Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My 86 yr old dads pc w/ malware galore..ex vgrabber hijacker... [Solve


  • This topic is locked This topic is locked

#1
princessss

princessss

    Member

  • Member
  • PipPip
  • 95 posts
I have been trying to fix my fathers pc for a while now, he likes his games as he is 86 and retired. I have told him not to click on any of the allow to installs but... I guess it was too late. He has vgrabber, incredibar, searchnow, etc, which I have removed from the extensions and the registry, but which somehow keep adding themselves back. I am at this point pulling my hair out because I cannot figure out which programs are installing them, I cannot get rid of his games ( I want to live) and I don't know where to go from here. Here are my OTL and OTL extra logfiles.... Or his I should say. Any help would be appreciated as his computer is slow and glitchy and is about to have an aneurysm.



OTL logfile created on: 09/08/2012 1:27:13 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 4.71 Gb Available Physical Memory | 58.92% Memory free
15.98 Gb Paging File | 12.31 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.33 Gb Total Space | 638.79 Gb Free Space | 69.56% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.63 Gb Free Space | 20.11% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 13:26:20 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\Downloads\OTL.exe
PRC - [2012/07/11 02:05:12 | 000,107,520 | ---- | M] () -- C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
PRC - [2012/06/27 16:23:05 | 001,677,856 | ---- | M] (bProtector) -- C:\ProgramData\bProtectorForWindows\2.2.453.59\bProtect.exe
PRC - [2012/06/27 16:22:37 | 000,612,256 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2012/06/18 13:15:32 | 000,008,704 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2012/06/18 13:15:06 | 000,096,768 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012/03/21 19:02:24 | 004,862,384 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/27 20:27:11 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe
PRC - [2010/11/20 07:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2007/05/22 16:33:36 | 003,297,280 | ---- | M] (Webshots.com) -- C:\Program Files (x86)\Webshots\Webshots.scr
PRC - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/09 12:04:04 | 000,254,976 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\plugins\npDefaultTabSearch.dll
MOD - [2012/08/09 12:04:01 | 000,133,632 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
MOD - [2012/08/09 12:04:01 | 000,057,344 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
MOD - [2012/08/07 01:43:40 | 000,442,392 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/07 01:43:39 | 012,235,800 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/07 01:43:37 | 003,997,720 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/07 01:42:21 | 000,526,872 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\libglesv2.dll
MOD - [2012/08/07 01:42:20 | 000,104,984 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\libegl.dll
MOD - [2012/08/07 01:42:09 | 000,144,424 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/07 01:42:08 | 000,266,792 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/07 01:42:07 | 002,480,680 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012/06/27 18:38:52 | 000,531,968 | ---- | M] () -- C:\Users\user\AppData\Roaming\BabylonToolbar\CR\BUSolution.dll
MOD - [2012/06/27 16:23:05 | 002,008,096 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll
MOD - [2011/10/28 09:27:12 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvcPS.dll
MOD - [2011/10/27 20:27:11 | 000,623,912 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMediaLibrary.dll
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/04/05 21:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/12/13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/03 06:06:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/11 02:05:12 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2012/07/10 13:01:41 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/27 16:23:05 | 001,677,856 | ---- | M] (bProtector) [Auto | Running] -- C:\ProgramData\bProtectorForWindows\2.2.453.59\bProtect.exe -- (bProtector)
SRV - [2012/06/27 16:22:37 | 000,612,256 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012/06/18 13:15:32 | 000,008,704 | ---- | M] (Microsoft) [Auto | Running] -- C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2012/06/18 13:15:06 | 000,096,768 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/05/18 04:00:24 | 000,563,200 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe -- (DefaultTabSearch)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011/08/11 20:03:00 | 000,630,584 | ---- | M] (FixBee., (www.fixbee.com)) [Auto | Stopped] -- C:\Program Files (x86)\FixBee\FBDefragSrv64.exe -- (FBDiskOptimizer)
SRV - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 20:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/10 22:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/11/24 00:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/16 08:35:58 | 000,054,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/09/08 20:08:36 | 000,090,096 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/08 23:00:20 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 16:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010/12/13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/01 20:21:08 | 000,118,400 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ezplay.sys -- (ezplay)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/04 23:20:26 | 000,015,360 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HP8207_8307.sys -- (HP8207_8307)
DRV:64bit: - [2010/01/21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 02:03:10 | 000,026,624 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps)
DRV:64bit: - [2010/01/21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/12/13 20:00:03 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/10/09 22:22:42 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV:64bit: - [2009/07/14 13:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/30 22:24:40 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2009/06/29 04:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 05:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2008/07/26 16:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/09 10:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2010/11/22 09:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.sys -- (X5XSEx)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.funmood...AtC&cr=49326440
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://start.funmood...AtC&cr=49326440
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = http://www.searchqu....q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com/?fr=fp-tyc8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=66016
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - C:\Program Files (x86)\Game_Master_2.1\prxtbGam0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag....q={searchTerms}
IE - HKLM\..\SearchScopes\{1AB981B8-0495-FCC6-74E2-15F330F6256E}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://start.funmood...AtC&cr=49326440
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2408}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{AA74FE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2060826
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxap...q={searchTerms}
IE - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...2-966C5169B100}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://search.babylo...0002226822fa931
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.myfamily.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...q={searchTerms}
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - C:\Program Files (x86)\Game_Master_2.1\prxtbGam0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} - No CLSID value found
IE - HKCU\..\URLSearchHook: {3bbd3c14-4c16-4989-8366-95bc9179779d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {55d7c7bc-12a7-4f9b-81c0-600d9a182395} - No CLSID value found
IE - HKCU\..\URLSearchHook: {f9bbf004-6e40-4019-8214-c43a37e1d058} - No CLSID value found
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0002226822fa931
IE - HKCU\..\SearchScopes\{54B65AD8-052B-475A-A00A-1CB23DDA95CA}: "URL" = http://search.condui...&ctid=CT3018509
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGHP_en
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = playbryte/search/redirect/?type=default&user_id=b557466c-f0d9-4eee-84bc-63df988b8036&query={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-21 13:08:12&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{C0448470-1295-4E96-B708-253A630728BA}: "URL" = http://websearch.ask...DB-9604E7A76A76
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "midicairus Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...1648001&gct=hp"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..keyword.URL: ""http://search.condui...rchSource=2&q="
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mediaforge.com/MRP: C:\Windows\system32\npmirage.dll (XMLAuthor Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ [2012/08/08 02:59:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension [2012/06/27 16:23:06 | 000,000,000 | ---D | M]

[2012/07/05 01:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2009/12/14 23:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/08/08 12:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions
[2012/06/20 23:23:52 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012/08/04 19:36:58 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2012/08/03 16:29:55 | 000,000,000 | ---D | M] (Search Results Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{94366e2c-9923-431c-b0d6-747447dd0f2b}
[2012/01/16 02:58:51 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/05/18 02:59:13 | 000,000,000 | ---D | M] (Somoto Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{bb45ef8e-1e36-4535-a017-ec908fb1e335}
[2012/06/22 23:56:23 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2012/06/09 14:53:55 | 000,000,000 | ---D | M] (midicairus Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{efb1e45a-148d-40f9-a3f0-09d5577f9970}
[2012/03/01 15:46:46 | 000,000,000 | ---D | M] (midicairUSA Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{f3902028-4a21-4793-8e05-793e183d51c2}
[2012/05/23 22:12:33 | 000,000,000 | ---D | M] (A Free Ride Games Bar Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{f92a9fe4-2850-4198-b9d5-279880e49b16}
[2012/06/30 20:28:50 | 000,000,000 | ---D | M] (Vgrabber1 Community Toolbar) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\{f9bbf004-6e40-4019-8214-c43a37e1d058}
[2012/06/22 23:55:49 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/06/22 23:55:49 | 000,000,000 | ---D | M] (DownloadnSave) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/06/22 23:55:49 | 000,000,000 | ---D | M] (ADDICT-THING) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/05/30 14:50:39 | 000,000,000 | ---D | M] ("I Want This") -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/06/20 23:23:50 | 000,000,000 | ---D | M] ("Vid-Saver") -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/06/28 21:59:27 | 000,000,000 | ---D | M] ("Giant Savings") -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/08/06 23:38:55 | 000,000,000 | ---D | M] ("SavingsApp") -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/06/22 23:55:50 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/08/05 14:51:03 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions\[email protected]
[2012/07/13 19:26:10 | 000,002,343 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\askcom.xml
[2012/05/06 20:42:56 | 000,010,998 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\bProtect.xml
[2012/05/23 19:16:50 | 000,000,923 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\conduit.xml
[2012/05/18 01:05:37 | 000,001,797 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\funmoods.xml
[2012/06/22 19:58:29 | 000,000,478 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\GadgetBox.xml
[2012/01/31 08:20:08 | 000,002,013 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\myplaycity-search.xml
[2012/06/22 23:56:26 | 000,002,291 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\Search.xml
[2012/01/16 02:58:37 | 000,002,520 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\SearchResults.xml
[2012/06/17 19:54:49 | 000,003,969 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\sweetim.xml
[2012/06/22 23:56:26 | 000,000,942 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\yahoo.xml
[2012/06/23 00:03:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/30 14:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/05/14 22:34:48 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/05/14 22:34:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/01/29 17:09:19 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/10/30 11:21:52 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/12/16 16:14:50 | 000,002,067 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\blekkotb.xml
[2011/09/18 20:26:38 | 000,002,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/01/16 02:58:37 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...0002226822fa931
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Wajam (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\plugins/npDefaultTabSearch.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhepndnhfbdjmegechokkbabcphcihdi\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\user\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Coupon Alert Installer Plugin Stub (Enabled) = C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: XMLAuthor Inc. npmirage (Enabled) = C:\Windows\system32\npmirage.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.17.11_0\
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.19.19_0\crossrider
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.19.19_0\
CHR - Extension: DownloadnSave = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\biliocbkpfpckgidakfjgmbadmclilgd\1.0_0\
CHR - Extension: PriceGong = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.4_0\
CHR - Extension: Freemake Video Downloader = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\
CHR - Extension: General Crawler = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Babylon Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.5.1_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\funmoods\
CHR - Extension: Vgrabber1 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhepndnhfbdjmegechokkbabcphcihdi\2.3.15.10_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: DefaultTab = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\
CHR - Extension: ADDICT-THING = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkefpagpnkjffghcldgdbcgcmgaeamee\1.0_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.17.11_0\
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.19.19_0\crossrider
CHR - Extension: SavingsApp = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbohlimhkgnnphbdkghkbcjojoafohoa\1.19.19_0\
CHR - Extension: DownloadnSave = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\biliocbkpfpckgidakfjgmbadmclilgd\1.0_0\
CHR - Extension: PriceGong = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.4_0\
CHR - Extension: Freemake Video Downloader = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\
CHR - Extension: General Crawler = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Babylon Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.5.1_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\
CHR - Extension: Funmoods = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdloijijlkoblmigdofommgnheckmaki\1.6.0_0\funmoods\
CHR - Extension: Vgrabber1 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhepndnhfbdjmegechokkbabcphcihdi\2.3.15.10_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: DefaultTab = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\
CHR - Extension: ADDICT-THING = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkefpagpnkjffghcldgdbcgcmgaeamee\1.0_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.11.0_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SavingsApp) - {11111111-1111-1111-1111-110011461139} - C:\Program Files (x86)\SavingsApp\SavingsApp.dll (215 Apps)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (Game Master 2.1 Toolbar) - {22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - C:\Program Files (x86)\Game_Master_2.1\prxtbGam0.dll (Conduit Ltd.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found.
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\iWin Games\iWinGamesHookIE.dll (iWin Inc.)
O2 - BHO: (Search Results Toolbar) - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - Reg Error: Value error. File not found
O2 - BHO: (PricePeep) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{26c9e18c-3717-4be1-a225-04e4471f5b6e} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{94366e2c-9923-431c-b0d6-747447dd0f2b} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{a0154e07-2b48-475c-a82a-80efd84ea33e} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{bb45ef8e-1e36-4535-a017-ec908fb1e335} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{f92a9fe4-2850-4198-b9d5-279880e49b16} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{f9bbf004-6e40-4019-8214-c43a37e1d058} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{26c9e18c-3717-4be1-a225-04e4471f5b6e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{94366e2c-9923-431c-b0d6-747447dd0f2b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{a0154e07-2b48-475c-a82a-80efd84ea33e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{bb45ef8e-1e36-4535-a017-ec908fb1e335} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{f92a9fe4-2850-4198-b9d5-279880e49b16} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{f9bbf004-6e40-4019-8214-c43a37e1d058} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.29.1\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~2\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Game Master 2.1 Toolbar) - {22DFBF5B-A7CD-4B25-9471-3DC68C71855F} - C:\Program Files (x86)\Game_Master_2.1\prxtbGam0.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SpeetItUpFree] "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe" File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Exetender] C:\Program Files (x86)\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [Media Finder] "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray File not found
O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\Launcher.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - Reg Error: Value error. File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra Button: WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : WPT Poker - {D85B4BE2-07C3-422f-ADE9-B1A2C7D25224} - Reg Error: Value error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} Reg Error: Value error. (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://msn.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (Reg Error: Key error.)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} Reg Error: Value error. (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A008FDED-0344-40D2-AC21-234D70E5A508}: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9476922-621B-49A4-8AD8-12EE84F91AB1}: DhcpNameServer = 64.71.255.198 64.71.255.253
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\toolbarchrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\toolbarchrome - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22453~1.59\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell - "" = AutoRun
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell\AutoRun\command - "" = F:\DigitalPhotoKeychain.EXE
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell - "" = AutoRun
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 13:27:25 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
[2012/08/09 11:57:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BF671325-B90B-47A6-8737-7B1A016E06EE}
[2012/08/08 23:56:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{33ADEC47-3AD9-4D98-A81F-06550E779582}
[2012/08/08 12:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/08 12:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/08/08 11:55:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D038258C-DDE1-4F1B-859C-4F3CE9ABBC10}
[2012/08/08 11:55:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6F4857CF-C03C-4300-883B-404342EB1AC3}
[2012/08/08 03:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
[2012/08/08 03:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2012/08/08 03:00:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/08/08 03:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2012/08/08 02:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012/08/08 02:59:26 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Freemake
[2012/08/08 02:59:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2012/08/08 02:59:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2012/08/08 02:59:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2012/08/08 02:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2012/08/07 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8ED38EF4-D7CA-4BE3-B9C1-9AF460C6B784}
[2012/08/07 10:35:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2C80771C-3FAA-4559-9EA2-31FA550A8258}
[2012/08/06 23:38:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SavingsApp
[2012/08/06 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SavingsApp
[2012/08/06 06:40:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4018D9C3-2361-4B17-87A4-9433E7B8C490}
[2012/08/06 06:40:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{347BC09F-45F5-4600-8747-94C60DD5A60A}
[2012/08/06 05:59:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{49117EED-5F77-4270-9D41-C7D10CC53A4A}
[2012/08/05 14:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/08/05 14:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\123 Free Solitaire
[2012/08/05 14:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2012/08/05 14:47:30 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\BabylonToolbar
[2012/08/05 14:47:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2012/08/05 14:47:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Wajam
[2012/08/05 14:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/08/05 14:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
[2012/08/05 14:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game_Master_2.1
[2012/08/05 07:47:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A8B8E377-CCD8-48B1-9785-B733F7BE3BCC}
[2012/08/05 07:47:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1C857769-A6C5-4593-81D7-8A8D21478253}
[2012/08/04 22:36:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4D0B5226-364B-4C2A-A7BA-0BEC5D3F46E6}
[2012/08/04 19:37:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playalot Games
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Playalot Games
[2012/08/04 19:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
[2012/08/04 19:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PriceGong
[2012/08/04 08:53:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{83929E67-2793-4BB0-B6FF-6981F2212E74}
[2012/08/03 17:36:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B3DCD321-C20D-412B-9343-460FE96C4CC2}
[2012/08/03 16:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Club Penguin
[2012/08/03 16:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\searchresults1
[2012/08/03 05:35:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C686FA77-6DAF-496F-AAA9-F112BD8A79BF}
[2012/08/02 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA158AD2-7105-4EF2-80B3-7244C5CBA8C9}
[2012/08/02 05:34:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A48A806E-49FB-411A-92CE-648C474C6818}
[2012/08/02 05:33:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B8BAB833-26B6-4207-BCDF-AD3CCE2DAD42}
[2012/08/01 18:53:10 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\DirectX_11_Technology_Update_US
[2012/08/01 17:33:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3608F219-1E2E-4165-BE7D-6F9FA004E24B}
[2012/08/01 17:32:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26A4BDF0-DF48-4A85-8147-3CC6322CC55B}
[2012/08/01 09:33:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EAC581C0-77DB-48E6-A868-36C31B8ABC95}
[2012/08/01 09:14:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6392FF2C-6ECD-4EF8-9272-DD281DD03031}
[2012/07/31 11:57:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6C17652A-E90F-4D44-B0BC-AF9B1E10E83A}
[2012/07/31 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8AEDCB04-C114-4F01-877C-BAE86294DA8D}
[2012/07/30 23:06:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BA170E37-3949-4409-9361-1745383B0A4C}
[2012/07/30 23:05:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{93E77A59-6C91-4BAF-BC8D-8B68E1004A93}
[2012/07/29 20:47:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6DFC6CFD-D891-4D8A-BC8F-BD4CF6AB1E6E}
[2012/07/29 20:47:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B2536FB1-8AA2-4FBF-9973-78427ED1BAD3}
[2012/07/29 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9D3D0F43-19D5-40A1-B707-EB8ACD93CA45}
[2012/07/28 14:50:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5A2C8232-4FC5-4A84-B566-CDA0264A65E6}
[2012/07/28 14:50:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{331332FA-5FE6-47C3-BB46-5D675BB83694}
[2012/07/27 23:03:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0C80FFF2-D36F-41BB-820E-6E472533D2DE}
[2012/07/27 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B07048C0-6179-4A22-ABBF-72D86E348CAB}
[2012/07/25 22:46:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{45A2B516-E61E-4CC6-86CB-F561F5B269F5}
[2012/07/25 22:45:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1E2FBA4D-06CD-4B20-8BEA-F42F79020773}
[2012/07/25 08:57:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{139243E8-EC0B-4B77-A383-52D797503A56}
[2012/07/25 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6AA803D3-6606-4035-B20F-EB5CE326F399}
[2012/07/24 08:33:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ED568EA5-DBEC-4BDF-8208-5A7B3E5E0F32}
[2012/07/24 08:32:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BBCBA218-7440-4C90-8307-BF80B065FB0E}
[2012/07/23 13:25:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5BF4C6C9-F599-4DB4-9CC8-09C1EF7187B4}
[2012/07/23 13:25:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{DE543902-BA4D-4557-93A1-95BF540EDE3A}
[2012/07/23 00:09:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{96409C9C-0512-4D53-9AB8-2F7A194A2EC8}
[2012/07/23 00:09:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0A52008B-1FED-4297-8178-6C1A67708692}
[2012/07/22 12:08:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1BEAE3DF-B137-4E22-96A2-FBA0D316E3DD}
[2012/07/22 12:08:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5EC335B7-A80F-4E2A-BCBC-729F2D8C90D2}
[2012/07/21 23:47:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BC4A2950-AB57-45EC-BE6D-93C2FB6F7C95}
[2012/07/21 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{152A7D4F-36A4-4625-999A-ACD14843DADB}
[2012/07/20 22:42:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7B7EF0AA-67A9-4DF0-9B75-BCBF17D22E92}
[2012/07/20 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CBB9D865-A627-4237-9CC1-EDECE6AFD9A2}
[2012/07/20 22:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/07/20 08:18:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E4BEC642-C01A-480D-B6C0-2F03062D048D}
[2012/07/20 08:18:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EB47AC1E-FE93-4566-91AD-3C6DC5096C43}
[2012/07/19 16:41:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F767D87F-349F-4AEA-BEA3-D935F32D53E9}
[2012/07/19 16:40:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9476A28E-C937-49F3-914D-4FFC3A8BDCDA}
[2012/07/19 14:37:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8DEA7C0D-40ED-462C-9AF6-3140FA532E39}
[2012/07/19 11:17:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7F1FE819-0F5E-4F62-AE28-F5E677840041}
[2012/07/18 22:23:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3FBC1C91-8F2D-4E0B-A8AA-4EACE74C1632}
[2012/07/18 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F14062AF-A608-42CC-AFDC-0226405AEBDB}
[2012/07/18 09:41:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA78DCDC-049C-4B0B-BE22-A9AD678A23AC}
[2012/07/18 09:40:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8E04FA7A-0571-4A99-B66D-5FCEE22B4EDF}
[2012/07/17 09:10:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D459B44D-FC1D-41A1-8735-1393720EEECA}
[2012/07/17 09:09:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A03B653B-9405-4194-BF06-261E9FB617C7}
[2012/07/16 11:30:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1A328891-5FE2-4F13-B4AD-3F7529F366C8}
[2012/07/16 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5B73CCF0-923E-4B82-A6A7-9DD1A29B472B}
[2012/07/15 23:12:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{14E2C30A-AEA6-4E0F-8940-848B98864BE4}
[2012/07/15 23:11:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26F66465-E121-4BBC-9E65-F8F44F9E6119}
[2012/07/15 19:39:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ABCCB4EA-607B-45A8-AC25-F7D19DB6102A}
[2012/07/14 23:00:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C2BDF00A-49B1-4949-A6CE-28713C6EE597}
[2012/07/14 23:00:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3052D6BB-FA31-485F-AC41-D76AE9E7236E}
[2012/07/14 07:53:35 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C826F85C-A703-4431-AF71-B208BE2C0F07}
[2012/07/13 16:26:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6A07A1CB-FC62-4B26-90A8-76E202D521BF}
[2012/07/13 16:25:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BF05C41F-9CA7-457E-915F-64D7918527C0}
[2012/07/12 21:14:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{04AD65B8-D254-41BA-B4A9-DF6127342214}
[2012/07/12 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{39CADCF4-9AB4-4770-98C1-6F1732645129}
[2012/07/12 16:35:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3191E3DA-597C-449E-A0E4-CB62607DAE24}
[2012/07/11 23:59:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5EE9016E-C50E-40BE-802C-DF969057D9DF}
[2012/07/11 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4919D847-628A-4C05-84CA-A665461C61DC}
[2012/07/11 10:33:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C896FD77-CB14-4FA3-B684-707257746E61}
[2012/07/11 10:33:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{77CA7CA1-7508-468B-96BD-76D3C621C75B}
[2012/07/11 02:13:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\MusicOasis
[2012/07/11 02:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicOasis
[2012/07/11 02:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DefaultTab
[2012/07/11 02:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2012/07/11 02:05:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\DefaultTab
[2012/07/11 02:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Sea App (Internet Explorer)
[2012/07/10 19:19:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\FixBee
[2012/07/10 19:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FixBee
[2012/07/10 19:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FixBee Disk Optimizer
[2012/07/10 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixBee
[2010/05/01 20:21:08 | 000,118,400 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\ezplay.sys
[2009/12/13 20:00:03 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/09 13:30:11 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000UA.job
[2012/08/09 13:30:11 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000Core.job
[2012/08/09 13:06:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/09 12:59:15 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/08 22:59:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/08 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/08/08 17:32:10 | 000,002,447 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2012/08/08 12:01:28 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 12:01:28 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/08 11:54:00 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/08/08 11:53:46 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/08 11:53:41 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/08/08 11:53:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/08 11:53:25 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/08 03:00:36 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/08 02:59:26 | 000,001,294 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk
[2012/08/06 23:45:06 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | M] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/06 05:58:28 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/08/05 14:51:58 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/05 14:47:35 | 000,005,282 | ---- | M] () -- C:\user.js
[2012/08/05 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2012/08/05 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\FB-Optimize.job
[2012/08/04 19:37:47 | 000,002,591 | ---- | M] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/08/03 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/07/29 00:20:29 | 000,001,191 | ---- | M] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2012/07/20 22:25:48 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/20 08:20:51 | 000,000,313 | ---- | M] () -- C:\Users\user\Desktop\Facebook.url
[2012/07/19 19:15:46 | 000,001,015 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2012/07/11 03:25:44 | 000,435,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/11 02:13:40 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\MusicOasis.lnk
[2012/07/10 20:38:50 | 000,003,528 | ---- | M] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2012/07/10 19:18:55 | 000,000,953 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FixBee Disk Optimizer.lnk
[2012/07/10 19:18:54 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\FixBee Disk Optimizer.lnk
[2012/07/10 19:00:42 | 000,118,400 | ---- | M] (VSO Software) -- C:\Users\user\AppData\Roaming\ezplay.sys
[2012/07/10 19:00:42 | 000,099,384 | ---- | M] () -- C:\Users\user\AppData\Roaming\inst.exe
[2012/07/10 19:00:42 | 000,007,833 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.cat
[2012/07/10 19:00:42 | 000,001,126 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.inf
[2012/07/10 19:00:42 | 000,000,125 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.ini
[2012/07/10 19:00:41 | 000,000,966 | ---- | M] () -- C:\Users\user\Desktop\BlindWrite 6.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/08 03:00:36 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/08 02:59:26 | 000,001,294 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Downloader.lnk
[2012/08/06 23:44:55 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | C] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/05 14:50:52 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/04 19:37:47 | 000,002,591 | ---- | C] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/07/20 22:25:48 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/11 02:13:40 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\MusicOasis.lnk
[2012/07/10 20:16:16 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\FB-Optimize.job
[2012/07/10 19:18:55 | 000,000,953 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FixBee Disk Optimizer.lnk
[2012/07/10 19:18:54 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\FixBee Disk Optimizer.lnk
[2012/07/10 19:00:41 | 000,000,966 | ---- | C] () -- C:\Users\user\Desktop\BlindWrite 6.lnk
[2012/06/18 16:04:26 | 000,008,112 | ---- | C] () -- C:\Program Files\Documents.one
[2012/05/31 13:01:36 | 000,031,470 | ---- | C] () -- C:\Users\user\AppData\Local\funmoods.crx
[2012/04/09 13:32:31 | 000,735,282 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/06 23:09:09 | 000,103,784 | ---- | C] () -- C:\Users\user\GoToAssistDownloadHelper.exe
[2012/04/05 20:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/05 20:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/01 15:24:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{57A828B4-A81A-49B2-A3A6-F6CC4A73413B}
[2012/03/01 15:23:09 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{E51CBA45-AF28-4B69-AA77-59C4179A1659}
[2012/03/01 15:21:50 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{A668062B-5AAE-4EBD-BCC8-4C1C11C2F891}
[2012/03/01 15:17:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DE1BEB81-75DA-4481-818D-4334473F5671}
[2012/03/01 15:14:44 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{03258BE5-DAA9-494C-978C-95C824978197}
[2012/03/01 15:10:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{96CA75C8-5216-449C-B8D7-7F5B90CABB54}
[2012/03/01 15:05:43 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{BD1DCF07-588C-45ED-B4DC-93F53CE5A309}
[2012/03/01 15:02:52 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{3A547FAE-812F-4772-9FB0-62C1D23C590B}
[2012/03/01 14:51:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DC2516E2-ABDB-43E1-8EFD-D61E6D9CAE94}
[2012/03/01 14:48:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{B8D9D4DD-37C3-4C5D-AEF8-67FBA61C00DB}
[2012/02/27 17:02:47 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CF01DEAA-0EF4-4345-9A6D-12F694C6B6F1}
[2012/02/27 17:02:14 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FD531313-B71A-46CC-920F-7AF1BA68EE9B}
[2012/02/27 17:00:38 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5A520BEE-9CA8-41D4-91AD-282892292FCE}
[2012/02/27 16:59:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AF174D73-1A40-45C3-93AD-C31B7B9DFEED}
[2012/02/27 16:49:16 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FFC76884-CB75-431F-8BD3-4F39B20D5E96}
[2012/02/27 16:48:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0FE7B42E-A2EA-4F89-B597-E954DA2885D2}
[2012/02/27 16:46:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{4E42CF1B-2C3B-480E-9A29-58F9763EEA32}
[2012/02/27 16:45:24 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{C31D8DDE-F8A6-4542-A014-2ED1760E74BC}
[2012/02/27 16:32:28 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5CE71378-C245-4430-8D25-8AC61D66E312}
[2012/02/27 16:31:40 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0C37097B-7502-4E4E-A092-A79332F8942A}
[2012/02/27 16:30:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CA0130D6-02DC-41FD-9FCD-B6056598B00B}
[2012/02/27 16:28:07 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DAE33DBD-A422-431E-BC57-BFF6D8D7B700}
[2012/02/27 16:20:53 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{474392D7-D851-429F-A451-A8BCF908DE1A}
[2012/02/27 16:19:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{992638EF-130D-4809-ABFF-2A864654F2AE}
[2012/02/27 16:17:22 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{59D181C7-E381-4525-A358-A076D4D82574}
[2012/02/27 16:10:19 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{1190E63A-32D3-4E57-83D0-43D494F1BEAD}
[2012/02/27 16:07:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{8F96BDB6-C993-4367-8E7E-2C6C7630213D}
[2012/02/27 16:05:12 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DCFAF58E-01AC-4319-95E9-5984C22B5D84}
[2012/02/27 15:49:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{967B580D-27E6-4CA2-A116-D5D056DC6AF2}
[2012/02/27 15:47:39 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{53CC8EB3-8985-4499-8823-BDF6129343EC}
[2012/02/27 15:46:13 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AE273F6B-1D7B-4472-B9C6-5199D7B3C427}
[2012/02/12 22:15:59 | 000,002,073 | ---- | C] () -- C:\Windows\unins001.dat
[2012/02/12 22:14:30 | 000,001,699 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/22 13:31:21 | 000,198,568 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/28 20:33:49 | 000,161,736 | ---- | C] () -- C:\Program Files (x86)\14res.dll
[2011/10/26 02:33:14 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/04/04 19:50:28 | 000,000,080 | ---- | C] () -- C:\Users\user\AppData\Roaming\EasyBejeweled.exe.ini
[2011/03/13 22:14:57 | 000,001,587 | ---- | C] () -- C:\Users\user\feb2006_xact_x86.inf
[2011/02/11 16:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/10/09 14:23:45 | 000,018,343 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.JPG
[2010/10/09 14:23:45 | 000,014,999 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.0
[2010/10/06 16:21:00 | 000,000,026 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/09/21 17:06:46 | 000,028,501 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png
[2010/08/06 09:42:24 | 000,003,603 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.3
[2010/08/06 09:42:22 | 000,003,549 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.2
[2010/08/06 09:42:19 | 000,003,577 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.1
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.JPG
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.0
[2010/05/02 15:13:57 | 000,087,775 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.JPG
[2010/05/02 15:13:41 | 000,356,635 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.0
[2010/05/01 20:21:08 | 000,007,833 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.cat
[2010/05/01 20:21:08 | 000,001,126 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.inf
[2010/05/01 20:21:08 | 000,000,125 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.ini
[2010/04/14 20:57:35 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.4
[2010/04/14 20:57:24 | 000,046,289 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.3
[2010/04/14 20:57:23 | 000,046,441 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.2
[2010/04/14 20:57:23 | 000,046,319 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.1
[2010/04/14 20:57:21 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.0
[2010/04/14 20:57:10 | 000,046,422 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.JPG
[2010/04/04 18:06:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\dm.ini
[2010/02/04 12:06:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 01:05:01 | 000,008,704 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 16:14:23 | 000,003,528 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2009/12/13 20:01:23 | 000,001,191 | ---- | C] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2009/12/13 20:00:03 | 000,099,384 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2009/12/13 20:00:03 | 000,007,859 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2009/12/13 20:00:03 | 000,001,167 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2009/12/10 11:33:43 | 000,007,618 | ---- | C] () -- C:\Users\user\AppData\Local\resmon.resmoncfg

========== LOP Check ==========

[2010/04/29 01:31:01 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2011/10/08 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\.minecraft
[2010/01/16 22:10:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AnvSoft
[2009/12/10 02:39:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Astro Gemini Software
[2012/03/13 00:49:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG
[2010/11/24 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG10
[2012/03/12 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2012
[2011/10/30 11:21:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Babylon
[2012/08/05 14:47:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BabylonToolbar
[2011/02/13 17:05:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canon
[2012/07/05 00:34:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CasinoOnNet
[2010/02/20 00:02:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/04 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2012/07/11 02:05:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DefaultTab
[2010/09/26 00:29:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dream Aquarium
[2010/04/24 19:12:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverCure
[2010/11/08 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverFinder
[2011/09/18 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DVDVideoSoft
[2012/05/23 22:16:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Exent Technologies
[2012/03/13 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Fanda Games
[2012/07/10 19:19:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FixBee
[2010/12/10 02:33:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FreeBurner
[2010/12/10 02:33:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FreeMoviesToDVD
[2012/01/17 21:27:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FreeVideoConverter
[2012/04/03 10:51:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\funkitron
[2012/04/25 17:09:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gaijin Ent
[2010/12/02 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
[2011/03/27 16:16:58 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GlarySoft
[2012/08/03 16:25:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Goodsol
[2011/10/02 10:04:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrabPro
[2011/06/14 13:15:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrassGames
[2011/09/21 15:40:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HideIPEasy
[2010/12/02 20:22:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InfraRecorder
[2012/06/13 21:32:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\iWin
[2010/04/04 22:31:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2009/12/16 12:59:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LimeWire
[2010/12/10 02:33:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\magentictb
[2012/07/05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Finder
[2012/06/29 00:46:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MOVAVI
[2011/03/31 16:11:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MP3Rocket
[2012/07/11 02:13:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MusicOasis
[2011/10/03 17:13:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\NewFreeScreensavers
[2012/08/08 02:59:35 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\OpenCandy
[2012/01/16 02:23:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Orbit
[2012/01/09 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ParetoLogic
[2012/07/06 22:57:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\pdfforge
[2010/09/21 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PeerNetworking
[2012/05/06 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PerformerSoft
[2010/04/20 17:20:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PrimoPDF
[2012/05/21 18:35:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Product_RM
[2011/10/02 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ProgSense
[2012/05/22 19:01:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Registry Mechanic
[2011/03/01 20:17:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\RegistryKeys
[2009/12/11 12:15:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ScanSoft
[2010/09/30 12:22:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Silver Creek Entertainment
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Spadester
[2012/01/08 18:36:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpeedyPC Software
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpinTop
[2012/06/22 15:21:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Systweak
[2010/01/08 16:15:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2009/12/10 02:40:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TERMINAL Studio
[2010/11/07 15:52:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Thinstall
[2011/10/02 13:42:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Tific
[2012/08/03 00:17:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TreeCardGames
[2010/02/11 20:09:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2012/08/08 03:01:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/05/07 13:54:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2012/08/08 02:55:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2012/07/29 00:20:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Vso
[2010/09/26 00:03:08 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Webshots
[2010/07/24 20:40:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2010/03/30 19:16:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Western Software Technologies
[2009/12/13 10:23:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinBatch
[2011/01/23 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer
[2012/08/08 11:53:46 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/08/05 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\FB-Optimize.job
[2012/08/08 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012/08/06 05:58:28 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2012/08/03 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/08/05 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(23).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(54).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(75).TXT
[2011/12/14 19:26:51 | 000,032,708 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:8842A96D
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:7149F3EF
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:C5E4F943
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:2913008E
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:55422315
@Alternate Data Stream - 159 bytes -> C:\ProgramData\Temp:D2F157E3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:F8D65F32
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:F49E02D5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:958399A2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:B683AD23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:290A724C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:57DC3B52
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:06E98522
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:8A99591C
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:69148568
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:627359BA
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C7F04040
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:0459F5AC
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7B13EE36
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:2EF63291

< End of report >

OTL Extras logfile created on: 09/08/2012 1:27:13 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 4.71 Gb Available Physical Memory | 58.92% Memory free
15.98 Gb Paging File | 12.31 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.33 Gb Total Space | 638.79 Gb Free Space | 69.56% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.63 Gb Free Space | 20.11% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop
"C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C853DC5-961C-4997-8D78-D3BAF2A3F594}" = lport=49176 | protocol=6 | dir=in | name=akamai netsession interface |
"{120F0563-7CD0-4A10-A676-5524359B9274}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{269A9ECD-8FA8-4C52-8E83-9677674284D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{2C0363B4-CC7E-4363-BC16-EF97319CC1EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2C78297B-113B-47B5-9CF3-408EDDB5842D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3ACFF046-F59D-4982-A325-CA3583A306CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3B86E941-469F-4825-AF10-9B38E58FF319}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{413C8DA4-414A-4202-8790-250A5A4BC643}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{460626A1-E212-433D-8CB8-837A5D35085C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4B57CFD8-4D9E-4A20-A262-76EFB22003AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5336962F-7A51-461D-90E1-C3681263F43D}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E02BB74-B7DE-478F-9345-0BA2325ACFCD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{654CAD08-5099-4E32-A847-C8D7914BE205}" = rport=138 | protocol=17 | dir=out | app=system |
"{6736C863-4D21-44A9-A661-42F8F20C4495}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{69FBDB80-C50D-4D3F-8998-43ACA7044D1A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7C20D2AE-D8F6-4273-9C51-3EDE14F95279}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{87E2CA06-FC3D-4524-BD7D-A664C2555130}" = rport=137 | protocol=17 | dir=out | app=system |
"{89F3342C-D144-4308-BE4B-29B7799913A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{927E2633-B420-408B-A0FA-93D7669ABC86}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{940BE133-B1DE-45D6-9613-60A5AD5B31F7}" = lport=137 | protocol=17 | dir=in | app=system |
"{BEAC344F-0566-41F1-9A62-F219A1F22712}" = lport=138 | protocol=17 | dir=in | app=system |
"{CEEDF03A-C1EA-44DA-859D-A991547673F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4E7EC3F-907B-42CD-9217-F5FBCB275280}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC79AD53-461A-4985-8B33-2DA469CB219D}" = rport=445 | protocol=6 | dir=out | app=system |
"{E4040D00-314B-47A3-93CA-1E0321CAA72C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA57E7A5-B4CE-4AB0-B746-A1C20517BFAE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F204FAF0-760A-4B17-BB9B-09AD4B23D3D8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F64DE9A0-ED57-4907-8483-09282392B112}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F988B0C9-2D37-4DA5-A734-72CF5C2F1222}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00737FE1-B1D8-45EE-ABA6-CFD1840F7292}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{057454B5-9660-4F80-85E1-7F1197F606BA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{07E973F9-6602-44ED-8CDD-31B874BD80B6}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{0CA97E3B-81E6-4FFF-A3C2-A0176F4E3F25}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D61929F-9FED-4D85-9A48-DF0E1A545B57}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{0D97BA19-E9BD-4B07-BC09-CA830B8D12EE}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{0DAB9868-011E-4FAF-83D4-AAA5E2D859C2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{112EBB9F-AF53-435F-B29F-3878AA851023}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{16EC2868-C5DD-4517-84A3-E86B2497B63E}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{1763A7AC-83FF-4015-A2E4-7B3AB7373A94}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{1D934385-49C7-4102-A5C4-C0A2B7FEB67D}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{1DE646E6-83D8-413D-A537-F35AC8ED2FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{1F3D1047-FB01-4026-8857-924E6DA905C5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{25811BE7-4B6F-4B34-AD37-8C0D96AB4650}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2E6267A1-C52C-4CCB-840C-7071A1975ACD}" = protocol=1 | dir=in | [email protected],-28543 |
"{30A641C0-8FCE-44FF-AF65-0686EF0B9CE5}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{3863977F-2979-4085-B28C-C4836BA38AEB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{3ACBDF9E-8ED3-4D5F-8FAF-AD0C167C898C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3D47C7F3-8F47-4648-938D-F40FCE11F300}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{3D5687F7-016C-4C40-840C-2A8E81CD4D99}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3E23DCAF-D451-4763-9A4A-EC45A60E21BC}" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"{416D5DE5-A04F-4F7D-BF77-8EB1A1B8AD78}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{4403C220-18C2-4B37-8684-A320D7E40019}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{46E280F3-B276-4061-9324-938175E97EB5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{4814EE14-D76C-4221-BE59-278477FA93C2}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{4E2DB610-E419-4399-9FFC-A48072CAA77C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{4E40B884-D28C-4B12-875A-32501691937E}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{4FB6929D-0EE4-42EE-BCBD-B947622CA209}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{517097F1-538B-42FA-A225-DF1EECAA8EC7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5182EC3E-AC66-4DD3-9384-09AF4D69AE56}" = protocol=6 | dir=in | app=c:\users\user\documents\downloads\cnet techtracker\utorrent.exe |
"{51D7585D-600F-44DE-BBA1-B4138A4507B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{52769BF6-BDB7-456F-9C66-B75D8F0EB753}" = protocol=58 | dir=out | [email protected],-28546 |
"{59635631-FCAB-4F90-B6EE-4CC3FDF034C4}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{59F956E7-09F9-464E-BCED-79BCFE3A9368}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{5D9E050C-E18B-4A74-808C-DA9B98163036}" = protocol=1 | dir=out | [email protected],-28544 |
"{5DB8079C-BF80-4D74-99D9-657E05CB1A8B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{5E7AA688-2E38-4D00-A97F-D25BC4617302}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{644F08A4-0522-4595-9995-D1CEC0D8DFA8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{6516AAA1-6DD0-4869-858A-AF81EDCC943A}" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"{65E5398B-3CD5-40BB-922A-FA8B818FE464}" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"{664FA4D8-491F-45B4-B7D3-2914D547B875}" = protocol=17 | dir=in | app=c:\program files (x86)\active data recovery software\active undelete7 enterprise\undeleteagent.exe |
"{68D51F47-8878-4852-B69E-05F91C23DE10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6D677434-9888-49DE-A01A-E6BDC0386858}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{729C374B-35F9-4020-9DC3-92D90F4FB574}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{74AD9CF5-ADF7-45D0-BD1E-98208CAE041C}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{76F16322-6B6D-4F3A-8BEB-FC8EC1306CB8}" = protocol=6 | dir=in | app=c:\program files (x86)\active data recovery software\active undelete7 enterprise\undeleteagent.exe |
"{7A88F797-9CC6-4F80-9B00-2745BB8AAB7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7B806D7D-9E52-4454-80EC-33C1A0B6EE8E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{7CF238CC-7AF9-4F07-B4A4-248BED7B1D88}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{7DCA4E1E-CEEF-4523-BD91-E2288B10A777}" = protocol=17 | dir=in | app=c:\users\user\desktop\downloads\bittorrent\bittorrent.exe |
"{8858C24D-7191-4448-AF7D-A55EBBACFDED}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{8AFAD057-3136-48E3-A542-202FDB4BDEC5}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{8BED9DB2-AB91-4DB0-B70C-1FE122E5C5B7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8EE36E20-351F-4E7C-B5E1-B12D358F7313}" = protocol=17 | dir=in | app=c:\users\user\documents\downloads\cnet techtracker\utorrent.exe |
"{90C1EB9C-3C86-4A1C-A811-8DF51234C7E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{92C659EB-7E4B-478C-8066-2EF1BA746E7D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{987D4FA4-DF74-404C-84B9-126B4AA668EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{9B8215BF-6CDF-410A-80E9-1FADC6A6929E}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{9C9906DF-874A-4DF8-A693-16A10E25F081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9D90EA12-5416-424E-B359-27209377989D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9DA4687B-283A-4788-A4D2-F304B982F647}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{A497A514-A171-4B35-B729-3C535F07C13F}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{A4E1BA8A-C9ED-4DDF-8AD8-EB8FA6902461}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{A5527B01-53A5-4E6E-B3D5-5AE758D64020}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{AA330733-85CC-418E-8B16-56AAC52473EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{AA523A71-A39F-44DB-B0C2-6D3CBB93F4F4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{AED099E9-CF89-447E-93BD-F949B9ED0D16}" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"{B04FD783-65F5-47E8-A693-768CED91B82B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{BAAA3704-18B8-44B4-9682-5B7066FA7D4E}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{BFD5A87B-BB42-47FA-B055-A3C2702C5C2D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{C00EBF6D-D09A-4E25-8628-4DE05960BC6D}" = protocol=6 | dir=in | app=c:\program files (x86)\searchresults1\dtuser.exe |
"{CD006976-3D4B-463D-BE47-75CCE0D3BBC0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE062982-1898-4B5C-A224-58B363DDB4E0}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CF5BE561-B2B9-4DD8-890B-501AE3584486}" = protocol=17 | dir=in | app=c:\program files (x86)\searchresults1\dtuser.exe |
"{D381E4AC-37CF-426F-8CAC-04A495A04456}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{D481951A-1148-499A-AD43-141AC238A07F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4A8CBBA-3DFD-438A-9136-F560F8CA319E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{D5D6031D-F205-478C-9B81-EBBCEE588BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{D680F40D-F9A4-45D4-8EE4-68B60BEEAEAE}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{DF45BBD6-0E54-4697-A6F8-CB1C32D7EA6D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{DF846493-65B9-46B1-B1F7-2A62E2752EFD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E4727DED-CB4E-46AE-96FF-CE0C082676C1}" = protocol=6 | dir=in | app=c:\users\user\desktop\downloads\bittorrent\bittorrent.exe |
"{E6F87F63-62C4-4DD1-A2A4-4999EE179666}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{F0195C5C-4E10-4E45-8EF0-67A47BAC5885}" = protocol=58 | dir=in | [email protected],-28545 |
"{F9F7B83C-92C5-4EC5-BC9B-9E0DFCB4118B}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{FA85DB70-3D3A-44D3-9261-896CB9867965}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{FA9AC9FC-73CE-426E-9D05-B1B6841FB56F}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{FCF4AEA8-FD4B-44D8-8931-7E638DD9E849}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{FD059DEA-5E25-4CD5-AF9A-BA570D0C283F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FE159142-EDD9-4FEB-9E8F-6909ED58AC5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"TCP Query User{00D71C33-2100-43C3-9A71-CAAC0021A293}C:\program files (x86)\grassgames hearts\hearts_dx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\grassgames hearts\hearts_dx9.exe |
"TCP Query User{356F78F6-85F8-4E4D-B04E-D834E31ACDCF}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4A0B25F2-6C15-45AA-9EC9-2785DD2AF8C7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{56CD5073-7FAF-4AC2-8312-6FAF4FEFA348}C:\users\user\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{72626F32-96A7-414B-973E-2841B0580F99}C:\users\user\desktop\mangee\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\bittorrent\bittorrent.exe |
"TCP Query User{8182C120-3F45-4CDD-A78C-A9947CC60826}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A3920C9B-4504-47E9-AA82-307848BC148C}C:\program files (x86)\youtorrent\youtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youtorrent\youtorrent.exe |
"TCP Query User{AFD1DCC2-5989-41BD-95B6-14BCD12A832C}C:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe |
"TCP Query User{BB43F9B8-F001-40BA-B0C2-A86BBD749165}C:\users\user\desktop\mangee\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"TCP Query User{BC90D7E2-9A53-4A73-BEE9-8861F8054494}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{C92C87F2-B10C-4C35-B83E-95AA19B95F97}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D51B2C12-CB3C-46C8-9324-14A39D5E8C20}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{E90138BD-FAC2-4C56-A47C-15643AFFF63A}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{030E0072-AB6C-487A-AA7B-100924227B54}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{3B29E800-C223-4811-BC8F-A70EBE1FD0F8}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{61B65C36-1F67-4321-A3E2-48A2F7C59974}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"UDP Query User{73E4235D-C8A5-4BF5-A646-4DBBE4EAE365}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B5EBA2BD-B2A4-48E7-BCE9-B993E8D207F5}C:\program files (x86)\grassgames hearts\hearts_dx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\grassgames hearts\hearts_dx9.exe |
"UDP Query User{B7537165-DAA4-4092-8ABB-AF4EC3DACC5D}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{BBC0B615-871E-4174-9C70-575E37697362}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C6EA8DAD-453F-4EFB-A1E5-C2E1C4B019F8}C:\users\user\desktop\mangee\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"UDP Query User{D3B90793-5029-43B4-B628-26F6F253F06D}C:\users\user\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{E04BBA62-57B1-4ACA-87BF-60DF4A844E21}C:\program files (x86)\youtorrent\youtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youtorrent\youtorrent.exe |
"UDP Query User{E5265D51-24AF-49D7-AB92-28C37FB58296}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{EF1946D1-5084-4AB0-82E8-CED1F3CB3674}C:\users\user\desktop\mangee\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\bittorrent\bittorrent.exe |
"UDP Query User{FA5F0312-0E54-4734-900B-20722EC313C7}C:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series" = Canon MP470 series
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CanonMyPrinter" = Canon My Printer
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005E738B-5A0A-4483-A900-877D183A8F45}_is1" = BlindWrite 6
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}" = Qualcomm Atheros Fast Reconnect
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Video Performmer Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25BA9295-A14B-4696-A14A-8A11AE3C2BAC}_is1" = Jewel Quest
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A3532ED-A121-4297-AA4F-70B60E4BD631}" = Playalot Games
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{5AEDD628-18CC-4317-BD77-2F92E63A07D7}" = Forest Lake at Night
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{856480C9-2428-15E1-97BC-685EE2A7B8E6}" = MusicOasis
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA16B670-D9BD-4051-882A-B5AB057F7128}_is1" = FixBee Disk Optimizer
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 Free Solitaire_is1" = 123 Free Solitaire 2009 v7.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"Akamai" = Akamai NetSession Interface Service
"Animated Water Scenes_is1" = Animated Water Scenes
"Animated Waterfalls II_is1" = Animated Waterfalls II
"Atlantis" = GameHouse Games Collection: Atlantis
"BabylonToolbar" = Babylon toolbar on IE
"BFGC" = Big Fish Games: Game Manager
"BookWorm" = BookWorm
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DefaultTab" = DefaultTab
"DefaultTab Chrome" = DefaultTab Chrome
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Eusing Free Registry Defrag" = Eusing Free Registry Defrag
"exent_452750" = Atlantis Quest
"exent_598050" = Mahjong World
"exent_642550" = Jewel Quest 3
"exent_642650" = Jewel Quest 2
"exent_642950" = Family Feud 3: Dream Home
"Feeding Frenzy" = GameHouse Games Collection: Feeding Frenzy
"Free Video Converter_is1" = Free Video Converter V 3.1
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Game_Master_2.1 Toolbar" = Game Master 2.1 Toolbar
"Hardware Helper_is1" = Hardware Helper
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"iWinArcade" = iWin Games (remove only)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MusicOasis" = MusicOasis
"PriceGong" = PriceGong 2.6.4
"PricePeep" = PricePeep for Internet Explorer
"Puzzle Solitaire" = GameHouse Games Collection: Puzzle Solitaire
"SavingsApp" = SavingsApp
"searchresults1" = Search Results Toolbar
"The Sea App" = The Sea App (Internet Explorer)
"Trusted Software Assistant_is1" = File Type Assistant
"TuneUpMedia" = TuneUp 2.4.6.4
"Updater Service" = Updater Service
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.2
"Wajam" = Wajam
"Webshots Desktop_is1" = Webshots Desktop
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zuma Deluxe" = GameHouse Games Collection: Zuma Deluxe

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 06/08/2012 1:31:33 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 06/08/2012 1:33:38 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Users\user\AppData\Local\microsoft\Windows\temporary
internet files\Content.IE5\8578D1BT\softonicdownloader_for_123-free-solitaire.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 07/08/2012 3:36:00 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 07/08/2012 3:36:00 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 07/08/2012 3:37:28 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Users\user\AppData\Local\microsoft\Windows\temporary
internet files\Content.IE5\8578D1BT\SoftonicDownloader_for_123-free-solitaire.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 08/08/2012 1:46:10 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 08/08/2012 1:46:10 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 08/08/2012 12:54:07 PM | Computer Name = user-PC | Source = Registry Helper Service | ID = 109
Description = Error: Service started

Error - 08/08/2012 12:54:18 PM | Computer Name = user-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x4fb32b3b Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x4fb32b3b Exception code: 0xc0000005 Fault offset: 0x00002c20 Faulting
process id: 0x844 Faulting application start time: 0x01cd758661e07959 Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: b11fecfb-e179-11e1-afff-93d7b8cece11

Error - 09/08/2012 1:53:03 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 09/08/2012 1:53:03 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

[ Hewlett-Packard Events ]
Error - 24/07/2012 9:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 25/07/2012 10:13:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 26/07/2012 10:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 27/07/2012 11:13:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 28/07/2012 11:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 29/07/2012 8:02:06 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 30/07/2012 8:32:01 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 31/07/2012 9:02:02 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 05/08/2012 8:55:26 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 06/08/2012 9:25:18 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

[ System Events ]
Error - 05/08/2012 8:00:11 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:15 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:17 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:18 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:18 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 06/08/2012 3:42:40 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 08/08/2012 12:53:34 PM | Computer Name = user-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:06:53 AM on ?08/?08/?2012 was unexpected.

Error - 08/08/2012 12:53:46 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2

Error - 08/08/2012 12:54:24 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description = The DefaultTabSearch service terminated unexpectedly. It has done
this 1 time(s).

Error - 08/08/2012 2:45:44 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description = The FBDiskOptimizer service terminated unexpectedly. It has done
this 1 time(s).


< End of report >


And again thank you for any assistance.
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi Princessss this may take a few runs to fix as I am sure that I have missed some somewhere.. But the next log will be shorter. When you re-run OTL after the fix could you ensure all users is selected

Download the attached Fix.txt to your desktop
Open OTL
Press the Run Fix button
A dialogue will open asking for the location of fix.txt
Navigate to it on the desktop and select it
Press Run Fix again
Allow OTL to run (this may take a while as it has a lot to do )

After the reboot then re-run an all users scan please
  • 0

#3
princessss

princessss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Did as you asked and ran the fix file...

Reran scan as asked with all users...

Thank you, here is the next logfile...

OTL logfile created on: 09/08/2012 5:43:56 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 78.73% Memory free
15.98 Gb Paging File | 14.03 Gb Available in Paging File | 87.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.33 Gb Total Space | 637.39 Gb Free Space | 69.41% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.63 Gb Free Space | 20.11% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 17:31:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy\OTL.exe
PRC - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/27 20:27:11 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/27 16:23:05 | 002,008,096 | ---- | M] () -- c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll
MOD - [2011/10/28 09:27:12 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvcPS.dll
MOD - [2011/10/27 20:27:11 | 000,623,912 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMediaLibrary.dll
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/04/05 21:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/12/13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/03 06:06:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/10 13:01:41 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011/08/11 20:03:00 | 000,630,584 | ---- | M] (FixBee., (www.fixbee.com)) [Auto | Running] -- C:\Program Files (x86)\FixBee\FBDefragSrv64.exe -- (FBDiskOptimizer)
SRV - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 20:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/10 22:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/11/24 00:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/16 08:35:58 | 000,054,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/09/08 20:08:36 | 000,090,096 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/08 23:00:20 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 16:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010/12/13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/01 20:21:08 | 000,118,400 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ezplay.sys -- (ezplay)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/04 23:20:26 | 000,015,360 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HP8207_8307.sys -- (HP8207_8307)
DRV:64bit: - [2010/01/21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 02:03:10 | 000,026,624 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps)
DRV:64bit: - [2010/01/21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/12/13 20:00:03 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/10/09 22:22:42 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV:64bit: - [2009/07/14 13:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/30 22:24:40 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2009/06/29 04:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 05:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2008/07/26 16:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/09 10:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2010/11/22 09:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.sys -- (X5XSEx)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com/?fr=fp-tyc8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...2-966C5169B100}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.myfamily.com/
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0002226822fa931
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGHP_en
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes\{C0448470-1295-4E96-B708-253A630728BA}: "URL" = http://websearch.ask...DB-9604E7A76A76
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "midicairus Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...1648001&gct=hp"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mediaforge.com/MRP: C:\Windows\system32\npmirage.dll (XMLAuthor Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension

[2012/07/05 01:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2009/12/14 23:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/08/09 17:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions
[2012/07/13 19:26:10 | 000,002,343 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\askcom.xml
[2012/05/06 20:42:56 | 000,010,998 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\bProtect.xml
[2012/06/17 19:54:49 | 000,003,969 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\sweetim.xml
[2012/06/22 23:56:26 | 000,000,942 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\yahoo.xml
[2012/08/09 17:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/14 22:34:48 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/05/14 22:34:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/01/29 17:09:19 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...0002226822fa931
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Wajam (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\plugins/npDefaultTabSearch.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhepndnhfbdjmegechokkbabcphcihdi\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\user\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Coupon Alert Installer Plugin Stub (Enabled) = C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: XMLAuthor Inc. npmirage (Enabled) = C:\Windows\system32\npmirage.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\

O1 HOSTS File: ([2012/08/09 17:33:48 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\Toolbar\WebBrowser: (no name) - {22DFBF5B-A7CD-4B25-9471-3DC68C71855F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} Reg Error: Value error. (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://msn.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (Reg Error: Key error.)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} Reg Error: Value error. (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A008FDED-0344-40D2-AC21-234D70E5A508}: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9476922-621B-49A4-8AD8-12EE84F91AB1}: DhcpNameServer = 64.71.255.198 64.71.255.253
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\toolbarchrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\toolbarchrome - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22453~1.59\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell - "" = AutoRun
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell\AutoRun\command - "" = F:\DigitalPhotoKeychain.EXE
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell - "" = AutoRun
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 17:32:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/09 13:27:25 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
[2012/08/09 11:57:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BF671325-B90B-47A6-8737-7B1A016E06EE}
[2012/08/08 23:56:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{33ADEC47-3AD9-4D98-A81F-06550E779582}
[2012/08/08 12:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/08 12:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/08/08 11:55:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D038258C-DDE1-4F1B-859C-4F3CE9ABBC10}
[2012/08/08 11:55:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6F4857CF-C03C-4300-883B-404342EB1AC3}
[2012/08/08 03:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
[2012/08/08 03:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2012/08/08 03:00:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/08/08 03:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2012/08/08 02:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012/08/07 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8ED38EF4-D7CA-4BE3-B9C1-9AF460C6B784}
[2012/08/07 10:35:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2C80771C-3FAA-4559-9EA2-31FA550A8258}
[2012/08/06 23:38:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SavingsApp
[2012/08/06 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SavingsApp
[2012/08/06 06:40:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4018D9C3-2361-4B17-87A4-9433E7B8C490}
[2012/08/06 06:40:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{347BC09F-45F5-4600-8747-94C60DD5A60A}
[2012/08/06 05:59:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{49117EED-5F77-4270-9D41-C7D10CC53A4A}
[2012/08/05 14:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/08/05 14:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\123 Free Solitaire
[2012/08/05 14:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2012/08/05 14:47:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Wajam
[2012/08/05 14:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/08/05 14:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
[2012/08/05 14:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game_Master_2.1
[2012/08/05 07:47:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A8B8E377-CCD8-48B1-9785-B733F7BE3BCC}
[2012/08/05 07:47:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1C857769-A6C5-4593-81D7-8A8D21478253}
[2012/08/04 22:36:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4D0B5226-364B-4C2A-A7BA-0BEC5D3F46E6}
[2012/08/04 19:37:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playalot Games
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Playalot Games
[2012/08/04 08:53:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{83929E67-2793-4BB0-B6FF-6981F2212E74}
[2012/08/03 17:36:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B3DCD321-C20D-412B-9343-460FE96C4CC2}
[2012/08/03 16:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Club Penguin
[2012/08/03 05:35:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C686FA77-6DAF-496F-AAA9-F112BD8A79BF}
[2012/08/02 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA158AD2-7105-4EF2-80B3-7244C5CBA8C9}
[2012/08/02 05:34:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A48A806E-49FB-411A-92CE-648C474C6818}
[2012/08/02 05:33:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B8BAB833-26B6-4207-BCDF-AD3CCE2DAD42}
[2012/08/01 18:53:10 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\DirectX_11_Technology_Update_US
[2012/08/01 17:33:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3608F219-1E2E-4165-BE7D-6F9FA004E24B}
[2012/08/01 17:32:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26A4BDF0-DF48-4A85-8147-3CC6322CC55B}
[2012/08/01 09:33:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EAC581C0-77DB-48E6-A868-36C31B8ABC95}
[2012/08/01 09:14:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6392FF2C-6ECD-4EF8-9272-DD281DD03031}
[2012/07/31 11:57:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6C17652A-E90F-4D44-B0BC-AF9B1E10E83A}
[2012/07/31 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8AEDCB04-C114-4F01-877C-BAE86294DA8D}
[2012/07/30 23:06:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BA170E37-3949-4409-9361-1745383B0A4C}
[2012/07/30 23:05:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{93E77A59-6C91-4BAF-BC8D-8B68E1004A93}
[2012/07/29 20:47:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6DFC6CFD-D891-4D8A-BC8F-BD4CF6AB1E6E}
[2012/07/29 20:47:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B2536FB1-8AA2-4FBF-9973-78427ED1BAD3}
[2012/07/29 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9D3D0F43-19D5-40A1-B707-EB8ACD93CA45}
[2012/07/28 14:50:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5A2C8232-4FC5-4A84-B566-CDA0264A65E6}
[2012/07/28 14:50:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{331332FA-5FE6-47C3-BB46-5D675BB83694}
[2012/07/27 23:03:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0C80FFF2-D36F-41BB-820E-6E472533D2DE}
[2012/07/27 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B07048C0-6179-4A22-ABBF-72D86E348CAB}
[2012/07/25 22:46:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{45A2B516-E61E-4CC6-86CB-F561F5B269F5}
[2012/07/25 22:45:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1E2FBA4D-06CD-4B20-8BEA-F42F79020773}
[2012/07/25 08:57:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{139243E8-EC0B-4B77-A383-52D797503A56}
[2012/07/25 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6AA803D3-6606-4035-B20F-EB5CE326F399}
[2012/07/24 08:33:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ED568EA5-DBEC-4BDF-8208-5A7B3E5E0F32}
[2012/07/24 08:32:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BBCBA218-7440-4C90-8307-BF80B065FB0E}
[2012/07/23 13:25:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5BF4C6C9-F599-4DB4-9CC8-09C1EF7187B4}
[2012/07/23 13:25:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{DE543902-BA4D-4557-93A1-95BF540EDE3A}
[2012/07/23 00:09:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{96409C9C-0512-4D53-9AB8-2F7A194A2EC8}
[2012/07/23 00:09:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0A52008B-1FED-4297-8178-6C1A67708692}
[2012/07/22 12:08:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1BEAE3DF-B137-4E22-96A2-FBA0D316E3DD}
[2012/07/22 12:08:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5EC335B7-A80F-4E2A-BCBC-729F2D8C90D2}
[2012/07/21 23:47:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BC4A2950-AB57-45EC-BE6D-93C2FB6F7C95}
[2012/07/21 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{152A7D4F-36A4-4625-999A-ACD14843DADB}
[2012/07/20 22:42:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7B7EF0AA-67A9-4DF0-9B75-BCBF17D22E92}
[2012/07/20 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CBB9D865-A627-4237-9CC1-EDECE6AFD9A2}
[2012/07/20 22:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/07/20 08:18:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E4BEC642-C01A-480D-B6C0-2F03062D048D}
[2012/07/20 08:18:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EB47AC1E-FE93-4566-91AD-3C6DC5096C43}
[2012/07/19 16:41:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F767D87F-349F-4AEA-BEA3-D935F32D53E9}
[2012/07/19 16:40:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9476A28E-C937-49F3-914D-4FFC3A8BDCDA}
[2012/07/19 14:37:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8DEA7C0D-40ED-462C-9AF6-3140FA532E39}
[2012/07/19 11:17:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7F1FE819-0F5E-4F62-AE28-F5E677840041}
[2012/07/18 22:23:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3FBC1C91-8F2D-4E0B-A8AA-4EACE74C1632}
[2012/07/18 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F14062AF-A608-42CC-AFDC-0226405AEBDB}
[2012/07/18 09:41:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA78DCDC-049C-4B0B-BE22-A9AD678A23AC}
[2012/07/18 09:40:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8E04FA7A-0571-4A99-B66D-5FCEE22B4EDF}
[2012/07/17 09:10:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D459B44D-FC1D-41A1-8735-1393720EEECA}
[2012/07/17 09:09:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A03B653B-9405-4194-BF06-261E9FB617C7}
[2012/07/16 11:30:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1A328891-5FE2-4F13-B4AD-3F7529F366C8}
[2012/07/16 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5B73CCF0-923E-4B82-A6A7-9DD1A29B472B}
[2012/07/15 23:12:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{14E2C30A-AEA6-4E0F-8940-848B98864BE4}
[2012/07/15 23:11:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26F66465-E121-4BBC-9E65-F8F44F9E6119}
[2012/07/15 19:39:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ABCCB4EA-607B-45A8-AC25-F7D19DB6102A}
[2012/07/14 23:00:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C2BDF00A-49B1-4949-A6CE-28713C6EE597}
[2012/07/14 23:00:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3052D6BB-FA31-485F-AC41-D76AE9E7236E}
[2012/07/14 07:53:35 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C826F85C-A703-4431-AF71-B208BE2C0F07}
[2012/07/13 16:26:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6A07A1CB-FC62-4B26-90A8-76E202D521BF}
[2012/07/13 16:25:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BF05C41F-9CA7-457E-915F-64D7918527C0}
[2012/07/12 21:14:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{04AD65B8-D254-41BA-B4A9-DF6127342214}
[2012/07/12 21:14:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{39CADCF4-9AB4-4770-98C1-6F1732645129}
[2012/07/12 16:35:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3191E3DA-597C-449E-A0E4-CB62607DAE24}
[2012/07/11 23:59:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5EE9016E-C50E-40BE-802C-DF969057D9DF}
[2012/07/11 23:58:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4919D847-628A-4C05-84CA-A665461C61DC}
[2012/07/11 10:33:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C896FD77-CB14-4FA3-B684-707257746E61}
[2012/07/11 10:33:04 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{77CA7CA1-7508-468B-96BD-76D3C621C75B}
[2012/07/11 02:13:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\MusicOasis
[2012/07/11 02:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicOasis
[2012/07/11 02:05:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Sea App (Internet Explorer)
[2012/07/10 19:19:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\FixBee
[2012/07/10 19:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FixBee
[2012/07/10 19:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FixBee Disk Optimizer
[2012/07/10 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixBee
[2010/05/01 20:21:08 | 000,118,400 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\ezplay.sys
[2009/12/13 20:00:03 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/09 17:46:53 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:46:53 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 17:39:51 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/09 17:39:14 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/08/09 17:38:55 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/09 17:37:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/09 17:37:15 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/09 17:33:48 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/08/09 17:30:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000UA.job
[2012/08/09 17:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/09 16:59:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/09 13:30:11 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000Core.job
[2012/08/08 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/08/08 17:32:10 | 000,002,447 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2012/08/08 11:53:41 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/08/08 03:00:36 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/06 23:45:06 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | M] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/06 05:58:28 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/08/05 14:51:58 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/05 14:47:35 | 000,005,282 | ---- | M] () -- C:\user.js
[2012/08/05 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2012/08/05 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\FB-Optimize.job
[2012/08/04 19:37:47 | 000,002,591 | ---- | M] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/08/03 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/07/29 00:20:29 | 000,001,191 | ---- | M] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2012/07/20 22:25:48 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/20 08:20:51 | 000,000,313 | ---- | M] () -- C:\Users\user\Desktop\Facebook.url
[2012/07/11 03:25:44 | 000,435,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/11 02:13:40 | 000,000,853 | ---- | M] () -- C:\Users\Public\Desktop\MusicOasis.lnk
[2012/07/10 20:38:50 | 000,003,528 | ---- | M] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2012/07/10 19:18:55 | 000,000,953 | ---- | M] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FixBee Disk Optimizer.lnk
[2012/07/10 19:18:54 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\FixBee Disk Optimizer.lnk
[2012/07/10 19:00:42 | 000,118,400 | ---- | M] (VSO Software) -- C:\Users\user\AppData\Roaming\ezplay.sys
[2012/07/10 19:00:42 | 000,099,384 | ---- | M] () -- C:\Users\user\AppData\Roaming\inst.exe
[2012/07/10 19:00:42 | 000,007,833 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.cat
[2012/07/10 19:00:42 | 000,001,126 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.inf
[2012/07/10 19:00:42 | 000,000,125 | ---- | M] () -- C:\Users\user\AppData\Roaming\ezplay.ini
[2012/07/10 19:00:41 | 000,000,966 | ---- | M] () -- C:\Users\user\Desktop\BlindWrite 6.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/08 03:00:36 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/06 23:44:55 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | C] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/05 14:50:52 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/04 19:37:47 | 000,002,591 | ---- | C] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/07/20 22:25:48 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/11 02:13:40 | 000,000,853 | ---- | C] () -- C:\Users\Public\Desktop\MusicOasis.lnk
[2012/07/10 20:16:16 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\FB-Optimize.job
[2012/07/10 19:18:55 | 000,000,953 | ---- | C] () -- C:\Users\user\Application Data\Microsoft\Internet Explorer\Quick Launch\FixBee Disk Optimizer.lnk
[2012/07/10 19:18:54 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\FixBee Disk Optimizer.lnk
[2012/07/10 19:00:41 | 000,000,966 | ---- | C] () -- C:\Users\user\Desktop\BlindWrite 6.lnk
[2012/06/18 16:04:26 | 000,008,112 | ---- | C] () -- C:\Program Files\Documents.one
[2012/04/09 13:32:31 | 000,735,282 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/06 23:09:09 | 000,103,784 | ---- | C] () -- C:\Users\user\GoToAssistDownloadHelper.exe
[2012/04/05 20:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/05 20:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/01 15:24:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{57A828B4-A81A-49B2-A3A6-F6CC4A73413B}
[2012/03/01 15:23:09 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{E51CBA45-AF28-4B69-AA77-59C4179A1659}
[2012/03/01 15:21:50 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{A668062B-5AAE-4EBD-BCC8-4C1C11C2F891}
[2012/03/01 15:17:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DE1BEB81-75DA-4481-818D-4334473F5671}
[2012/03/01 15:14:44 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{03258BE5-DAA9-494C-978C-95C824978197}
[2012/03/01 15:10:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{96CA75C8-5216-449C-B8D7-7F5B90CABB54}
[2012/03/01 15:05:43 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{BD1DCF07-588C-45ED-B4DC-93F53CE5A309}
[2012/03/01 15:02:52 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{3A547FAE-812F-4772-9FB0-62C1D23C590B}
[2012/03/01 14:51:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DC2516E2-ABDB-43E1-8EFD-D61E6D9CAE94}
[2012/03/01 14:48:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{B8D9D4DD-37C3-4C5D-AEF8-67FBA61C00DB}
[2012/02/27 17:02:47 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CF01DEAA-0EF4-4345-9A6D-12F694C6B6F1}
[2012/02/27 17:02:14 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FD531313-B71A-46CC-920F-7AF1BA68EE9B}
[2012/02/27 17:00:38 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5A520BEE-9CA8-41D4-91AD-282892292FCE}
[2012/02/27 16:59:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AF174D73-1A40-45C3-93AD-C31B7B9DFEED}
[2012/02/27 16:49:16 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FFC76884-CB75-431F-8BD3-4F39B20D5E96}
[2012/02/27 16:48:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0FE7B42E-A2EA-4F89-B597-E954DA2885D2}
[2012/02/27 16:46:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{4E42CF1B-2C3B-480E-9A29-58F9763EEA32}
[2012/02/27 16:45:24 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{C31D8DDE-F8A6-4542-A014-2ED1760E74BC}
[2012/02/27 16:32:28 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5CE71378-C245-4430-8D25-8AC61D66E312}
[2012/02/27 16:31:40 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0C37097B-7502-4E4E-A092-A79332F8942A}
[2012/02/27 16:30:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CA0130D6-02DC-41FD-9FCD-B6056598B00B}
[2012/02/27 16:28:07 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DAE33DBD-A422-431E-BC57-BFF6D8D7B700}
[2012/02/27 16:20:53 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{474392D7-D851-429F-A451-A8BCF908DE1A}
[2012/02/27 16:19:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{992638EF-130D-4809-ABFF-2A864654F2AE}
[2012/02/27 16:17:22 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{59D181C7-E381-4525-A358-A076D4D82574}
[2012/02/27 16:10:19 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{1190E63A-32D3-4E57-83D0-43D494F1BEAD}
[2012/02/27 16:07:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{8F96BDB6-C993-4367-8E7E-2C6C7630213D}
[2012/02/27 16:05:12 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DCFAF58E-01AC-4319-95E9-5984C22B5D84}
[2012/02/27 15:49:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{967B580D-27E6-4CA2-A116-D5D056DC6AF2}
[2012/02/27 15:47:39 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{53CC8EB3-8985-4499-8823-BDF6129343EC}
[2012/02/27 15:46:13 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AE273F6B-1D7B-4472-B9C6-5199D7B3C427}
[2012/02/12 22:15:59 | 000,002,073 | ---- | C] () -- C:\Windows\unins001.dat
[2012/02/12 22:14:30 | 000,001,699 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/22 13:31:21 | 000,198,568 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/28 20:33:49 | 000,161,736 | ---- | C] () -- C:\Program Files (x86)\14res.dll
[2011/10/26 02:33:14 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/04/04 19:50:28 | 000,000,080 | ---- | C] () -- C:\Users\user\AppData\Roaming\EasyBejeweled.exe.ini
[2011/03/13 22:14:57 | 000,001,587 | ---- | C] () -- C:\Users\user\feb2006_xact_x86.inf
[2011/02/11 16:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/10/09 14:23:45 | 000,018,343 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.JPG
[2010/10/09 14:23:45 | 000,014,999 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.0
[2010/10/06 16:21:00 | 000,000,026 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/09/21 17:06:46 | 000,028,501 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png
[2010/08/06 09:42:24 | 000,003,603 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.3
[2010/08/06 09:42:22 | 000,003,549 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.2
[2010/08/06 09:42:19 | 000,003,577 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.1
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.JPG
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.0
[2010/05/02 15:13:57 | 000,087,775 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.JPG
[2010/05/02 15:13:41 | 000,356,635 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.0
[2010/05/01 20:21:08 | 000,007,833 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.cat
[2010/05/01 20:21:08 | 000,001,126 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.inf
[2010/05/01 20:21:08 | 000,000,125 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.ini
[2010/04/14 20:57:35 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.4
[2010/04/14 20:57:24 | 000,046,289 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.3
[2010/04/14 20:57:23 | 000,046,441 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.2
[2010/04/14 20:57:23 | 000,046,319 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.1
[2010/04/14 20:57:21 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.0
[2010/04/14 20:57:10 | 000,046,422 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.JPG
[2010/04/04 18:06:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\dm.ini
[2010/02/04 12:06:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 01:05:01 | 000,008,704 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 16:14:23 | 000,003,528 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2009/12/13 20:01:23 | 000,001,191 | ---- | C] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2009/12/13 20:00:03 | 000,099,384 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2009/12/13 20:00:03 | 000,007,859 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2009/12/13 20:00:03 | 000,001,167 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2009/12/10 11:33:43 | 000,007,618 | ---- | C] () -- C:\Users\user\AppData\Local\resmon.resmoncfg

========== LOP Check ==========

[2010/04/29 01:31:01 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2011/10/08 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\.minecraft
[2010/01/16 22:10:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AnvSoft
[2009/12/10 02:39:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Astro Gemini Software
[2012/03/13 00:49:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG
[2010/11/24 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG10
[2012/03/12 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2012
[2011/02/13 17:05:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canon
[2012/07/05 00:34:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CasinoOnNet
[2010/02/20 00:02:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/04 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2010/09/26 00:29:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dream Aquarium
[2010/04/24 19:12:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverCure
[2010/11/08 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverFinder
[2011/09/18 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DVDVideoSoft
[2012/05/23 22:16:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Exent Technologies
[2012/03/13 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Fanda Games
[2012/07/10 19:19:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FixBee
[2012/04/03 10:51:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\funkitron
[2012/04/25 17:09:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gaijin Ent
[2010/12/02 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
[2011/03/27 16:16:58 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GlarySoft
[2012/08/03 16:25:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Goodsol
[2011/10/02 10:04:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrabPro
[2011/06/14 13:15:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrassGames
[2011/09/21 15:40:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HideIPEasy
[2010/12/02 20:22:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InfraRecorder
[2012/06/13 21:32:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\iWin
[2010/04/04 22:31:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2009/12/16 12:59:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LimeWire
[2010/12/10 02:33:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\magentictb
[2012/07/05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Finder
[2012/06/29 00:46:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MOVAVI
[2011/03/31 16:11:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MP3Rocket
[2012/07/11 02:13:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MusicOasis
[2012/01/16 02:23:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Orbit
[2012/01/09 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ParetoLogic
[2012/07/06 22:57:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\pdfforge
[2010/09/21 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PeerNetworking
[2012/05/06 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PerformerSoft
[2010/04/20 17:20:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PrimoPDF
[2012/05/21 18:35:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Product_RM
[2011/10/02 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ProgSense
[2012/05/22 19:01:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Registry Mechanic
[2011/03/01 20:17:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\RegistryKeys
[2009/12/11 12:15:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ScanSoft
[2010/09/30 12:22:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Silver Creek Entertainment
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Spadester
[2012/01/08 18:36:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpeedyPC Software
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpinTop
[2012/06/22 15:21:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Systweak
[2010/01/08 16:15:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2009/12/10 02:40:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TERMINAL Studio
[2010/11/07 15:52:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Thinstall
[2011/10/02 13:42:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Tific
[2012/08/03 00:17:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TreeCardGames
[2010/02/11 20:09:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2012/08/08 03:01:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/05/07 13:54:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2012/08/08 02:55:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2012/07/29 00:20:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Vso
[2010/03/30 19:16:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Western Software Technologies
[2009/12/13 10:23:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinBatch
[2011/01/23 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer
[2012/08/09 17:38:55 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/08/05 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\FB-Optimize.job
[2012/08/08 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012/08/06 05:58:28 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2012/08/03 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/08/05 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(23).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(54).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(75).TXT
[2012/08/09 15:49:08 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:8842A96D
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:7149F3EF
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:C5E4F943
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:2913008E
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:55422315
@Alternate Data Stream - 159 bytes -> C:\ProgramData\Temp:D2F157E3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:F8D65F32
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:F49E02D5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:958399A2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:B683AD23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:290A724C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:57DC3B52
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:06E98522
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:8A99591C
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:69148568
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:627359BA
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C7F04040
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:0459F5AC
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7B13EE36
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:2EF63291

< End of report >


extras file


OTL Extras logfile created on: 09/08/2012 5:43:56 PM - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 6.29 Gb Available Physical Memory | 78.73% Memory free
15.98 Gb Paging File | 14.03 Gb Available in Paging File | 87.80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.33 Gb Total Space | 637.39 Gb Free Space | 69.41% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.63 Gb Free Space | 20.11% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop
"C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe" = C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe:*:Enabled:iBryteDesktop


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C853DC5-961C-4997-8D78-D3BAF2A3F594}" = lport=49176 | protocol=6 | dir=in | name=akamai netsession interface |
"{120F0563-7CD0-4A10-A676-5524359B9274}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{269A9ECD-8FA8-4C52-8E83-9677674284D3}" = rport=139 | protocol=6 | dir=out | app=system |
"{2C0363B4-CC7E-4363-BC16-EF97319CC1EA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2C78297B-113B-47B5-9CF3-408EDDB5842D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3ACFF046-F59D-4982-A325-CA3583A306CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{3B86E941-469F-4825-AF10-9B38E58FF319}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{413C8DA4-414A-4202-8790-250A5A4BC643}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{460626A1-E212-433D-8CB8-837A5D35085C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4B57CFD8-4D9E-4A20-A262-76EFB22003AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5336962F-7A51-461D-90E1-C3681263F43D}" = lport=139 | protocol=6 | dir=in | app=system |
"{5E02BB74-B7DE-478F-9345-0BA2325ACFCD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{654CAD08-5099-4E32-A847-C8D7914BE205}" = rport=138 | protocol=17 | dir=out | app=system |
"{6736C863-4D21-44A9-A661-42F8F20C4495}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{69FBDB80-C50D-4D3F-8998-43ACA7044D1A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7C20D2AE-D8F6-4273-9C51-3EDE14F95279}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{87E2CA06-FC3D-4524-BD7D-A664C2555130}" = rport=137 | protocol=17 | dir=out | app=system |
"{89F3342C-D144-4308-BE4B-29B7799913A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{927E2633-B420-408B-A0FA-93D7669ABC86}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{940BE133-B1DE-45D6-9613-60A5AD5B31F7}" = lport=137 | protocol=17 | dir=in | app=system |
"{BEAC344F-0566-41F1-9A62-F219A1F22712}" = lport=138 | protocol=17 | dir=in | app=system |
"{CEEDF03A-C1EA-44DA-859D-A991547673F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D4E7EC3F-907B-42CD-9217-F5FBCB275280}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC79AD53-461A-4985-8B33-2DA469CB219D}" = rport=445 | protocol=6 | dir=out | app=system |
"{E4040D00-314B-47A3-93CA-1E0321CAA72C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA57E7A5-B4CE-4AB0-B746-A1C20517BFAE}" = lport=445 | protocol=6 | dir=in | app=system |
"{F204FAF0-760A-4B17-BB9B-09AD4B23D3D8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F64DE9A0-ED57-4907-8483-09282392B112}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F988B0C9-2D37-4DA5-A734-72CF5C2F1222}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00737FE1-B1D8-45EE-ABA6-CFD1840F7292}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{057454B5-9660-4F80-85E1-7F1197F606BA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{07E973F9-6602-44ED-8CDD-31B874BD80B6}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{0CA97E3B-81E6-4FFF-A3C2-A0176F4E3F25}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D61929F-9FED-4D85-9A48-DF0E1A545B57}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{0D97BA19-E9BD-4B07-BC09-CA830B8D12EE}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{0DAB9868-011E-4FAF-83D4-AAA5E2D859C2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{112EBB9F-AF53-435F-B29F-3878AA851023}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{16EC2868-C5DD-4517-84A3-E86B2497B63E}" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{1763A7AC-83FF-4015-A2E4-7B3AB7373A94}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{1D934385-49C7-4102-A5C4-C0A2B7FEB67D}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{1DE646E6-83D8-413D-A537-F35AC8ED2FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{1F3D1047-FB01-4026-8857-924E6DA905C5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{25811BE7-4B6F-4B34-AD37-8C0D96AB4650}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2E6267A1-C52C-4CCB-840C-7071A1975ACD}" = protocol=1 | dir=in | [email protected],-28543 |
"{30A641C0-8FCE-44FF-AF65-0686EF0B9CE5}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{3863977F-2979-4085-B28C-C4836BA38AEB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{3ACBDF9E-8ED3-4D5F-8FAF-AD0C167C898C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3D47C7F3-8F47-4648-938D-F40FCE11F300}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{3D5687F7-016C-4C40-840C-2A8E81CD4D99}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3E23DCAF-D451-4763-9A4A-EC45A60E21BC}" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"{416D5DE5-A04F-4F7D-BF77-8EB1A1B8AD78}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{4403C220-18C2-4B37-8684-A320D7E40019}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{46E280F3-B276-4061-9324-938175E97EB5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{4814EE14-D76C-4221-BE59-278477FA93C2}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{4E2DB610-E419-4399-9FFC-A48072CAA77C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{4E40B884-D28C-4B12-875A-32501691937E}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{4FB6929D-0EE4-42EE-BCBD-B947622CA209}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{517097F1-538B-42FA-A225-DF1EECAA8EC7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5182EC3E-AC66-4DD3-9384-09AF4D69AE56}" = protocol=6 | dir=in | app=c:\users\user\documents\downloads\cnet techtracker\utorrent.exe |
"{51D7585D-600F-44DE-BBA1-B4138A4507B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{52769BF6-BDB7-456F-9C66-B75D8F0EB753}" = protocol=58 | dir=out | [email protected],-28546 |
"{59635631-FCAB-4F90-B6EE-4CC3FDF034C4}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{59F956E7-09F9-464E-BCED-79BCFE3A9368}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{5D9E050C-E18B-4A74-808C-DA9B98163036}" = protocol=1 | dir=out | [email protected],-28544 |
"{5DB8079C-BF80-4D74-99D9-657E05CB1A8B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{5E7AA688-2E38-4D00-A97F-D25BC4617302}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{644F08A4-0522-4595-9995-D1CEC0D8DFA8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{6516AAA1-6DD0-4869-858A-AF81EDCC943A}" = protocol=6 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"{65E5398B-3CD5-40BB-922A-FA8B818FE464}" = protocol=17 | dir=in | app=c:\program files (x86)\tvants\tvants.exe |
"{664FA4D8-491F-45B4-B7D3-2914D547B875}" = protocol=17 | dir=in | app=c:\program files (x86)\active data recovery software\active undelete7 enterprise\undeleteagent.exe |
"{68D51F47-8878-4852-B69E-05F91C23DE10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6D677434-9888-49DE-A01A-E6BDC0386858}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{729C374B-35F9-4020-9DC3-92D90F4FB574}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{74AD9CF5-ADF7-45D0-BD1E-98208CAE041C}" = protocol=6 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{76F16322-6B6D-4F3A-8BEB-FC8EC1306CB8}" = protocol=6 | dir=in | app=c:\program files (x86)\active data recovery software\active undelete7 enterprise\undeleteagent.exe |
"{7A88F797-9CC6-4F80-9B00-2745BB8AAB7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7B806D7D-9E52-4454-80EC-33C1A0B6EE8E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{7CF238CC-7AF9-4F07-B4A4-248BED7B1D88}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{7DCA4E1E-CEEF-4523-BD91-E2288B10A777}" = protocol=17 | dir=in | app=c:\users\user\desktop\downloads\bittorrent\bittorrent.exe |
"{8858C24D-7191-4448-AF7D-A55EBBACFDED}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\iwingames.exe |
"{8AFAD057-3136-48E3-A542-202FDB4BDEC5}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{8BED9DB2-AB91-4DB0-B70C-1FE122E5C5B7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{8EE36E20-351F-4E7C-B5E1-B12D358F7313}" = protocol=17 | dir=in | app=c:\users\user\documents\downloads\cnet techtracker\utorrent.exe |
"{90C1EB9C-3C86-4A1C-A811-8DF51234C7E2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{92C659EB-7E4B-478C-8066-2EF1BA746E7D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{987D4FA4-DF74-404C-84B9-126B4AA668EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{9B8215BF-6CDF-410A-80E9-1FADC6A6929E}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{9C9906DF-874A-4DF8-A693-16A10E25F081}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9D90EA12-5416-424E-B359-27209377989D}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{9DA4687B-283A-4788-A4D2-F304B982F647}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{A497A514-A171-4B35-B729-3C535F07C13F}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{A4E1BA8A-C9ED-4DDF-8AD8-EB8FA6902461}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{A5527B01-53A5-4E6E-B3D5-5AE758D64020}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{AA330733-85CC-418E-8B16-56AAC52473EF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{AA523A71-A39F-44DB-B0C2-6D3CBB93F4F4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{AED099E9-CF89-447E-93BD-F949B9ED0D16}" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"{B04FD783-65F5-47E8-A693-768CED91B82B}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{BAAA3704-18B8-44B4-9682-5B7066FA7D4E}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{BFD5A87B-BB42-47FA-B055-A3C2702C5C2D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{C00EBF6D-D09A-4E25-8628-4DE05960BC6D}" = protocol=6 | dir=in | app=c:\program files (x86)\searchresults1\dtuser.exe |
"{CD006976-3D4B-463D-BE47-75CCE0D3BBC0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE062982-1898-4B5C-A224-58B363DDB4E0}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{CF5BE561-B2B9-4DD8-890B-501AE3584486}" = protocol=17 | dir=in | app=c:\program files (x86)\searchresults1\dtuser.exe |
"{D381E4AC-37CF-426F-8CAC-04A495A04456}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{D481951A-1148-499A-AD43-141AC238A07F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D4A8CBBA-3DFD-438A-9136-F560F8CA319E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{D5D6031D-F205-478C-9B81-EBBCEE588BEE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{D680F40D-F9A4-45D4-8EE4-68B60BEEAEAE}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{DF45BBD6-0E54-4697-A6F8-CB1C32D7EA6D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{DF846493-65B9-46B1-B1F7-2A62E2752EFD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E4727DED-CB4E-46AE-96FF-CE0C082676C1}" = protocol=6 | dir=in | app=c:\users\user\desktop\downloads\bittorrent\bittorrent.exe |
"{E6F87F63-62C4-4DD1-A2A4-4999EE179666}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |
"{F0195C5C-4E10-4E45-8EF0-67A47BAC5885}" = protocol=58 | dir=in | [email protected],-28545 |
"{F9F7B83C-92C5-4EC5-BC9B-9E0DFCB4118B}" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"{FA85DB70-3D3A-44D3-9261-896CB9867965}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{FA9AC9FC-73CE-426E-9D05-B1B6841FB56F}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"{FCF4AEA8-FD4B-44D8-8931-7E638DD9E849}" = protocol=17 | dir=in | app=c:\program files (x86)\iwin games\webupdater.exe |
"{FD059DEA-5E25-4CD5-AF9A-BA570D0C283F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FE159142-EDD9-4FEB-9E8F-6909ED58AC5C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"TCP Query User{00D71C33-2100-43C3-9A71-CAAC0021A293}C:\program files (x86)\grassgames hearts\hearts_dx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\grassgames hearts\hearts_dx9.exe |
"TCP Query User{356F78F6-85F8-4E4D-B04E-D834E31ACDCF}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{4A0B25F2-6C15-45AA-9EC9-2785DD2AF8C7}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{56CD5073-7FAF-4AC2-8312-6FAF4FEFA348}C:\users\user\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{72626F32-96A7-414B-973E-2841B0580F99}C:\users\user\desktop\mangee\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\bittorrent\bittorrent.exe |
"TCP Query User{8182C120-3F45-4CDD-A78C-A9947CC60826}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{A3920C9B-4504-47E9-AA82-307848BC148C}C:\program files (x86)\youtorrent\youtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\youtorrent\youtorrent.exe |
"TCP Query User{AFD1DCC2-5989-41BD-95B6-14BCD12A832C}C:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe |
"TCP Query User{BB43F9B8-F001-40BA-B0C2-A86BBD749165}C:\users\user\desktop\mangee\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"TCP Query User{BC90D7E2-9A53-4A73-BEE9-8861F8054494}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{C92C87F2-B10C-4C35-B83E-95AA19B95F97}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"TCP Query User{D51B2C12-CB3C-46C8-9324-14A39D5E8C20}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{E90138BD-FAC2-4C56-A47C-15643AFFF63A}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{030E0072-AB6C-487A-AA7B-100924227B54}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{3B29E800-C223-4811-BC8F-A70EBE1FD0F8}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{61B65C36-1F67-4321-A3E2-48A2F7C59974}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"UDP Query User{73E4235D-C8A5-4BF5-A646-4DBBE4EAE365}C:\users\user\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\akamai\netsession_win.exe |
"UDP Query User{B5EBA2BD-B2A4-48E7-BCE9-B993E8D207F5}C:\program files (x86)\grassgames hearts\hearts_dx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\grassgames hearts\hearts_dx9.exe |
"UDP Query User{B7537165-DAA4-4092-8ABB-AF4EC3DACC5D}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe |
"UDP Query User{BBC0B615-871E-4174-9C70-575E37697362}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C6EA8DAD-453F-4EFB-A1E5-C2E1C4B019F8}C:\users\user\desktop\mangee\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\downloads\utorrent.exe |
"UDP Query User{D3B90793-5029-43B4-B628-26F6F253F06D}C:\users\user\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\user\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{E04BBA62-57B1-4ACA-87BF-60DF4A844E21}C:\program files (x86)\youtorrent\youtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\youtorrent\youtorrent.exe |
"UDP Query User{E5265D51-24AF-49D7-AB92-28C37FB58296}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{EF1946D1-5084-4AB0-82E8-CED1F3CB3674}C:\users\user\desktop\mangee\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\user\desktop\mangee\bittorrent\bittorrent.exe |
"UDP Query User{FA5F0312-0E54-4734-900B-20722EC313C7}C:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gamehouse games collection\wheel of fortune\wheel of fortune.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP470_series" = Canon MP470 series
"{119B2F5A-2A06-DB96-FF28-992EC2A10BDF}" = AMD Accelerated Video Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{44B4F244-5B4D-856E-B3A6-E8DDBDC7F127}" = AMD Fuel
"{47F9B7C3-F172-940F-D0C4-203C7914E5D2}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B69A7CBA-9139-7ACB-7564-4CD5D8C36E26}" = AMD Drag and Drop Transcoding
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8388DCB-6F85-C11F-C9F4-D636960E60F5}" = ccc-utility64
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CanonMyPrinter" = Canon My Printer
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.8.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{005E738B-5A0A-4483-A900-877D183A8F45}_is1" = BlindWrite 6
"{079A4EB2-9A74-7B86-12C2-00B52E395801}" = CCC Help Danish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CA2063D-D43F-41F2-A8AC-A3C4A4C722D2}" = Qualcomm Atheros Fast Reconnect
"{112DDD07-E419-2498-1E9E-2157F82AF5AA}" = CCC Help Turkish
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{121C477C-5B7B-44E3-B621-BDDB542AE8FD}" = TuneUp Utilities Language Pack (en-GB)
"{12A00DC2-1226-D9F2-13DA-F974111D439E}" = AMD VISION Engine Control Center
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Video Performmer Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{224828D6-DCA7-FDF3-3B85-085298AEC919}" = Catalyst Control Center InstallProxy
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25BA9295-A14B-4696-A14A-8A11AE3C2BAC}_is1" = Jewel Quest
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2993B157-97AE-7981-F29A-E6575F991CDB}" = CCC Help Swedish
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{347966F8-E71A-E1A5-95E4-3A1C215383F6}" = CCC Help Chinese Traditional
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A3532ED-A121-4297-AA4F-70B60E4BD631}" = Playalot Games
"{3B3D81AB-51E2-695F-7E57-1CC30049F2A3}" = CCC Help French
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{462C2036-3055-4369-D30B-8DA032331EAB}" = CCC Help Greek
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51054867-140B-8FBF-73A8-75386276BD98}" = CCC Help Spanish
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{586A5957-F21B-C8AD-F5C2-11D4D7DA5340}" = CCC Help German
"{5AEDD628-18CC-4317-BD77-2F92E63A07D7}" = Forest Lake at Night
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{633414E3-AA2A-CD04-5976-E91F5F871396}" = CCC Help Japanese
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{812FF572-F216-EBA0-123E-636C1B6EBC5B}" = CCC Help Korean
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{856480C9-2428-15E1-97BC-685EE2A7B8E6}" = MusicOasis
"{85BB7CA7-6B0D-0B27-F4FF-B3D04282B3D1}" = CCC Help Russian
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{883CCFC7-CA6B-5531-704B-F9A64546B309}" = CCC Help Thai
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8BDD3EC9-27E9-E490-7607-AF97FA678046}" = CCC Help Italian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA5221E-15DE-5B0F-D7BE-CCC7305575DD}" = CCC Help Dutch
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1400F57-65CC-0C22-6461-948EA2837670}" = CCC Help Hungarian
"{A561BB5F-5A85-5D88-E520-0A4512D5E6C0}" = CCC Help Norwegian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B72907-B3F5-4C18-2D2B-F5E786A520DF}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AD219F94-16F2-937F-076A-F22DAA8D0A0B}" = CCC Help Finnish
"{B2B5B39B-4E8C-AC78-7FF1-7055C338D243}" = Catalyst Control Center Graphics Previews Common
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CA16B670-D9BD-4051-882A-B5AB057F7128}_is1" = FixBee Disk Optimizer
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DD8ACFF8-098E-130C-2799-BCA4D41EBAB2}" = CCC Help Chinese Standard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE123FE9-B7F6-A75A-920D-3937FB9F06E4}" = CCC Help Portuguese
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE253E80-C298-4A31-BB22-7280DC8C7177}" = CCC Help Czech
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F648F088-B270-CF18-6486-AF8B1FE6BC09}" = CCC Help English
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FD85D9C0-783A-77B7-8EF8-326EC6C154D1}" = Catalyst Control Center Localization All
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"123 Free Solitaire_is1" = 123 Free Solitaire 2009 v7.2
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AdobeESD" = Adobe Download Manager 1.2 (Remove Only)
"Akamai" = Akamai NetSession Interface Service
"Animated Water Scenes_is1" = Animated Water Scenes
"Animated Waterfalls II_is1" = Animated Waterfalls II
"Atlantis" = GameHouse Games Collection: Atlantis
"BabylonToolbar" = Babylon toolbar on IE
"BFGC" = Big Fish Games: Game Manager
"BookWorm" = BookWorm
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DefaultTab" = DefaultTab
"DefaultTab Chrome" = DefaultTab Chrome
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Eusing Free Registry Defrag" = Eusing Free Registry Defrag
"exent_452750" = Atlantis Quest
"exent_598050" = Mahjong World
"exent_642550" = Jewel Quest 3
"exent_642650" = Jewel Quest 2
"exent_642950" = Family Feud 3: Dream Home
"Feeding Frenzy" = GameHouse Games Collection: Feeding Frenzy
"Free Video Converter_is1" = Free Video Converter V 3.1
"Freemake Video Downloader_is1" = Freemake Video Downloader
"Game_Master_2.1 Toolbar" = Game Master 2.1 Toolbar
"Hardware Helper_is1" = Hardware Helper
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"iWinArcade" = iWin Games (remove only)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MusicOasis" = MusicOasis
"PriceGong" = PriceGong 2.6.4
"PricePeep" = PricePeep for Internet Explorer
"Puzzle Solitaire" = GameHouse Games Collection: Puzzle Solitaire
"SavingsApp" = SavingsApp
"searchresults1" = Search Results Toolbar
"The Sea App" = The Sea App (Internet Explorer)
"Trusted Software Assistant_is1" = File Type Assistant
"TuneUpMedia" = TuneUp 2.4.6.4
"Updater Service" = Updater Service
"uTorrent" = µTorrent
"uTorrentControl2 Toolbar" = uTorrentControl2 Toolbar
"VLC media player" = VLC media player 2.0.2
"Wajam" = Wajam
"Webshots Desktop_is1" = Webshots Desktop
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Zuma Deluxe" = GameHouse Games Collection: Zuma Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1212552220-772849959-1391451869-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 06/08/2012 1:33:38 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Users\user\AppData\Local\microsoft\Windows\temporary
internet files\Content.IE5\8578D1BT\softonicdownloader_for_123-free-solitaire.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 07/08/2012 3:36:00 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 07/08/2012 3:36:00 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 07/08/2012 3:37:28 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Users\user\AppData\Local\microsoft\Windows\temporary
internet files\Content.IE5\8578D1BT\SoftonicDownloader_for_123-free-solitaire.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 08/08/2012 1:46:10 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 08/08/2012 1:46:10 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 08/08/2012 12:54:07 PM | Computer Name = user-PC | Source = Registry Helper Service | ID = 109
Description = Error: Service started

Error - 08/08/2012 12:54:18 PM | Computer Name = user-PC | Source = Application Error | ID = 1000
Description = Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x4fb32b3b Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0,
time stamp: 0x4fb32b3b Exception code: 0xc0000005 Fault offset: 0x00002c20 Faulting
process id: 0x844 Faulting application start time: 0x01cd758661e07959 Faulting application
path: C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Faulting module path:
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe Report Id: b11fecfb-e179-11e1-afff-93d7b8cece11

Error - 09/08/2012 1:53:03 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_AudioCacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 09/08/2012 1:53:03 AM | Computer Name = user-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\cyberlink\power2go8\CES_CacheAgent.exe.Manifest".
Dependent
Assembly PDR.X,type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe
for detailed diagnosis.

Error - 09/08/2012 6:22:19 PM | Computer Name = user-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: BUSolution.dll, version: 2.0.0.3, time
stamp: 0x4feb290a Exception code: 0xc0000005 Fault offset: 0x0003058b Faulting process
id: 0x7c0 Faulting application start time: 0x01cd767825da11bc Faulting application
path: C:\Windows\SysWOW64\rundll32.exe Faulting module path: C:\Users\user\AppData\Roaming\BabylonToolbar\CR\BUSolution.dll
Report
Id: ae2bb545-e270-11e1-b998-8bb71db27008

[ Hewlett-Packard Events ]
Error - 24/07/2012 9:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 25/07/2012 10:13:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 26/07/2012 10:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 27/07/2012 11:13:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 28/07/2012 11:43:56 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 29/07/2012 8:02:06 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 30/07/2012 8:32:01 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 31/07/2012 9:02:02 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 05/08/2012 8:55:26 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

Error - 06/08/2012 9:25:18 AM | Computer Name = user-PC | Source = Hewlett-Packard | ID = 0
Description = en-CA Object reference not set to an instance of an object. HPSF at
HPAssistant.csSettings.getAssetAgentPath() at HPAssistant.HPAMain.bgAsset_DoWork(Object
sender, DoWorkEventArgs e)

[ System Events ]
Error - 05/08/2012 8:00:17 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:18 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 05/08/2012 8:00:18 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 06/08/2012 3:42:40 PM | Computer Name = user-PC | Source = DCOM | ID = 10016
Description =

Error - 08/08/2012 12:53:34 PM | Computer Name = user-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:06:53 AM on ?08/?08/?2012 was unexpected.

Error - 08/08/2012 12:53:46 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7000
Description = The AODDriver4.1 service failed to start due to the following error:
%%2

Error - 08/08/2012 12:54:24 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description = The DefaultTabSearch service terminated unexpectedly. It has done
this 1 time(s).

Error - 08/08/2012 2:45:44 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description = The FBDiskOptimizer service terminated unexpectedly. It has done
this 1 time(s).

Error - 09/08/2012 6:32:36 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7034
Description = The Adobe Acrobat Update Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 09/08/2012 6:32:36 PM | Computer Name = user-PC | Source = Service Control Manager | ID = 7031
Description = The bProtector service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.


< End of report >
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
This should clear out the last now, then I will run Malwarebytes to take out the associated registry keys. Once completed could you run a disc defragment and let me know if there is an improvement

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    IE - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0002226822fa931
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\bProtectorForWindows\2.2.453.59\FirefoxExtension
    [2012/05/06 20:42:56 | 000,010,998 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\bProtect.xml
    O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found
    O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O3 - HKU\S-1-5-21-1212552220-772849959-1391451869-1000\..\Toolbar\WebBrowser: (no name) - {22DFBF5B-A7CD-4B25-9471-3DC68C71855F} - No CLSID value found
    O4 - HKU\.DEFAULT..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-18..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-19..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O4 - HKU\S-1-5-20..\Run: [Exetender] "C:\Program Files (x86)\Free Ride Games\GPlayer.exe" /runonstartup File not found
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} Reg Error: Value error. (SpinTop DRM Control)
    O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webi...6-6D5536C585C9} (Reg Error: Key error.)
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} Reg Error: Value error. (ArmHelper Control)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
    O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22453~1.59\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.2.453.59\protector.dll ()
    [2012/08/05 14:47:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar


    :Files
    ipconfig /flushdns /c
    c:\ProgramData\bProtectorForWindows
    C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc


    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#5
princessss

princessss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I ran the fix, then defragged and the computer is running a little better, then I ran Malwarebytes and ran the fix but it only allowed me to remove a few items. I then ran OTL again...


here is the malwarebytes file


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.13.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
user :: USER-PC [administrator]

13/08/2012 8:12:04 PM
mbam-log-2012-08-13 (20-12-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220775
Time elapsed: 4 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 26
HKCR\CLSID\{22222222-2222-2222-2222-220022462239} (PUP.CrossFire.SA) -> No action taken.
HKCR\TypeLib\{44444444-4444-4444-4444-440044464439} (PUP.CrossFire.SA) -> No action taken.
HKCR\Interface\{55555555-5555-5555-5555-550055465539} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.Sandbox.1 (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.Sandbox (PUP.CrossFire.SA) -> No action taken.
HKCR\CLSID\{33333333-3333-3333-3333-330033463339} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.FBApi.1 (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.FBApi (PUP.CrossFire.SA) -> No action taken.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> No action taken.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A7D2060-824D-4B17-B00A-759B1B5F30D9} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011461139} (PUP.CrossFire.SA) -> No action taken.
HKCR\CrossriderApp0004639.BHO (PUP.CrossFire.SA) -> No action taken.
HKCR\CouponAlert_2pInstaller.Start (PUP.MyWebSearch) -> No action taken.
HKCR\CouponAlert_2pInstaller.Start.1 (PUP.MyWebSearch) -> No action taken.
HKCR\CrossriderApp0004639.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKLM\SOFTWARE\TotalRecipeSearch_14 (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> No action taken.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SAVINGSAPP (PUP.CrossFire.SA) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKCU\Software\Cr_Installer\4639 (Adware.GamePlayLab) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavingsApp|Publisher (PUP.CrossFire.SA) -> Data: 215 Apps -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\ProgramData\TheBflix (PUP.BFlix) -> No action taken.
C:\ProgramData\DownloadnSave (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data (PUP.DownloadnSave) -> No action taken.

Files Detected: 14
C:\ProgramData\ADDICT-THING\bhoclass.dll (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\bhoclass.dll (PUP.DownloadnSave) -> No action taken.
C:\Program Files (x86)\14res.dll (PUP.MyWebSearch) -> No action taken.
C:\ProgramData\TheBflix\background.html (PUP.BFlix) -> No action taken.
C:\ProgramData\TheBflix\pofcchimbbmpjnaeolplajfcjaphdpnf.crx (PUP.BFlix) -> No action taken.
C:\ProgramData\DownloadnSave\content.js (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\background.html (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\biliocbkpfpckgidakfjgmbadmclilgd.crx (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\settings.ini (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data\content.js (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data\jsondb.js (PUP.DownloadnSave) -> No action taken.
C:\Users\user\Local Settings\Application Data\SavingsApp\Chrome\SavingsApp.crx (PUP.CrossFire.SA) -> No action taken.
C:\ProgramData\OptimizerPro\updater.exe (Trojan.Dropper.H) -> Quarantined and deleted successfully.
C:\Program Files (x86)\14res.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

(end)


Here is the otl file



OTL logfile created on: 13/08/2012 9:25:08 PM - Run 2
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.99 Gb Total Physical Memory | 5.90 Gb Available Physical Memory | 73.86% Memory free
15.98 Gb Paging File | 13.51 Gb Available in Paging File | 84.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.33 Gb Total Space | 630.23 Gb Free Space | 68.63% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 2.63 Gb Free Space | 20.11% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 17:31:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy\OTL.exe
PRC - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/27 20:27:11 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
PRC - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/07 01:43:40 | 000,442,392 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/07 01:43:39 | 012,235,800 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/07 01:43:37 | 003,997,720 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/07 01:42:21 | 000,526,872 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\libglesv2.dll
MOD - [2012/08/07 01:42:20 | 000,104,984 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\libegl.dll
MOD - [2012/08/07 01:42:09 | 000,144,424 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/07 01:42:08 | 000,266,792 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/07 01:42:07 | 002,480,680 | ---- | M] () -- C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/10/28 09:27:12 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvcPS.dll
MOD - [2011/10/27 20:27:11 | 000,623,912 | ---- | M] () -- C:\Program Files (x86)\Cyberlink\Power2Go8\CLMediaLibrary.dll
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/06/11 13:12:16 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012/04/05 21:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/12/13 15:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/03 06:06:16 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/10 13:01:41 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/06/14 10:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/21 20:40:38 | 000,073,728 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2011/08/11 20:03:00 | 000,630,584 | ---- | M] (FixBee., (www.fixbee.com)) [Auto | Running] -- C:\Program Files (x86)\FixBee\FBDefragSrv64.exe -- (FBDiskOptimizer)
SRV - [2011/04/08 10:17:40 | 000,176,848 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files (x86)\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/04/13 02:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/04/06 00:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/05 20:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/10 22:38:28 | 002,801,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/11/24 00:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/16 08:35:58 | 000,054,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/09/08 20:08:36 | 000,090,096 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/08 23:00:20 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 16:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010/12/13 15:37:18 | 000,036,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/01 20:21:08 | 000,118,400 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ezplay.sys -- (ezplay)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/04 23:20:26 | 000,015,360 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HP8207_8307.sys -- (HP8207_8307)
DRV:64bit: - [2010/01/21 02:03:10 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2010/01/21 02:03:10 | 000,026,624 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64gps.sys -- (UsbGps)
DRV:64bit: - [2010/01/21 02:03:08 | 000,033,280 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2010/01/21 02:03:06 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2009/12/13 20:00:03 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009/10/09 22:22:42 | 000,040,320 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btblan.sys -- (LeapFrog-USBLAN)
DRV:64bit: - [2009/07/14 13:35:40 | 000,226,616 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/30 22:24:40 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000)
DRV:64bit: - [2009/06/29 04:00:00 | 000,116,752 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 05:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2008/07/26 16:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 16:25:48 | 000,790,424 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2008/07/26 16:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV:64bit: - [2008/07/26 16:22:22 | 000,015,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
DRV:64bit: - [2007/05/14 17:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/04/09 10:09:46 | 000,012,288 | ---- | M] (Waytech Development, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UsbFltr.sys -- (UsbFltr)
DRV - [2010/11/22 09:25:12 | 000,055,400 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx.sys -- (X5XSEx)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com/?fr=fp-tyc8
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{5BE5D493-C938-42D9-9234-E6D496B15103}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D1AE8AAD-21D9-4B90-9F31-34BFC802E8F9}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpd
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweeti...2-966C5169B100}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.myfamily.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myfamily.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0002226822fa931
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGHP_en
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{C0448470-1295-4E96-B708-253A630728BA}: "URL" = http://websearch.ask...DB-9604E7A76A76
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "midicairus Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.order.1,S: S", "GadgetBox"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine,S: S", "GadgetBox"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...1648001&gct=hp"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll (CouponAlert)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mediaforge.com/MRP: C:\Windows\system32\npmirage.dll (XMLAuthor Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/05 01:48:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions
[2009/12/14 23:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Extensions\mozswing[email protected]
[2012/08/09 17:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\extensions
[2012/07/13 19:26:10 | 000,002,343 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\askcom.xml
[2012/05/06 20:42:56 | 000,010,998 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\bProtect.xml
[2012/06/17 19:54:49 | 000,003,969 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\sweetim.xml
[2012/06/22 23:56:26 | 000,000,942 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sd07bbnl.default\searchplugins\yahoo.xml
[2012/08/09 17:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/05/14 22:34:48 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/05/14 22:34:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/01/29 17:09:19 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylo...0002226822fa931
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0\npFreemake.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: Wajam (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Perion plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\Plugins/PerionNewTabChrome-32.dll
CHR - plugin: npDefaultTabSearch plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.3_0\plugins/npDefaultTabSearch.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhepndnhfbdjmegechokkbabcphcihdi\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\user\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Coupon Alert Installer Plugin Stub (Enabled) = C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: XMLAuthor Inc. npmirage (Enabled) = C:\Windows\system32\npmirage.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: PlayBryte = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\angaccmkgaeejilgnjabkeihpdpnbibn\1.0_0\
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
CHR - Extension: SweetIM for Facebook = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
CHR - Extension: New Tab for Chrome = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Wajam = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\
CHR - Extension: uTorrentControl2 = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\

O1 HOSTS File: ([2012/08/13 19:01:57 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\Cyberlink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://msn.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zon...wn.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A008FDED-0344-40D2-AC21-234D70E5A508}: DhcpNameServer = 64.59.176.13 64.59.177.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9476922-621B-49A4-8AD8-12EE84F91AB1}: DhcpNameServer = 64.71.255.198 64.71.255.253
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\toolbarchrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\toolbarchrome - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\bprote~1\22453~1.59\protec~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell - "" = AutoRun
O33 - MountPoints2\{1c99ef7b-0d41-11e0-bdd0-dc4b06e5d860}\Shell\AutoRun\command - "" = F:\DigitalPhotoKeychain.EXE
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell - "" = AutoRun
O33 - MountPoints2\{2059c110-bbd4-11e0-a433-cfc9f3799c68}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/13 20:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/13 20:11:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/13 12:03:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C11C6F78-BF63-4C5D-958E-A59A9CDBB6BE}
[2012/08/13 00:02:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6E87CD05-D67F-4311-B07B-2F8BDDF91129}
[2012/08/12 12:01:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{772030A2-64B5-44C7-8630-FCB6CBB20F10}
[2012/08/12 00:00:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E179D6A1-9A91-428F-B779-E581AF7B1518}
[2012/08/11 21:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/11 12:00:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6EAE33EC-5D88-4F54-8BD3-F07FCF0CFCEC}
[2012/08/10 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B945761C-4462-4C8B-9855-9F53B6D4C24B}
[2012/08/10 11:58:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5E36BE2A-BE96-4BBE-A6EB-3B95D1C8C823}
[2012/08/09 23:58:09 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CA11AEA6-628D-4FB0-90A5-118D1F31A1CE}
[2012/08/09 23:57:47 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3B292912-920A-4929-9CFE-DBD55CA14D97}
[2012/08/09 17:32:36 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/08/09 13:27:25 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy
[2012/08/09 11:57:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BF671325-B90B-47A6-8737-7B1A016E06EE}
[2012/08/08 23:56:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{33ADEC47-3AD9-4D98-A81F-06550E779582}
[2012/08/08 12:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/08 12:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012/08/08 11:55:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D038258C-DDE1-4F1B-859C-4F3CE9ABBC10}
[2012/08/08 11:55:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6F4857CF-C03C-4300-883B-404342EB1AC3}
[2012/08/08 03:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp
[2012/08/08 03:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2012/08/08 03:00:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/08/08 03:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2012/08/08 02:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012/08/07 10:35:39 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8ED38EF4-D7CA-4BE3-B9C1-9AF460C6B784}
[2012/08/07 10:35:17 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{2C80771C-3FAA-4559-9EA2-31FA550A8258}
[2012/08/06 23:38:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\SavingsApp
[2012/08/06 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SavingsApp
[2012/08/06 06:40:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4018D9C3-2361-4B17-87A4-9433E7B8C490}
[2012/08/06 06:40:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{347BC09F-45F5-4600-8747-94C60DD5A60A}
[2012/08/06 05:59:18 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{49117EED-5F77-4270-9D41-C7D10CC53A4A}
[2012/08/05 14:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/08/05 14:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\123 Free Solitaire
[2012/08/05 14:47:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Wajam
[2012/08/05 14:47:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012/08/05 14:47:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PricePeep
[2012/08/05 14:39:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Game_Master_2.1
[2012/08/05 07:47:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A8B8E377-CCD8-48B1-9785-B733F7BE3BCC}
[2012/08/05 07:47:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1C857769-A6C5-4593-81D7-8A8D21478253}
[2012/08/04 22:36:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{4D0B5226-364B-4C2A-A7BA-0BEC5D3F46E6}
[2012/08/04 19:37:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Playalot Games
[2012/08/04 19:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Playalot Games
[2012/08/04 08:53:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{83929E67-2793-4BB0-B6FF-6981F2212E74}
[2012/08/03 17:36:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B3DCD321-C20D-412B-9343-460FE96C4CC2}
[2012/08/03 16:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Club Penguin
[2012/08/03 05:35:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C686FA77-6DAF-496F-AAA9-F112BD8A79BF}
[2012/08/02 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA158AD2-7105-4EF2-80B3-7244C5CBA8C9}
[2012/08/02 05:34:03 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A48A806E-49FB-411A-92CE-648C474C6818}
[2012/08/02 05:33:41 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B8BAB833-26B6-4207-BCDF-AD3CCE2DAD42}
[2012/08/01 18:53:10 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\DirectX_11_Technology_Update_US
[2012/08/01 17:33:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3608F219-1E2E-4165-BE7D-6F9FA004E24B}
[2012/08/01 17:32:52 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26A4BDF0-DF48-4A85-8147-3CC6322CC55B}
[2012/08/01 09:33:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EAC581C0-77DB-48E6-A868-36C31B8ABC95}
[2012/08/01 09:14:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6392FF2C-6ECD-4EF8-9272-DD281DD03031}
[2012/07/31 11:57:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6C17652A-E90F-4D44-B0BC-AF9B1E10E83A}
[2012/07/31 11:56:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8AEDCB04-C114-4F01-877C-BAE86294DA8D}
[2012/07/30 23:06:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BA170E37-3949-4409-9361-1745383B0A4C}
[2012/07/30 23:05:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{93E77A59-6C91-4BAF-BC8D-8B68E1004A93}
[2012/07/29 20:47:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6DFC6CFD-D891-4D8A-BC8F-BD4CF6AB1E6E}
[2012/07/29 20:47:02 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B2536FB1-8AA2-4FBF-9973-78427ED1BAD3}
[2012/07/29 13:45:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9D3D0F43-19D5-40A1-B707-EB8ACD93CA45}
[2012/07/28 14:50:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5A2C8232-4FC5-4A84-B566-CDA0264A65E6}
[2012/07/28 14:50:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{331332FA-5FE6-47C3-BB46-5D675BB83694}
[2012/07/27 23:03:20 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0C80FFF2-D36F-41BB-820E-6E472533D2DE}
[2012/07/27 23:02:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{B07048C0-6179-4A22-ABBF-72D86E348CAB}
[2012/07/25 22:46:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{45A2B516-E61E-4CC6-86CB-F561F5B269F5}
[2012/07/25 22:45:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1E2FBA4D-06CD-4B20-8BEA-F42F79020773}
[2012/07/25 08:57:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{139243E8-EC0B-4B77-A383-52D797503A56}
[2012/07/25 08:57:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{6AA803D3-6606-4035-B20F-EB5CE326F399}
[2012/07/24 08:33:06 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ED568EA5-DBEC-4BDF-8208-5A7B3E5E0F32}
[2012/07/24 08:32:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BBCBA218-7440-4C90-8307-BF80B065FB0E}
[2012/07/23 13:25:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5BF4C6C9-F599-4DB4-9CC8-09C1EF7187B4}
[2012/07/23 13:25:31 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{DE543902-BA4D-4557-93A1-95BF540EDE3A}
[2012/07/23 00:09:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{96409C9C-0512-4D53-9AB8-2F7A194A2EC8}
[2012/07/23 00:09:21 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{0A52008B-1FED-4297-8178-6C1A67708692}
[2012/07/22 12:08:55 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1BEAE3DF-B137-4E22-96A2-FBA0D316E3DD}
[2012/07/22 12:08:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5EC335B7-A80F-4E2A-BCBC-729F2D8C90D2}
[2012/07/21 23:47:56 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{BC4A2950-AB57-45EC-BE6D-93C2FB6F7C95}
[2012/07/21 23:47:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{152A7D4F-36A4-4625-999A-ACD14843DADB}
[2012/07/20 22:42:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7B7EF0AA-67A9-4DF0-9B75-BCBF17D22E92}
[2012/07/20 22:42:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{CBB9D865-A627-4237-9CC1-EDECE6AFD9A2}
[2012/07/20 22:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/07/20 08:18:23 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{E4BEC642-C01A-480D-B6C0-2F03062D048D}
[2012/07/20 08:18:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{EB47AC1E-FE93-4566-91AD-3C6DC5096C43}
[2012/07/19 16:41:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F767D87F-349F-4AEA-BEA3-D935F32D53E9}
[2012/07/19 16:40:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{9476A28E-C937-49F3-914D-4FFC3A8BDCDA}
[2012/07/19 14:37:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8DEA7C0D-40ED-462C-9AF6-3140FA532E39}
[2012/07/19 11:17:07 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{7F1FE819-0F5E-4F62-AE28-F5E677840041}
[2012/07/18 22:23:10 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3FBC1C91-8F2D-4E0B-A8AA-4EACE74C1632}
[2012/07/18 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{F14062AF-A608-42CC-AFDC-0226405AEBDB}
[2012/07/18 09:41:15 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{FA78DCDC-049C-4B0B-BE22-A9AD678A23AC}
[2012/07/18 09:40:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{8E04FA7A-0571-4A99-B66D-5FCEE22B4EDF}
[2012/07/17 09:10:16 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{D459B44D-FC1D-41A1-8735-1393720EEECA}
[2012/07/17 09:09:54 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{A03B653B-9405-4194-BF06-261E9FB617C7}
[2012/07/16 11:30:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{1A328891-5FE2-4F13-B4AD-3F7529F366C8}
[2012/07/16 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{5B73CCF0-923E-4B82-A6A7-9DD1A29B472B}
[2012/07/15 23:12:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{14E2C30A-AEA6-4E0F-8940-848B98864BE4}
[2012/07/15 23:11:57 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{26F66465-E121-4BBC-9E65-F8F44F9E6119}
[2012/07/15 19:39:22 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{ABCCB4EA-607B-45A8-AC25-F7D19DB6102A}
[2012/07/14 23:00:34 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{C2BDF00A-49B1-4949-A6CE-28713C6EE597}
[2012/07/14 23:00:12 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\{3052D6BB-FA31-485F-AC41-D76AE9E7236E}
[2010/05/01 20:21:08 | 000,118,400 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\ezplay.sys
[2009/12/13 20:00:03 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\user\AppData\Roaming\pcouffin.sys
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/13 21:30:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000UA.job
[2012/08/13 21:06:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/13 20:59:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/13 20:32:25 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 20:32:25 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/13 20:24:28 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/13 20:24:11 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/08/13 20:23:57 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012/08/13 20:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/13 20:23:28 | 2141,106,175 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/13 19:08:22 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForuser.job
[2012/08/13 19:01:57 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/08/13 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/08/13 13:30:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1212552220-772849959-1391451869-1000Core.job
[2012/08/13 11:47:49 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2012/08/12 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2012/08/12 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\FB-Optimize.job
[2012/08/11 21:55:53 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/10 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/08/08 17:32:10 | 000,002,447 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2012/08/08 03:00:36 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/06 23:45:06 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | M] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/05 14:51:58 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/05 14:47:35 | 000,005,282 | ---- | M] () -- C:\user.js
[2012/08/04 19:37:47 | 000,002,591 | ---- | M] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/07/29 00:20:29 | 000,001,191 | ---- | M] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2012/07/20 22:25:48 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/07/20 08:20:51 | 000,000,313 | ---- | M] () -- C:\Users\user\Desktop\Facebook.url
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/11 21:55:53 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/08 03:00:36 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp.lnk
[2012/08/06 23:44:55 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2012/08/06 23:38:44 | 000,001,934 | ---- | C] () -- C:\Users\user\Desktop\Play Skillville Games.lnk
[2012/08/05 14:50:52 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\123 Free Solitaire.lnk
[2012/08/04 19:37:47 | 000,002,591 | ---- | C] () -- C:\Users\Public\Desktop\Playalot Games.lnk
[2012/07/20 22:25:48 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/06/18 16:04:26 | 000,008,112 | ---- | C] () -- C:\Program Files\Documents.one
[2012/04/09 13:32:31 | 000,735,282 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/06 23:09:09 | 000,103,784 | ---- | C] () -- C:\Users\user\GoToAssistDownloadHelper.exe
[2012/04/05 20:29:34 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/04/05 20:29:34 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/01 15:24:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{57A828B4-A81A-49B2-A3A6-F6CC4A73413B}
[2012/03/01 15:23:09 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{E51CBA45-AF28-4B69-AA77-59C4179A1659}
[2012/03/01 15:21:50 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{A668062B-5AAE-4EBD-BCC8-4C1C11C2F891}
[2012/03/01 15:17:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DE1BEB81-75DA-4481-818D-4334473F5671}
[2012/03/01 15:14:44 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{03258BE5-DAA9-494C-978C-95C824978197}
[2012/03/01 15:10:01 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{96CA75C8-5216-449C-B8D7-7F5B90CABB54}
[2012/03/01 15:05:43 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{BD1DCF07-588C-45ED-B4DC-93F53CE5A309}
[2012/03/01 15:02:52 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{3A547FAE-812F-4772-9FB0-62C1D23C590B}
[2012/03/01 14:51:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DC2516E2-ABDB-43E1-8EFD-D61E6D9CAE94}
[2012/03/01 14:48:41 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{B8D9D4DD-37C3-4C5D-AEF8-67FBA61C00DB}
[2012/02/27 17:02:47 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CF01DEAA-0EF4-4345-9A6D-12F694C6B6F1}
[2012/02/27 17:02:14 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FD531313-B71A-46CC-920F-7AF1BA68EE9B}
[2012/02/27 17:00:38 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5A520BEE-9CA8-41D4-91AD-282892292FCE}
[2012/02/27 16:59:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AF174D73-1A40-45C3-93AD-C31B7B9DFEED}
[2012/02/27 16:49:16 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{FFC76884-CB75-431F-8BD3-4F39B20D5E96}
[2012/02/27 16:48:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0FE7B42E-A2EA-4F89-B597-E954DA2885D2}
[2012/02/27 16:46:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{4E42CF1B-2C3B-480E-9A29-58F9763EEA32}
[2012/02/27 16:45:24 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{C31D8DDE-F8A6-4542-A014-2ED1760E74BC}
[2012/02/27 16:32:28 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{5CE71378-C245-4430-8D25-8AC61D66E312}
[2012/02/27 16:31:40 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{0C37097B-7502-4E4E-A092-A79332F8942A}
[2012/02/27 16:30:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{CA0130D6-02DC-41FD-9FCD-B6056598B00B}
[2012/02/27 16:28:07 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DAE33DBD-A422-431E-BC57-BFF6D8D7B700}
[2012/02/27 16:20:53 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{474392D7-D851-429F-A451-A8BCF908DE1A}
[2012/02/27 16:19:32 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{992638EF-130D-4809-ABFF-2A864654F2AE}
[2012/02/27 16:17:22 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{59D181C7-E381-4525-A358-A076D4D82574}
[2012/02/27 16:10:19 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{1190E63A-32D3-4E57-83D0-43D494F1BEAD}
[2012/02/27 16:07:45 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{8F96BDB6-C993-4367-8E7E-2C6C7630213D}
[2012/02/27 16:05:12 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{DCFAF58E-01AC-4319-95E9-5984C22B5D84}
[2012/02/27 15:49:20 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{967B580D-27E6-4CA2-A116-D5D056DC6AF2}
[2012/02/27 15:47:39 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{53CC8EB3-8985-4499-8823-BDF6129343EC}
[2012/02/27 15:46:13 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\{AE273F6B-1D7B-4472-B9C6-5199D7B3C427}
[2012/02/12 22:15:59 | 000,002,073 | ---- | C] () -- C:\Windows\unins001.dat
[2012/02/12 22:14:30 | 000,001,699 | ---- | C] () -- C:\Windows\unins000.dat
[2011/11/22 13:31:21 | 000,198,568 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/10/26 02:33:14 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/10/25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/04/04 19:50:28 | 000,000,080 | ---- | C] () -- C:\Users\user\AppData\Roaming\EasyBejeweled.exe.ini
[2011/03/13 22:14:57 | 000,001,587 | ---- | C] () -- C:\Users\user\feb2006_xact_x86.inf
[2011/02/11 16:23:34 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/10/09 14:23:45 | 000,018,343 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.JPG
[2010/10/09 14:23:45 | 000,014,999 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGES.0
[2010/10/06 16:21:00 | 000,000,026 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/09/21 17:06:46 | 000,028,501 | ---- | C] () -- C:\Users\user\AppData\Roaming\UserTile.png
[2010/08/06 09:42:24 | 000,003,603 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.3
[2010/08/06 09:42:22 | 000,003,549 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.2
[2010/08/06 09:42:19 | 000,003,577 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.1
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.JPG
[2010/08/06 09:42:16 | 000,003,357 | ---- | C] () -- C:\Users\user\AppData\Local\tmpIMAGE003.0
[2010/05/02 15:13:57 | 000,087,775 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.JPG
[2010/05/02 15:13:41 | 000,356,635 | ---- | C] () -- C:\Users\user\AppData\Local\tmpP_00103.0
[2010/05/01 20:21:08 | 000,007,833 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.cat
[2010/05/01 20:21:08 | 000,001,126 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.inf
[2010/05/01 20:21:08 | 000,000,125 | ---- | C] () -- C:\Users\user\AppData\Roaming\ezplay.ini
[2010/04/14 20:57:35 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.4
[2010/04/14 20:57:24 | 000,046,289 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.3
[2010/04/14 20:57:23 | 000,046,441 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.2
[2010/04/14 20:57:23 | 000,046,319 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.1
[2010/04/14 20:57:21 | 000,031,872 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.0
[2010/04/14 20:57:10 | 000,046,422 | ---- | C] () -- C:\Users\user\AppData\Local\tmpTATTOO20-20TRIBAL2027.JPG
[2010/04/04 18:06:17 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Roaming\dm.ini
[2010/02/04 12:06:33 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 01:05:01 | 000,008,704 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/08 16:14:23 | 000,003,528 | ---- | C] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2009/12/13 20:01:23 | 000,001,191 | ---- | C] () -- C:\Users\user\AppData\Roaming\vso_ts_preview.xml
[2009/12/13 20:00:03 | 000,099,384 | ---- | C] () -- C:\Users\user\AppData\Roaming\inst.exe
[2009/12/13 20:00:03 | 000,007,859 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.cat
[2009/12/13 20:00:03 | 000,001,167 | ---- | C] () -- C:\Users\user\AppData\Roaming\pcouffin.inf
[2009/12/10 11:33:43 | 000,007,618 | ---- | C] () -- C:\Users\user\AppData\Local\resmon.resmoncfg

========== LOP Check ==========

[2010/04/29 01:31:01 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2011/10/08 13:16:16 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\.minecraft
[2010/01/16 22:10:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AnvSoft
[2009/12/10 02:39:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Astro Gemini Software
[2012/03/13 00:49:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG
[2010/11/24 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG10
[2012/03/12 18:32:20 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\AVG2012
[2011/02/13 17:05:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Canon
[2012/07/05 00:34:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CasinoOnNet
[2010/02/20 00:02:34 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/04 19:37:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\com.w3i.plyt
[2010/09/26 00:29:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Dream Aquarium
[2010/04/24 19:12:38 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverCure
[2010/11/08 00:14:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DriverFinder
[2011/09/18 18:13:10 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\DVDVideoSoft
[2012/05/23 22:16:55 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Exent Technologies
[2012/03/13 13:16:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Fanda Games
[2012/07/10 19:19:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\FixBee
[2012/04/03 10:51:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\funkitron
[2012/04/25 17:09:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Gaijin Ent
[2010/12/02 20:50:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
[2011/03/27 16:16:58 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GlarySoft
[2012/08/03 16:25:02 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Goodsol
[2011/10/02 10:04:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrabPro
[2011/06/14 13:15:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GrassGames
[2011/09/21 15:40:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\HideIPEasy
[2010/12/02 20:22:47 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\InfraRecorder
[2012/06/13 21:32:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\iWin
[2010/04/04 22:31:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2009/12/16 12:59:49 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LimeWire
[2010/12/10 02:33:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\magentictb
[2012/07/05 16:51:25 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Media Finder
[2012/06/29 00:46:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MOVAVI
[2011/03/31 16:11:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MP3Rocket
[2012/07/11 02:13:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MusicOasis
[2012/01/16 02:23:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Orbit
[2012/01/09 01:09:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ParetoLogic
[2012/07/06 22:57:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\pdfforge
[2010/09/21 17:06:46 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PeerNetworking
[2012/05/06 16:40:36 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PerformerSoft
[2010/04/20 17:20:24 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\PrimoPDF
[2012/05/21 18:35:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Product_RM
[2011/10/02 10:04:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ProgSense
[2012/05/22 19:01:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Registry Mechanic
[2011/03/01 20:17:17 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\RegistryKeys
[2009/12/11 12:15:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\ScanSoft
[2010/09/30 12:22:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Silver Creek Entertainment
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Spadester
[2012/01/08 18:36:41 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpeedyPC Software
[2010/12/10 02:33:18 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SpinTop
[2012/06/22 15:21:26 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Systweak
[2010/01/08 16:15:11 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2009/12/10 02:40:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TERMINAL Studio
[2010/11/07 15:52:48 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Thinstall
[2011/10/02 13:42:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Tific
[2012/08/03 00:17:44 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TreeCardGames
[2010/02/11 20:09:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUp Software
[2012/08/08 03:01:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TuneUpMedia
[2012/05/07 13:54:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Uniblue
[2012/08/08 02:55:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\uTorrent
[2012/07/29 00:20:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Vso
[2010/03/30 19:16:45 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Western Software Technologies
[2009/12/13 10:23:39 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinBatch
[2011/01/23 22:05:01 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Windows Live Writer
[2012/08/13 20:23:57 | 000,000,338 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job
[2012/08/12 04:00:00 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\FB-Optimize.job
[2012/08/13 18:00:00 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012/08/13 11:47:49 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2012/08/10 04:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag_sch_CE6524F7-3DBE-11E1-AAE1-99A8F2A89E6D.job
[2012/08/12 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor_sch_F99BE1B7-3FA9-11E1-ADE7-AC33E69FB964.job
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(23).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(54).TXT
[2010/08/13 10:09:04 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU(75).TXT
[2012/08/09 15:49:08 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:8842A96D
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:7149F3EF
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:C5E4F943
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:2913008E
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:55422315
@Alternate Data Stream - 159 bytes -> C:\ProgramData\Temp:D2F157E3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:F8D65F32
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:F49E02D5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:958399A2
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:B683AD23
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:290A724C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:57DC3B52
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:06E98522
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:8A99591C
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:2F4A0A6B
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:69148568
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:627359BA
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C7F04040
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:0459F5AC
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:7B13EE36
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:2EF63291

< End of report >
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I have just come across a new programme just for this type of problem... And when I tried it out it was very effective.. This may well remove the last final remnants

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#7
princessss

princessss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
# AdwCleaner v1.801 - Logfile created 08/14/2012 at 16:46:24
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : user - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\user\Desktop\pc Fix Tools (do not add to this) Tammy\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0 (en-US)

-\\ Google Chrome v21.0.1180.77

*************************

AdwCleaner[R1].txt - [44451 octets] - [14/08/2012 16:37:25]
AdwCleaner[S1].txt - [33912 octets] - [14/08/2012 16:38:17]
AdwCleaner[S2].txt - [781 octets] - [14/08/2012 16:46:24]

########## EOF - C:\AdwCleaner[S2].txt - [908 octets] ##########

what do you think, are we clear now?
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP