06/02 02:04:48 | 000,087,608 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\inst.exe
[2011/06/02 02:04:48 | 000,007,887 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\pcouffin.cat
[2011/06/02 02:04:48 | 000,001,144 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\pcouffin.inf
[2011/06/02 01:48:15 | 000,001,189 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\vso_ts_preview.xml
[2011/05/29 01:26:36 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/05/29 01:26:36 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/02 00:13:19 | 000,002,446 | ---- | C] () -- C:\Users\arathegreat\AppData\Local\Media Holder.xml
[2010/11/17 04:52:02 | 000,000,024 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\arropof
[2010/10/29 16:08:52 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth2.dll
[2010/10/29 16:08:52 | 000,001,024 | ---- | C] () -- C:\Windows\System32\grcauth1.dll
[2010/10/29 16:08:52 | 000,000,100 | ---- | C] () -- C:\Windows\System32\prsgrc.dll
[2010/10/29 15:57:37 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010/10/29 15:57:37 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010/10/28 06:23:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/08 23:48:13 | 000,004,096 | -H-- | C] () -- C:\Users\arathegreat\AppData\Local\keyfile3.drm
[2010/07/25 19:10:48 | 000,004,251 | ---- | C] () -- C:\Windows\CDMed.ini
[2010/05/10 09:22:45 | 000,000,021 | ---- | C] () -- C:\Windows\CCPATH.INI
[2010/05/10 09:06:59 | 000,000,052 | ---- | C] () -- C:\ProgramData\merlin.ini
[2010/05/05 09:07:07 | 000,000,411 | ---- | C] () -- C:\Windows\BusinessTranslator.ini
[2010/05/02 20:46:41 | 000,000,059 | ---- | C] () -- C:\Windows\wpd99.drv
[2010/05/02 20:46:40 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2010/04/12 04:58:59 | 000,000,026 | ---- | C] () -- C:\Windows\pdf2ppt.INI
[2009/12/31 10:25:35 | 004,714,528 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/12/01 09:10:03 | 000,000,197 | ---- | C] () -- C:\Windows\4IN1.INI
[2009/12/01 09:08:41 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009/10/30 08:55:26 | 000,000,000 | ---- | C] () -- C:\Users\arathegreat\AppData\Roaming\tempSubscr.xml
[2009/10/26 05:42:50 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI
[2009/10/12 01:11:29 | 000,004,212 | -H-- | C] () -- C:\Windows\System32\zllictbl.dat
[2009/09/17 01:52:15 | 000,000,023 | ---- | C] () -- C:\Windows\hdsconv.ini
[2009/08/29 06:25:47 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/28 05:52:44 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dll
[2009/08/17 06:51:09 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2009/08/06 10:24:21 | 000,122,368 | ---- | C] () -- C:\Users\arathegreat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/24 07:09:12 | 000,000,412 | ---- | C] () -- C:\Windows\MagicTranslator.ini
[2009/07/21 08:20:13 | 000,106,496 | ---- | C] () -- C:\Windows\System32\MUSGEN10.DLL
[2009/07/21 08:20:13 | 000,087,040 | ---- | C] () -- C:\Windows\System32\PG200.DLL
[2009/07/21 08:20:11 | 000,118,784 | ---- | C] () -- C:\Windows\System32\MP3DEC.DLL
[2009/07/20 00:19:55 | 000,001,356 | ---- | C] () -- C:\Users\arathegreat\AppData\Local\d3d9caps.dat
[2007/05/30 21:50:18 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/05/30 21:50:18 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/05/30 21:50:18 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/05/30 21:50:18 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/05/30 21:50:18 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/05/30 21:50:18 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/05/30 21:40:01 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007/05/30 21:34:19 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/05/30 21:15:04 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007/05/30 21:15:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007/05/30 21:15:04 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007/05/30 21:15:04 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007/05/30 20:09:18 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/04/17 16:44:28 | 000,266,240 | ---- | C] () -- C:\Windows\System32\EMSC.DLL
[2006/12/05 20:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 20:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 20:47:37 | 000,435,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 18:33:01 | 007,855,420 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 18:33:01 | 003,857,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 18:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 18:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 18:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 16:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 16:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 15:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 15:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 15:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/01/08 21:53:24 | 000,005,120 | ---- | C] () -- C:\Windows\System32\hash2.dll
[2005/07/23 04:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2010/08/30 18:11:48 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\.instantjchem
[2009/12/30 09:09:18 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Advanced Chemistry Development
[2011/08/08 02:08:25 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\advantage
[2012/01/31 20:48:28 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Audacity
[2011/08/24 22:58:53 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Avanquest
[2009/12/31 10:31:03 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\BSplayer PRO
[2011/05/17 16:10:01 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Camfrog
[2011/12/12 00:49:55 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Canon
[2010/08/30 18:27:30 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\ChemAxon
[2011/05/31 18:21:24 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Chikka Messenger
[2009/07/24 07:13:47 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\DarkWave Studio
[2010/07/10 21:53:39 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Design Science
[2009/08/01 09:06:09 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\DMCache
[2012/01/30 03:35:00 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Downloaded Installations
[2009/07/20 01:43:24 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\FileMaker
[2011/10/31 07:55:42 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\FreeBurner
[2011/08/02 19:46:26 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Get from YouTube
[2012/01/31 16:08:46 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\GetRightToGo
[2009/07/31 07:14:06 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Haihaisoft
[2010/08/12 00:35:47 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Haihaisoft Universal Player
[2009/08/28 06:05:41 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\iolo
[2009/07/21 07:48:25 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\IsolatedStorage
[2009/07/24 07:18:35 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\NCH Swift Sound
[2011/08/25 00:07:20 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\PC Speed Maximizer
[2010/08/04 22:43:13 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Photo2Sketch
[2012/01/30 02:10:46 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\PhotoScape
[2011/11/02 23:49:26 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Power Sound Editor Free
[2011/02/05 12:20:27 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\SMART Technologies
[2011/02/05 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\SMART Technologies Inc
[2009/07/21 07:47:00 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Symyx
[2009/07/24 07:22:15 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\TeamViewer
[2012/01/30 02:10:46 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\TheSage
[2011/09/16 01:02:58 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Thinstall
[2012/01/30 02:23:51 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\toshiba
[2011/08/22 21:32:41 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\TuneUp Software
[2010/05/02 08:53:21 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\uTorrent
[2011/06/02 04:57:44 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Vso
[2010/09/28 09:45:54 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Windows Live Writer
[2010/02/28 01:34:22 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\XemiComputers
[2011/06/19 22:02:20 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\Xilisoft
[2011/09/12 05:04:44 | 000,000,000 | ---D | M] -- C:\Users\arathegreat\AppData\Roaming\YCanPDF
[2011/07/06 21:12:06 | 000,000,546 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2011/07/06 16:02:04 | 000,000,546 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2012/02/01 15:41:11 | 000,000,930 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000Core.job
[2012/02/02 19:25:11 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1517462228-4292893993-3852897684-1000UA.job
[2012/02/02 15:42:26 | 000,032,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C176AF6C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >


Extras.Txt

OTL Extras logfile created on: 2/2/2012 8:08:31 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\arathegreat\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy

764.56 Mb Total Physical Memory | 143.63 Mb Available Physical Memory | 18.79% Memory free
1.76 Gb Paging File | 0.63 Gb Available in Paging File | 35.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58.59 Gb Total Space | 10.70 Gb Free Space | 18.27% Space Free | Partition Type: NTFS
Drive E: | 51.73 Gb Total Space | 50.94 Gb Free Space | 98.47% Space Free | Partition Type: NTFS

Computer Name: ARATHEGREAT-PC | User Name: arathegreat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1517462228-4292893993-3852897684-1000]
"EnableNotificationsRef" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08A3E914-CA2C-4AAE-BCD9-187C4BB0AA0D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{15D2E735-93BF-47C5-A063-D391497161B1}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{1ADC9325-2839-4B34-8AE3-958D6D9819DF}" = rport=139 | protocol=6 | dir=out | app=system |
"{26400170-95AD-4631-821F-A0FF54C8AAA1}" = lport=137 | protocol=17 | dir=in | app=system |
"{2E01A256-E6F0-4960-A973-E2000ADD7C23}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{3519B82C-CE83-466C-91C7-BB61A08EA3D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{46970C24-626D-482F-9BA5-84267DE3DF19}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
"{478CB3DD-C58D-45C9-85DD-0AB229BEFC8A}" = rport=445 | protocol=6 | dir=out | app=system |
"{560B529E-A689-4AE9-B7E1-99A2316ACDA7}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{621A55D3-4A98-482F-A880-F6536883B4DD}" = rport=1723 | protocol=6 | dir=out | app=system |
"{6E236446-5EB5-4808-AD1F-4E62CD36F9B0}" = rport=5357 | protocol=6 | dir=out | app=system |
"{74EA7C6A-7890-403A-A4C5-CA5EDF5CFB3B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{77889E08-3F4E-4CB8-B6D1-6C25465E0569}" = lport=1723 | protocol=6 | dir=in | app=system |
"{89DAA907-A7F2-4D6C-9858-9CB27C714846}" = lport=1701 | protocol=17 | dir=in | app=system |
"{903BA0BD-C9B7-4FEB-B48E-CC629B588E96}" = lport=5357 | protocol=6 | dir=in | app=system |
"{9F36B1F1-10A0-4141-90C0-7E05F3064480}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{AB64D442-EC9D-4243-A644-29181C3AADED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ADEDB86F-2332-4605-9364-F0C902725DB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEA1175E-8ED4-4519-BBE2-00B92EEA4592}" = rport=138 | protocol=17 | dir=out | app=system |
"{AF40054D-6305-4616-9E7A-ACFCC73989DE}" = lport=88 | protocol=6 | dir=in | name=broadwave audio streaming server web server |
"{B63BDB76-F0BB-40F8-9198-231CC713CD19}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B92200F1-E010-428C-8633-0FE3006A4E82}" = lport=445 | protocol=6 | dir=in | app=system |
"{C148AB8C-C1C4-4373-92E7-863C413476D0}" = lport=5358 | protocol=6 | dir=in | app=system |
"{C29519D4-9E41-44DC-88FC-7D919E5C5A86}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{C32415B3-B18C-40C9-B1B8-A1FD8C659126}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C6FE3A96-CB19-4BBF-B41B-5A3660C62FD6}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{C7E408DF-9E4E-4045-98F5-7E32587222E0}" = rport=5358 | protocol=6 | dir=out | app=system |
"{C8404663-231B-4179-986D-D8C3DC6142EA}" = lport=2178 | protocol=6 | dir=in | app=system |
"{D5BBB1C1-29FF-41FE-B692-94F4380C63D2}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{D6820428-AA27-45E1-969C-E8787CAD849F}" = lport=139 | protocol=6 | dir=in | app=system |
"{DCD51B16-C62F-40D6-B13B-3B52654EBC92}" = lport=138 | protocol=17 | dir=in | app=system |
"{E3B5E750-0714-4D10-BBC5-27FED69B5F22}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E3F9667E-E9B4-407A-98CF-5CF9A9E850FA}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{EA47EE40-1886-4D28-B1AC-BA7D61B4C5DC}" = rport=1701 | protocol=17 | dir=out | app=system |
"{EDA821DC-E523-4AC7-9BAA-927428AFCEF4}" = rport=137 | protocol=17 | dir=out | app=system |
"{EFC76FFF-B983-41FC-BD01-63C1B05D6CEE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F228D547-4981-42AC-A84D-26BF9561F845}" = lport=4100 | protocol=17 | dir=in | name=upnp router control port |
"{F84EAABB-C915-4E22-A681-6A01C3972089}" = rport=2178 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026EFE78-2B95-485F-AFC8-FDD27E2362A9}" = dir=in | app=c:\users\arathegreat\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{03BD6F02-6CEE-4848-BAD8-D1D10A8E3382}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0DE4BD93-9171-4B15-96D8-6358FA7B8008}" = protocol=58 | dir=in | [email protected],-28545 |
"{16A389F7-C752-4538-BDEB-BE808D8D7F21}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{2DB059FF-CFBC-4A5B-9567-71D98B547C00}" = protocol=6 | dir=out | app=system |
"{32B3C20B-9DAC-4D89-8712-39665102A55E}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{39477974-B0E6-4D41-9A58-A269047AF952}" = protocol=58 | dir=in | [email protected],-28545 |
"{469F9940-7CB5-49B5-89C3-99FCB91C45F1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{50F77B34-05CC-49BC-8A5D-14A4E5A664E0}" = protocol=58 | dir=out | [email protected],-28546 |
"{5AC26C48-2AB3-4EDF-903C-EE4BFBFFA79E}" = protocol=1 | dir=out | [email protected],-28544 |
"{6A432C88-49D5-4590-84A9-4A7C0DBA74A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{791F161E-C6B7-46B5-9479-41314C1D10B6}" = protocol=1 | dir=in | [email protected],-28543 |
"{7DBA5B9D-3D7A-498B-BDCB-FCEF5BB00D42}" = protocol=1 | dir=out | [email protected],-28544 |
"{85828019-EFF6-4280-AA1E-24D498D1CC15}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{8C792CA9-6A7F-494B-9B0B-AACF35343829}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{917901D9-1DD3-4ED2-BF03-8A91D9E39B82}" = protocol=1 | dir=in | [email protected],-28543 |
"{96F1C5D2-D01C-4C22-A1A2-FB234E06C0D6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9C493A1E-C96F-41F6-8C4E-ABD96AE33C3A}" = protocol=58 | dir=out | [email protected],-28546 |
"{A023AF98-F626-43B4-9EF9-079DB3EB6949}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{A970AE7E-3652-4C3A-B262-BBC27EB72C01}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{ACEEB131-A5D9-4650-899D-0495851E363E}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
"{B550A4B5-CF73-4012-BBA5-E11EBAF2DC45}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{C23A0E69-4FD7-4A5F-89EC-9C0805010B1F}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
"{DEA3D410-E3BC-405A-BAFA-DA78C5D9E5FF}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
"{E873F0FF-E718-4C0E-AE92-BE287EE39582}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
"{EFC5EFE5-4A33-41F4-A1E3-8E9852BDE678}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{01A25F7F-A089-4D87-8DAA-CA3103A46B39}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
"TCP Query User{1C5F8C5A-03E7-43C5-925C-B5C2ADCBBD1E}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{39C0C301-4A8D-4100-8593-4D480925C4B8}C:\users\arathegreat\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\arathegreat\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{4270E70A-B50D-4C7E-8A5F-847CA1798286}C:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe |
"TCP Query User{4AD38593-358E-4C08-9B30-E20A498D29CF}C:\program files\cambridgesoft\chemoffice2008\chemfinder\cfword11.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\cfword11.exe |
"TCP Query User{5353A5E9-E988-4BE2-85E2-D0DD2B990BA1}C:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe |
"TCP Query User{5A3DC0E9-2F72-4541-9827-8BD41BB72875}C:\Program Files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe |
"TCP Query User{5C679E45-1D1E-40EA-81A0-06EF5C0D2214}C:\windows\system32\dwm.exe" = protocol=6 | dir=in | app=c:\windows\system32\dwm.exe |
"TCP Query User{611BFDE7-73DC-42AF-B12A-5E3BB72C3EBF}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{86AD9161-D537-4CDE-A090-E599A0A83127}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{9775715F-49D6-4916-B026-AE26450AC8A0}C:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe |
"TCP Query User{99E2AE81-8686-4A62-B02E-A81A2EFB6342}C:\users\arathegreat\appdata\roaming\thinstall\virtual chemistry lab 2.0\4000003d200003i\mysqld.exe" = protocol=6 | dir=in | app=c:\users\arathegreat\appdata\roaming\thinstall\virtual chemistry lab 2.0\4000003d200003i\mysqld.exe |
"TCP Query User{AC8EA137-E389-400D-9A82-39581024C4D0}G:\ice.exe" = protocol=6 | dir=in | app=g:\ice.exe |
"TCP Query User{B90D8595-B427-4B98-B4EB-BFA487880ECF}C:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe |
"TCP Query User{B94C2AFA-615A-4EF6-B075-32B86BD40ACC}C:\Program Files\VideoLAN\VLC\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{BD198113-7894-400F-B149-6AB4F095901F}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=6 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
"TCP Query User{D5743438-165D-432A-9D30-5D76B6FD6DD1}C:\program files\microsoft office\office12\winword.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\winword.exe |
"TCP Query User{E2437935-CEAF-4093-B2BB-6AE952933724}C:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe" = protocol=6 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe |
"UDP Query User{02BBF677-82E4-4D2E-B1EE-35333D75A750}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{2738A7A8-F43E-4E2C-9ED0-368B0244306B}C:\windows\system32\dwm.exe" = protocol=17 | dir=in | app=c:\windows\system32\dwm.exe |
"UDP Query User{3F1BAB7B-4CAD-4A03-815E-0D89BF68E729}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
"UDP Query User{409A6265-B726-49E7-A18E-219F6009A171}C:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe |
"UDP Query User{4F126A89-98D7-4574-AEA3-52D5667AF09A}C:\program files\cambridgesoft\chemoffice2008\chemfinder\cfword11.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\cfword11.exe |
"UDP Query User{57048BF2-0A86-4A04-B04B-74C527C9BB14}C:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe |
"UDP Query User{5BCFBACE-5ECF-43E1-B718-4997AE898CD6}C:\users\arathegreat\appdata\roaming\thinstall\virtual chemistry lab 2.0\4000003d200003i\mysqld.exe" = protocol=17 | dir=in | app=c:\users\arathegreat\appdata\roaming\thinstall\virtual chemistry lab 2.0\4000003d200003i\mysqld.exe |
"UDP Query User{5EDAB6C6-B8C5-4FF9-A801-41AF2616C8C3}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{6579623A-6C8A-47AE-B1D2-8C66BA8B97AB}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{7A31D667-71DA-44AB-8FEE-EB0FBA10C728}C:\Program Files\VideoLAN\VLC\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{8CA9C92C-CDC8-4C5F-8A16-186F0CA53F3F}G:\ice.exe" = protocol=17 | dir=in | app=g:\ice.exe |
"UDP Query User{9630F2A4-A2AF-484A-9941-3B6058AA5B0C}C:\users\arathegreat\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\arathegreat\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{A7BFB827-C686-4D3C-940F-13122E7FFF65}C:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe |
"UDP Query User{ACFCB367-EE4F-4491-B024-8F1A21ED2A88}C:\program files\spacialaudio\sambc\sambc.exe" = protocol=17 | dir=in | app=c:\program files\spacialaudio\sambc\sambc.exe |
"UDP Query User{B9118695-4A98-403C-B09E-04C8284128F3}C:\Program Files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemfinder\chemfinder.exe |
"UDP Query User{D320C397-5347-4983-919E-3EBE15900FF9}C:\program files\microsoft office\office12\winword.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\winword.exe |
"UDP Query User{DBFE5394-A8F1-4F25-8DA0-CAB807DC845B}C:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chem3d\chem3d.exe |
"UDP Query User{FE4BDE9D-C09A-4F8E-AA8D-DB814C6E01E6}C:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe" = protocol=17 | dir=in | app=c:\program files\cambridgesoft\chemoffice2008\chemdraw\chemdraw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01D190D9-B876-48C1-BD5B-FE8247DDBE40}" = ArgusLab
"{022DA2C3-81C7-4003-A6BC-1BB147B20097}" = SuppSoft
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228F6876-A313-40A3-91C0-C3CBE6997D09}" = GearDrvs
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{25408622-A432-4532-A784-1EC9413CB898}" = The Merck Index
"{259A1B71-CA82-4A92-8178-A7FFF58E9853}" = CambridgeSoft ChemBioOffice Ultra 2008
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 24
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3F32058A-343A-4C16-BD1B-BE35E9A42352}" = RZ DVD Creator
"{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}" = Norton 360
"{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{49B85E35-3C56-4420-9A0A-D125348A2D7F}" = TOSHIBA Supervisor Password
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7EEB72E4-2150-49F8-BC51-B63AF7B9E2F2}" = GEAR driver installer 4.019
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B81CF96-0223-40E9-B6E7-1461F450B605}" = TOSHIBA Hardware Setup
"{90120000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2007
"{90120000-0015-0000-0000-0000000FF1CE}_Access_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0000-0000-0000000FF1CE}_Access_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_Access_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0000-0000-0000000FF1CE}" = Microsoft Office Excel 2007
"{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_EXCEL_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0000-0000-0000000FF1CE}" = Microsoft Office PowerPoint 2007
"{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_POWERPOINT_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007
"{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0000-0000-0000000FF1CE}_PUBLISHER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PUBLISHER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0000-0000-0000000FF1CE}_WORD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_Access_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_EXCEL_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_POWERPOINT_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PUBLISHER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WORD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_Access_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_EXCEL_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_POWERPOINT_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PUBLISHER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WORD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_Access_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_EXCEL_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_POWERPOINT_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PUBLISHER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WORD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0FD405D3-CAF8-4CA6-8BFD-911D2F8A6585}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{519D9F45-CBF4-4E57-B419-11F196CCA8AE}" = Microsoft Office Visio 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_Access_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_POWERPOINT_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PUBLISHER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_Access_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_EXCEL_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_POWERPOINT_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PUBLISHER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_Access_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92B1B3CC-EC78-45B8-96D0-8B3F11495864}" = Symantec Technical Support Controls
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
"{B37CB42D-3E55-4A88-979D-5F5F2750834E}" = Numerology by Yves Pflieger ENG
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{BECEF2E4-0B0B-461A-AE80-CC569F028303}" = Symyx Draw
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.57
"AAA Logo 3.10 Business_is1" = AAA Logo Business Edition 3.10
"Access" = Microsoft Office Access 2007
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast" = avast! Internet Security
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DSMT6" = MathType 6
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EXCEL" = Microsoft Office Excel 2007
"FBDBServer_2_5_is1" = Firebird 2.5.0.26074 (Win32)
"GOM Player" = GOM Player
"HijackThis" = HijackThis 2.0.2
"InstallShield_{259A1B71-CA82-4A92-8178-A7FFF58E9853}" = CambridgeSoft ChemBioOffice Ultra 2008
"InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"InstallShield_{49B85E35-3C56-4420-9A0A-D125348A2D7F}" = TOSHIBA Supervisor Password
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{8B81CF96-0223-40E9-B6E7-1461F450B605}" = TOSHIBA Hardware Setup
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PhotoScape" = PhotoScape
"POWERPOINT" = Microsoft Office PowerPoint 2007
"PRJPRO" = Microsoft Office Project Professional 2007
"PUBLISHER" = Microsoft Office Publisher 2007
"SAM3" = SAM Broadcaster v4
"SHOUTcast" = SHOUTcast DNAS Server v2
"SiS VGA Utilities" = SiS VGA Utilities
"Smart Bro" = Smart Bro
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SymSetupTemp.{2D617065-1C52-4240-B5BC-C0AE12157777}" = Norton 360
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TheSage" = TheSage
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 1.1.11
"WinDjView" = WinDjView 1.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WORD" = Microsoft Office Word 2007
"xvid" = Xvid MPEG-4 Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chikka Messenger" = Chikka Messenger
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2011 3:19:13 PM | Computer Name = arathegreat-PC | Source = Application Error | ID = 1000
Description = Faulting application ChemDraw.exe, version 7.0.1.898, time stamp 0x3c640a6a,
faulting module kernel32.dll, version 6.0.6000.16820, time stamp 0x49952034, exception
code 0xe06d7363, fault offset 0x0001b09e, process id 0x14e0, application start time
0x01cbcc6ab1563e51.

Error - 2/15/2011 1:07:44 AM | Computer Name = arathegreat-PC | Source = WerSvc | ID = 5007
Description =

Error - 2/15/2011 1:09:23 AM | Computer Name = arathegreat-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 2/16/2011 1:48:40 PM | Computer Name = arathegreat-PC | Source = WerSvc | ID = 5007
Description =

Error - 2/16/2011 1:50:48 PM | Computer Name = arathegreat-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 2/16/2011 5:48:27 AM | Computer Name = arathegreat-PC | Source = WerSvc | ID = 5007
Description =

Error - 2/16/2011 5:49:20 AM | Computer Name = arathegreat-PC | Source = SecurityCenter | ID = 3
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error - 2/16/2011 6:16:52 AM | Computer Name = arathegreat-PC | Source = LoadPerf | ID = 3012
Description =

Error - 2/16/2011 6:16:52 AM | Computer Name = arathegreat-PC | Source = LoadPerf | ID = 3011
Description =

Error - 2/16/2011 6:18:00 AM | Computer Name = arathegreat-PC | Source = RasClient | ID = 20227
Description =

[ Media Center Events ]
Error - 10/9/2011 7:56:29 AM | Computer Name = arathegreat-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ OSession Events ]
Error - 7/15/2010 11:02:56 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 350 seconds with 300 seconds of active time. This session ended with a crash.

Error - 7/15/2010 11:03:36 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 20 seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/15/2010 11:04:41 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 45 seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/15/2010 11:05:01 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/21/2010 6:54:00 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 582
seconds with 540 seconds of active time. This session ended with a crash.

Error - 8/11/2010 4:28:19 PM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 261
seconds with 240 seconds of active time. This session ended with a crash.

Error - 8/27/2010 1:09:52 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 17764 seconds with 14580 seconds of active time. This session ended with
a crash.

Error - 9/12/2011 4:20:10 PM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6557.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9/13/2011 2:48:52 PM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 0 seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/22/2012 10:56:53 AM | Computer Name = arathegreat-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2767
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/2/2012 12:59:48 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 12:59:48 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 12:59:48 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 12:59:48 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 12:59:48 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 2/2/2012 3:45:31 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 3:45:31 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 3:45:31 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 3:45:31 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2012 3:45:31 AM | Computer Name = arathegreat-PC | Source = Service Control Manager | ID = 7026
Description =

[ TuneUp Events ]
Error - 7/8/2011 4:19:24 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2011 2:59:37 AM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/11/2011 2:59:37 AM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/30/2011 4:19:33 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 7/30/2011 4:19:34 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 8/3/2011 6:41:56 AM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 8/3/2011 6:41:57 AM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 8/6/2011 1:01:21 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 8/6/2011 2:11:20 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 8/6/2011 2:11:22 PM | Computer Name = arathegreat-PC | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP