Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

CPU Load 100% When Connect with Wi-FI [Closed]


  • This topic is locked This topic is locked

#1
blackcampaign

blackcampaign

    New Member

  • Member
  • Pip
  • 7 posts
I had DELL Inspiron 14R with win7 prof 64bit, when I connect with wifi cpu load reach 100% while downloading with IDM and it happen when the transfer rate high.

OTL Results

OTL logfile created on: 17/09/2012 8:39:25 - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = D:\Downloads\Mirror\Programs
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000421 | Country: Indonesia | Language: IND | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 39,76% Memory free
3,85 Gb Paging File | 1,24 Gb Available in Paging File | 32,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,10 Gb Total Space | 23,88 Gb Free Space | 34,06% Space Free | Partition Type: NTFS
Drive D: | 218,12 Gb Total Space | 73,57 Gb Free Space | 33,73% Space Free | Partition Type: NTFS
Drive E: | 3,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 33,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: NAVIGATOR | User Name: Markun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Downloads\Mirror\Programs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe (IObit)
PRC - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Smartfren Connex EC1261-2 UI.exe ()
PRC - C:\ProgramData\Smartfren Connex EC1261-2 UI\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\Smadav\SMΔRTP.exe (Smadsoft)
PRC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
PRC - C:\ProgramData\DataCardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\ProcessTamer\ProcessTamerTray.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
MOD - C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Smartfren Connex EC1261-2 UI.exe ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\SMSUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\StatusBarMgrPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\SmsSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\ToolBarMgrPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\XFramePlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\XCodec.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\STKSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\USSDSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Trace.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Win7Support.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\SmsAppPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\QtGui4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\QtXml4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\plugins\imageformats\qtiff4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\sdk.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\QtCore4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\plugins\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NDISAPI.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\AddrBookPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\AddrBookUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\CallUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\CallAppPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\CallLogSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\PluginContainer.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DeviceMgrUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NetInfoUIExPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DialupUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\core.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\CallLogUIPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Proxy.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DeviceAppPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NetConnectPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DeviceSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\MenuMgrPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NetInfoSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\LiveUpdateInterface.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\AddrBookSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\AtCodec.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NetSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\Common.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DialUpPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NDISPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\CallSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NetConnectSrvPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\DataServicePlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\OSDialup.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\OSNDIS.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\ATR2SMgr.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\LayoutPlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\OSAdapt.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\NotifyServicePlugin.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\OSPowerMgr.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\OSCall.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\libgcc_s_dw2-1.dll ()
MOD - C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\mingwm10.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\53617f47bfecf408ce5234479afbd2e5\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\c4d40afe53c11104c3374aa07c59498f\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Smadav\SM?RTP.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.dll ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 5\madexcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 5\madbasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 5\maddisAsm_.bpl ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files (x86)\ProcessTamer\ProcessTamerTray.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PSI_SVC_2_x64) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Smartfren Connex EC1261-2 UI. RunOuc) -- C:\Program Files (x86)\Smartfren Connex EC1261-2 UI\UpdateDog\ouc.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (USBSafelyRemoveService) -- C:\Program Files (x86)\USB Safely Remove\USBSRService.exe (Crystal Rich Ltd)
SRV - (AdvancedSystemCareService5) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (PanService) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (SeagateDashboardService) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)
SRV - (MemeoBackgroundService) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DataCardService\HWDeviceService64.exe ()
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (PCDSRVC{1E208CE0-FB7451FF-06020200}_0) -- c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AmgHips) -- C:\Windows\SysNative\drivers\AmgHips.sys ()
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RDPDISPM) -- C:\Windows\SysNative\drivers\rdpdispm.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (hwinterface) -- C:\Windows\SysWOW64\drivers\hwinterface.sys (Logix4u)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinRing0_1_2_0) -- D:\Setelan\RealTemp\WinRing0x64.sys (OpenLibSys.org)
DRV - (hwdatacard) -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = id-ID
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D5 A3 D3 61 FB 45 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit...q={searchTerms}
IE - HKCU\..\SearchScopes\{A94BE7DF-9350-4F27-A9CF-B5A1B11828A2}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{E8E2A51B-1A15-4ED4-9B47-E0AE4928F453}: "URL" = http://websearch.ask...2E-E93A0F6E8BD2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.17.27.250:8080

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
FF - prefs.js..browser.search.defaulturl: "http://home.speedbit...spx?aff=115&q="
FF - prefs.js..browser.search.order.1: "SpeedBit Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.0.100
FF - prefs.js..extensions.enabledAddons: {c2921baa-9930-4d73-a203-f69db688f139}:1.0
FF - prefs.js..extensions.enabledAddons: [email protected]:7.0.1466
FF - prefs.js..extensions.enabledAddons: {bb6bc1bb-f824-4702-90cd-35e2fb24f25d}:1.5.1.1
FF - prefs.js..extensions.enabledAddons: [email protected]:7.3.28
FF - prefs.js..extensions.enabledAddons: [email protected]:5.0.2
FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:1.1
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..keyword.URL: "http://home.speedbit...spx?aff=115&q="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@photodex.com/PhotodexPresenter: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Markun\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Markun\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@us-w1.rockmelt.com/RockMelt Update;version=8: C:\Users\Markun\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Markun\AppData\Local\Facebook\Messenger\2.1.4570.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/25 23:53:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/15 01:55:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/15 01:55:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 15.0\extensions\\Components: C:\Program Files (x86)\Pale Moon\components [2012/08/28 07:36:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Markun\AppData\Roaming\IDM\idmmzcc5 [2012/09/08 20:27:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Markun\AppData\Roaming\IDM\idmmzcc5 [2012/09/08 20:27:59 | 000,000,000 | ---D | M]

[2012/04/07 11:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Extensions
[2012/09/15 01:56:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions
[2012/09/01 17:46:51 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2012/09/06 17:10:18 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
[2012/09/15 01:56:31 | 000,371,729 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
[2012/07/28 14:17:36 | 000,456,182 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
[2012/05/04 17:27:09 | 000,003,047 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
[2012/05/04 17:27:28 | 000,003,714 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{c2921baa-9930-4d73-a203-f69db688f139}.xpi
[2012/07/25 17:03:56 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/15 01:56:31 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012/09/15 01:56:31 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2012/06/06 21:31:06 | 000,002,333 | ---- | M] () -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\searchplugins\askcom.xml
[2012/08/26 09:37:01 | 000,002,534 | ---- | M] () -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\searchplugins\speedbit.xml
[2012/09/15 01:55:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/25 23:53:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/09/15 01:55:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/29 19:24:38 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/29 22:49:46 | 000,002,167 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/08/29 19:24:38 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://home.speedbit.com/?aff=115
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://home.speedbit.com/?aff=115
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Markun\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - plugin: Photodex Presenter Plugin (Enabled) = C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Markun\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Markun\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Turn Off the Lights = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.6_0\
CHR - Extension: YouTube = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google+ = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.0.1.424_0\
CHR - Extension: TweetDeck = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\1.6.0_0\
CHR - Extension: goo.gl URL Shortener = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.2_0\
CHR - Extension: avast! WebRep = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Dragonfly7 = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifcaofnekaooediccpfakjlbikfdghn\1.1_0\
CHR - Extension: IDM Integration = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.12.17_0\
CHR - Extension: Download Assistant = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\
CHR - Extension: Awesome New Tab Page = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg\2012.135.7.2_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.7.5_0\
CHR - Extension: Gmail = C:\Users\Markun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/04 14:43:19 | 000,001,451 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 tonec.com
O1 - Hosts: 127.0.0.1 www.tonec.com
O1 - Hosts: 127.0.0.1 registeridm.com
O1 - Hosts: 127.0.0.1 secure.registeridm.com
O1 - Hosts: 127.0.0.1 internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 www.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 secure.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror2.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 mirror3.internetdownloadmanager.com
O1 - Hosts: 127.0.0.1 star.tonec.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] c:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [USB Safely Remove] C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dell Webcam Central] c:\program files (x86)\dell webcam\dell webcam central\webcamdell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] c:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [ProcessTamer] C:\Program Files (x86)\ProcessTamer\ProcessTamerTray.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [RockMelt Update] C:\Users\Markun\AppData\Local\RockMelt\Update\RockMeltUpdate.exe (RockMelt Inc.)
O4 - HKCU..\Run: [SmartRAM] C:\Program Files (x86)\IObit\Advanced SystemCare 5\suo10_smartram.exe (IObit)
O4 - HKCU..\Run: [SMΔRT-Protection] C:\Program Files (x86)\Smadav\SMΔRTP.exe (Smadsoft)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16513986-1023-4450-8846-D5137AF4A524}: NameServer = 10.17.3.252 10.17.3.246
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{536E1A20-F881-414A-B4E2-D230CDF7884F}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9CC98BC-3C3C-49AB-8818-8AD0BCED646E}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/14 16:29:38 | 000,000,122 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/03/17 10:57:22 | 000,148,320 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2011/03/18 16:48:14 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{808ef6ec-8952-11e1-99c7-b8ac6f61c9ee}\Shell - "" = AutoRun
O33 - MountPoints2\{a0aecf9a-9f4b-11e1-b483-b8ac6f61c9ee}\Shell - "" = AutoRun
O33 - MountPoints2\{a0aecf9a-9f4b-11e1-b483-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\Setup.exe /Auto
O33 - MountPoints2\{b922ada0-d17d-11e1-b195-001e101fe70e}\Shell - "" = AutoRun
O33 - MountPoints2\{b922ada0-d17d-11e1-b195-001e101fe70e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{bcc27501-fe60-11e1-9d9f-b8ac6f61c9ee}\Shell - "" = AutoRun
O33 - MountPoints2\{bcc27501-fe60-11e1-9d9f-b8ac6f61c9ee}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f9f7b5cd-d005-11e1-a6ff-b8ac6f61c9ee}\Shell - "" = AutoRun
O33 - MountPoints2\{f9f7b5cd-d005-11e1-a6ff-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\{f9f7b5d3-d005-11e1-a6ff-b8ac6f61c9ee}\Shell - "" = AutoRun
O33 - MountPoints2\{f9f7b5d3-d005-11e1-a6ff-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/16 21:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
[2012/09/15 23:30:17 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2012/09/15 19:57:21 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Indowebster Desktop Uploader
[2012/09/15 01:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/14 23:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NirSoft
[2012/09/14 22:08:31 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\dll-files.com
[2012/09/14 22:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files.com Fixer
[2012/09/14 22:08:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dll-Files.com Fixer
[2012/09/13 23:11:22 | 000,159,456 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2012/09/11 22:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2012/09/11 22:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Magical Jelly Bean
[2012/09/11 17:10:39 | 000,142,128 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012/09/11 17:09:49 | 000,266,776 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012/09/11 17:09:48 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/09/11 17:09:41 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswNdis.sys
[2012/09/11 15:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/09/10 11:45:41 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\DonationCoder
[2012/09/10 11:45:38 | 000,000,000 | ---D | C] -- C:\Users\Markun\Documents\DonationCoder
[2012/09/10 11:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2012/09/10 11:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessTamer
[2012/09/10 11:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProcessTamer
[2012/09/09 12:21:31 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Local\Norman Malware Cleaner
[2012/09/09 11:11:08 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012/09/09 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2012/09/07 22:51:33 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Local\LooksBuilder
[2012/09/07 22:51:13 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Red Giant Link
[2012/09/07 22:50:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
[2012/09/07 22:50:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
[2012/09/07 22:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LooksBuilder
[2012/09/07 22:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Giant Link
[2012/09/07 22:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\RedGiant
[2012/09/04 00:16:42 | 000,000,000 | ---D | C] -- C:\ProgramData\VideoCopilot
[2012/09/03 16:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012/09/03 16:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2012/09/03 15:11:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/02 19:22:32 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Unity
[2012/09/02 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Local\Unity
[2012/09/02 18:21:10 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RockMelt
[2012/09/02 18:11:49 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Local\RockMelt
[2012/09/01 11:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2012/09/01 11:06:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/08/31 11:17:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center
[2012/08/31 09:17:23 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\IDM
[2012/08/31 09:17:17 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/08/31 09:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2012/08/31 09:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2012/08/31 00:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2012/08/28 18:59:18 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Hear
[2012/08/28 18:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hear
[2012/08/28 18:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Hear
[2012/08/28 12:30:03 | 000,000,000 | --SD | C] -- C:\Users\Markun\Documents\My Shapes
[2012/08/28 00:21:00 | 000,029,424 | ---- | C] (DeskSoft) -- C:\Windows\SysNative\drivers\dsnpfd.sys
[2012/08/27 14:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2012/08/26 16:56:03 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Software Manager
[2012/08/26 16:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Software Manager
[2012/08/25 23:32:43 | 000,359,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/25 23:32:43 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/25 23:32:42 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/25 23:32:42 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/25 23:32:40 | 000,969,200 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/25 23:32:38 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/25 23:31:53 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/25 23:31:53 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/25 18:47:53 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
[2012/08/25 18:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/08/25 18:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2012/08/25 18:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedBit
[2012/08/25 17:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/08/25 17:54:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/08/25 17:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/08/25 17:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/08/25 17:51:37 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/08/25 17:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012/08/25 17:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/08/25 17:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/08/25 17:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/08/25 17:46:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/08/25 17:44:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/08/24 09:03:56 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\USBSafelyRemove
[2012/08/24 09:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\USBSRService
[2012/08/24 09:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Safely Remove
[2012/08/24 09:03:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Safely Remove
[2012/08/23 15:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDWS Desktop Uploader Beta
[2012/08/23 15:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IDWS Desktop Uploader Beta
[2012/08/22 10:35:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/08/22 10:35:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/08/21 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Local\AlbumArtDownloader
[2012/08/21 22:03:15 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Album Art Downloader
[2012/08/21 22:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\AlbumArtDownloader
[2012/08/21 14:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012/08/21 14:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012/08/21 14:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012/08/21 12:29:01 | 000,000,000 | ---D | C] -- C:\Users\Markun\AppData\Roaming\Qualcomm
[2012/08/21 12:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QXDM Professional
[2012/08/21 12:27:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Qualcomm
[2012/08/21 12:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Qualcomm
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/17 08:35:03 | 000,029,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 08:35:03 | 000,029,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 08:24:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/17 08:24:20 | 1551,253,504 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/16 20:17:02 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000UA.job
[2012/09/16 20:08:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/16 18:38:25 | 000,830,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/16 18:38:25 | 000,690,340 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/16 18:38:25 | 000,133,702 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/16 18:17:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000Core.job
[2012/09/15 23:14:49 | 000,021,741 | ---- | M] () -- C:\Users\Markun\AppData\Local\Temp16.html
[2012/09/15 23:13:29 | 000,001,955 | ---- | M] () -- C:\Users\Markun\AppData\Local\Temp1.html
[2012/09/15 22:16:27 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012/09/15 01:15:10 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012/09/14 22:08:21 | 000,001,996 | ---- | M] () -- C:\Users\Markun\Desktop\DLL-Files.com FIXER.lnk
[2012/09/14 22:08:21 | 000,001,980 | ---- | M] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\DLL-Files.com FIXER.lnk
[2012/09/14 08:25:40 | 000,159,456 | ---- | M] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2012/09/12 09:47:49 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/09/12 09:47:47 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/09/11 23:14:27 | 000,000,352 | ---- | M] () -- C:\Users\Markun\AppData\Roaming\Network Meter_Settings.ini
[2012/09/11 22:57:23 | 000,000,990 | ---- | M] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2012/09/10 11:45:41 | 000,000,046 | ---- | M] () -- C:\Windows\SysWow64\DonationCoder_processtamer_InstallInfo.dat
[2012/09/10 11:45:41 | 000,000,046 | ---- | M] () -- C:\Users\Markun\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2012/09/09 21:03:30 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/09/09 11:11:09 | 000,001,054 | ---- | M] () -- C:\Users\Markun\Desktop\MSI Afterburner.lnk
[2012/09/08 10:09:41 | 000,003,026 | ---- | M] (Logix4u) -- C:\Windows\SysWow64\drivers\hwinterface.sys
[2012/09/04 18:59:02 | 005,328,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/04 14:43:46 | 000,000,021 | ---- | M] () -- C:\Windows\SurCode.INI
[2012/09/02 18:41:05 | 000,002,198 | ---- | M] () -- C:\Users\Markun\Desktop\RockMelt.lnk
[2012/09/01 11:07:09 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2012/08/31 00:34:22 | 000,000,128 | ---- | M] () -- C:\Windows\wininit.ini
[2012/08/30 19:16:25 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012/08/30 19:04:33 | 000,002,081 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Seasons.lnk
[2012/08/29 15:40:27 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/08/28 18:59:13 | 000,000,784 | ---- | M] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\Hear.lnk
[2012/08/28 00:21:00 | 000,029,424 | ---- | M] (DeskSoft) -- C:\Windows\SysNative\drivers\dsnpfd.sys
[2012/08/26 19:19:05 | 000,001,252 | ---- | M] () -- C:\Users\Markun\Desktop\photoFXlab(64Bit).lnk
[2012/08/26 16:56:05 | 000,001,150 | ---- | M] () -- C:\TopazLabs.lnk
[2012/08/26 16:56:03 | 000,001,314 | ---- | M] () -- C:\Users\Markun\Desktop\TopazSoftwareManager.lnk
[2012/08/25 18:34:00 | 000,109,256 | ---- | M] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/08/25 18:34:00 | 000,090,824 | ---- | M] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/08/24 09:03:15 | 000,001,097 | ---- | M] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\USB Safely Remove.lnk
[2012/08/22 08:23:45 | 000,000,505 | ---- | M] () -- C:\Users\Markun\Desktop\Devices and Printers - Shortcut.lnk
[2012/08/21 16:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/21 16:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/21 16:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/21 16:13:12 | 000,266,776 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012/08/21 16:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/21 16:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/21 16:13:11 | 000,142,128 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012/08/21 16:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/21 16:13:11 | 000,019,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/08/21 16:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/21 16:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/21 16:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/14 22:08:38 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012/09/14 22:08:37 | 000,000,278 | ---- | C] () -- C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
[2012/09/14 22:08:21 | 000,001,996 | ---- | C] () -- C:\Users\Markun\Desktop\DLL-Files.com FIXER.lnk
[2012/09/14 22:08:21 | 000,001,980 | ---- | C] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\DLL-Files.com FIXER.lnk
[2012/09/14 21:28:17 | 000,021,741 | ---- | C] () -- C:\Users\Markun\AppData\Local\Temp16.html
[2012/09/12 22:12:23 | 000,000,165 | ---- | C] () -- C:\800.scr
[2012/09/12 22:12:23 | 000,000,165 | ---- | C] () -- C:\1900.scr
[2012/09/12 22:12:23 | 000,000,156 | ---- | C] () -- C:\normal.scr
[2012/09/12 22:12:23 | 000,000,127 | ---- | C] () -- C:\otapa.scr
[2012/09/12 22:12:23 | 000,000,123 | ---- | C] () -- C:\hybon.scr
[2012/09/11 23:14:14 | 000,000,352 | ---- | C] () -- C:\Users\Markun\AppData\Roaming\Network Meter_Settings.ini
[2012/09/11 22:57:23 | 000,000,990 | ---- | C] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2012/09/11 15:38:48 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/09/10 11:45:41 | 000,000,046 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_processtamer_InstallInfo.dat
[2012/09/10 11:45:41 | 000,000,046 | ---- | C] () -- C:\Users\Markun\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2012/09/09 21:03:30 | 000,000,266 | ---- | C] () -- C:\Windows\tasks\AutoKMS.job
[2012/09/09 11:11:09 | 000,001,054 | ---- | C] () -- C:\Users\Markun\Desktop\MSI Afterburner.lnk
[2012/09/02 18:41:05 | 000,002,198 | ---- | C] () -- C:\Users\Markun\Desktop\RockMelt.lnk
[2012/09/02 18:12:05 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000UA.job
[2012/09/02 18:12:05 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000Core.job
[2012/09/01 11:07:09 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2012/08/31 00:34:22 | 000,000,128 | ---- | C] () -- C:\Windows\wininit.ini
[2012/08/30 19:16:25 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012/08/30 19:04:33 | 000,002,081 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Seasons.lnk
[2012/08/28 18:59:13 | 000,000,784 | ---- | C] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\Hear.lnk
[2012/08/28 12:26:09 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/26 19:19:05 | 000,001,252 | ---- | C] () -- C:\Users\Markun\Desktop\photoFXlab(64Bit).lnk
[2012/08/26 16:56:04 | 000,001,150 | ---- | C] () -- C:\TopazLabs.lnk
[2012/08/26 16:56:03 | 000,001,314 | ---- | C] () -- C:\Users\Markun\Desktop\TopazSoftwareManager.lnk
[2012/08/25 18:34:31 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/08/25 18:34:31 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/08/24 09:03:15 | 000,001,097 | ---- | C] () -- C:\Users\Markun\Application Data\Microsoft\Internet Explorer\Quick Launch\USB Safely Remove.lnk
[2012/08/22 08:23:45 | 000,000,505 | ---- | C] () -- C:\Users\Markun\Desktop\Devices and Printers - Shortcut.lnk
[2012/08/17 00:34:32 | 000,001,013 | ---- | C] () -- C:\Users\Markun\Internet Download Manager.lnk
[2012/08/03 11:54:33 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/07/29 20:53:13 | 000,381,440 | ---- | C] () -- C:\Windows\SysWow64\foo_input_dts.dll
[2012/06/19 09:42:42 | 004,178,432 | ---- | C] () -- C:\Windows\SysWow64\PhotoLooksRenderer.dll
[2012/06/10 19:57:32 | 000,002,072 | RHS- | C] () -- C:\Users\Markun\ntuser.pol
[2012/06/03 22:04:48 | 000,001,955 | ---- | C] () -- C:\Users\Markun\AppData\Local\Temp1.html
[2012/06/02 21:18:21 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/05/15 13:38:10 | 000,269,740 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/05/13 16:32:00 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/05/07 01:37:48 | 000,021,520 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2012/05/06 12:19:48 | 000,000,370 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/04/29 22:31:37 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/04/29 17:59:03 | 000,007,597 | ---- | C] () -- C:\Users\Markun\AppData\Local\Resmon.ResmonCfg
[2012/04/26 23:31:17 | 000,000,000 | ---- | C] () -- C:\Windows\canopus.ini
[2012/04/26 22:59:45 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\pavedius5db.dll
[2012/04/26 22:59:45 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\pavedius.dll
[2012/04/26 18:14:26 | 000,005,632 | ---- | C] () -- C:\Users\Markun\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/23 09:18:58 | 000,002,298 | ---- | C] () -- C:\Users\Markun\AppData\Roaming\ASSDraw3.cfg
[2012/04/09 00:52:22 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\d3d9_smaa.dll
[2012/04/09 00:52:22 | 000,002,496 | ---- | C] () -- C:\Windows\SysWow64\enbseries.ini
[2012/04/08 11:11:24 | 000,000,132 | ---- | C] () -- C:\Windows\MYOBPOpt.INI
[2012/04/08 11:04:11 | 000,000,388 | ---- | C] () -- C:\Windows\MYOBP.INI
[2012/04/08 11:04:11 | 000,000,127 | ---- | C] () -- C:\Windows\SwDrvs.ini
[2012/04/08 11:04:11 | 000,000,042 | ---- | C] () -- C:\Windows\MYOB.INI
[2012/04/08 10:56:58 | 000,000,000 | ---- | C] () -- C:\Windows\drvxl32.INI
[2012/04/08 10:56:56 | 000,000,000 | ---- | C] () -- C:\Windows\drvwd32.INI
[2012/04/08 10:56:55 | 000,000,000 | ---- | C] () -- C:\Windows\drvwp32.INI
[2012/04/07 10:37:31 | 000,815,158 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/06 23:19:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/04/06 22:21:02 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012/03/09 11:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/03/09 11:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/01/31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011/10/25 21:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011/09/19 20:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2011/09/13 05:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== LOP Check ==========

[2012/04/22 22:21:29 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Aegisub
[2012/09/16 11:41:29 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\AIMP3
[2012/04/30 00:06:09 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Autodesk
[2012/07/14 09:41:27 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\BatteryCare
[2012/04/26 23:25:31 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Canopus
[2012/07/21 23:47:31 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\com.adobe.dmp.contentviewer
[2012/05/13 16:39:39 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\com.adobe.WidgetBrowser
[2012/04/17 13:06:56 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\com.prezi.PreziDesktop
[2012/08/29 16:07:45 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\DAEMON Tools Lite
[2012/05/05 17:58:09 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Digiarty
[2012/09/14 22:08:31 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\dll-files.com
[2012/09/17 00:14:56 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\DMCache
[2012/09/10 11:45:41 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\DonationCoder
[2012/08/09 15:37:27 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\DVDVideoSoft
[2012/04/07 21:08:52 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\ExtremeCopy
[2012/07/07 00:57:31 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\FFSJ
[2012/09/16 17:45:19 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\foobar2000
[2012/07/25 16:42:48 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Hard Disk Sentinel
[2012/08/28 19:20:51 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Hear
[2012/09/17 23:18:15 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\IDM
[2012/05/16 00:41:15 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\ImTOO
[2012/09/15 19:58:32 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Indowebster Desktop Uploader
[2012/05/06 12:56:18 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\IObit
[2012/04/07 21:06:01 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Leadertech
[2012/04/07 21:49:37 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Memeo
[2012/04/29 01:01:42 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\MiniLyrics
[2012/09/08 17:48:52 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Mirillis
[2012/04/07 11:52:39 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Moonchild Productions
[2012/05/09 00:36:11 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Netscape
[2012/07/01 13:48:07 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Opera
[2012/06/21 11:50:20 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Origin
[2012/05/13 16:32:00 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\PACE Anti-Piracy
[2012/07/26 10:12:53 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\PCDr
[2012/08/17 08:22:09 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\PDF Reader
[2012/05/09 00:35:00 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Photodex
[2012/04/07 11:50:01 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Pixlromatic
[2012/07/21 14:50:56 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\PlatinumHideIP
[2012/04/26 23:15:18 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\proDAD
[2012/08/21 12:29:01 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Qualcomm
[2012/09/11 02:07:37 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Rainmeter
[2012/09/07 22:51:13 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Red Giant Link
[2012/04/08 18:46:02 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Rovio
[2012/04/07 21:20:49 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Seagate
[2012/04/07 01:15:15 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Smadav
[2012/05/15 22:43:38 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Softland
[2012/04/26 23:40:14 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Sony
[2012/09/16 18:40:39 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\SPlayer
[2012/05/29 23:02:12 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/09/17 23:22:38 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\TeraCopy
[2012/09/02 19:22:32 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Unity
[2012/09/17 08:26:22 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\USBSafelyRemove
[2012/09/10 18:47:23 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\uTorrent
[2012/04/10 20:20:41 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\Windows Live Writer
[2012/09/09 21:03:30 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/09/15 01:15:10 | 000,000,278 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2012/09/15 22:16:27 | 000,000,294 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2012/09/16 18:17:01 | 000,000,880 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000Core.job
[2012/09/16 20:17:02 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-3855026746-3988461744-3588451260-1000UA.job
[2012/09/11 12:28:15 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/05/08 12:56:33 | 000,000,000 | ---D | M](C:\Program Files (x86)\ACE??) -- C:\Program Files (x86)\ACE침대
[2012/05/08 12:56:33 | 000,000,000 | ---D | M](C:\Program Files (x86)\ACE??) -- C:\Program Files (x86)\ACE침대
[2012/04/28 01:53:31 | 000,001,968 | ---- | M] ()(C:\Windows\SysWow64\JB, ??? - New Dreaming.lrc) -- C:\Windows\SysWow64\JB, 박서준 - New Dreaming.lrc
[2012/04/28 01:53:31 | 000,001,968 | ---- | C] ()(C:\Windows\SysWow64\JB, ??? - New Dreaming.lrc) -- C:\Windows\SysWow64\JB, 박서준 - New Dreaming.lrc
[2012/04/28 01:53:18 | 000,002,055 | ---- | M] ()(C:\Windows\SysWow64\??(2AM) & Jr. & ??? & ??? - B???.lrc) -- C:\Windows\SysWow64\진운(2AM) & Jr. & 김지수 & 강소라 - B급인생.lrc
[2012/04/28 01:53:18 | 000,002,055 | ---- | C] ()(C:\Windows\SysWow64\??(2AM) & Jr. & ??? & ??? - B???.lrc) -- C:\Windows\SysWow64\진운(2AM) & Jr. & 김지수 & 강소라 - B급인생.lrc
[2012/04/28 01:53:03 | 000,001,387 | ---- | M] ()(C:\Windows\SysWow64\?? [???] - ????.lrc) -- C:\Windows\SysWow64\지연 [티아라] - 하루하루.lrc
[2012/04/28 01:53:03 | 000,001,387 | ---- | C] ()(C:\Windows\SysWow64\?? [???] - ????.lrc) -- C:\Windows\SysWow64\지연 [티아라] - 하루하루.lrc
[2012/04/28 01:52:35 | 000,002,508 | ---- | M] ()(C:\Windows\SysWow64\??, JB - Together.lrc) -- C:\Windows\SysWow64\지연, JB - Together.lrc
[2012/04/28 01:52:35 | 000,002,508 | ---- | C] ()(C:\Windows\SysWow64\??, JB - Together.lrc) -- C:\Windows\SysWow64\지연, JB - Together.lrc
[2012/04/28 01:52:28 | 000,001,629 | ---- | M] ()(C:\Windows\SysWow64\??? (Lee Ki Chan) - ?? ?? (Sick of Hope).lrc) -- C:\Windows\SysWow64\이기찬 (Lee Ki Chan) - 아픈 희망 (Sick of Hope).lrc
[2012/04/28 01:52:28 | 000,001,629 | ---- | C] ()(C:\Windows\SysWow64\??? (Lee Ki Chan) - ?? ?? (Sick of Hope).lrc) -- C:\Windows\SysWow64\이기찬 (Lee Ki Chan) - 아픈 희망 (Sick of Hope).lrc
[2012/04/28 01:52:23 | 000,002,229 | ---- | M] ()(C:\Windows\SysWow64\??, ??, ??? - Super Star.lrc) -- C:\Windows\SysWow64\효린, 지연, 에일리 - Super Star.lrc
[2012/04/28 01:52:23 | 000,002,229 | ---- | C] ()(C:\Windows\SysWow64\??, ??, ??? - Super Star.lrc) -- C:\Windows\SysWow64\효린, 지연, 에일리 - Super Star.lrc
[2012/04/28 01:52:14 | 000,001,469 | ---- | M] ()(C:\Windows\SysWow64\?? (Wonder Girls) - Hello To Myself.lrc) -- C:\Windows\SysWow64\예은 (Wonder Girls) - Hello To Myself.lrc
[2012/04/28 01:52:14 | 000,001,469 | ---- | C] ()(C:\Windows\SysWow64\?? (Wonder Girls) - Hello To Myself.lrc) -- C:\Windows\SysWow64\예은 (Wonder Girls) - Hello To Myself.lrc
[2012/04/28 01:52:09 | 000,001,415 | ---- | M] ()(C:\Windows\SysWow64\??(Miss A) - You're My Star.lrc) -- C:\Windows\SysWow64\수지(Miss A) - You're My Star.lrc
[2012/04/28 01:52:09 | 000,001,415 | ---- | C] ()(C:\Windows\SysWow64\??(Miss A) - You're My Star.lrc) -- C:\Windows\SysWow64\수지(Miss A) - You're My Star.lrc
[2012/04/28 01:52:02 | 000,001,639 | ---- | M] ()(C:\Windows\SysWow64\??? - Falling.lrc) -- C:\Windows\SysWow64\박진영 - Falling.lrc
[2012/04/28 01:52:02 | 000,001,639 | ---- | C] ()(C:\Windows\SysWow64\??? - Falling.lrc) -- C:\Windows\SysWow64\박진영 - Falling.lrc
[2012/04/28 01:51:04 | 000,001,890 | ---- | M] ()(C:\Windows\SysWow64\SE7EN - ?? ??? ???.lrc) -- C:\Windows\SysWow64\SE7EN - 내가 노래를 못해도.lrc
[2012/04/28 01:51:04 | 000,001,890 | ---- | C] ()(C:\Windows\SysWow64\SE7EN - ?? ??? ???.lrc) -- C:\Windows\SysWow64\SE7EN - 내가 노래를 못해도.lrc
(C:\Program Files (x86)\ACE??) -- C:\Program Files (x86)\ACE침대

========== Alternate Data Streams ==========

@Alternate Data Stream - 949 bytes -> C:\ProgramData\Microsoft:BNs4ZUk00zsVzaZVkVagBxhS3U
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 1175 bytes -> C:\ProgramData\Microsoft:oDA9XSHtbwjPiqe8Tiog3XsJJ
@Alternate Data Stream - 1012 bytes -> C:\ProgramData\Microsoft:NdpbV42eXl1pU1vrh

< End of report >

Edited by blackcampaign, 16 September 2012 - 08:13 PM.

  • 0

Advertisements


#2
blackcampaign

blackcampaign

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL Extras logfile created on: 17/09/2012 8:39:26 - Run 1
OTL by OldTimer - Version 3.2.61.5 Folder = D:\Downloads\Mirror\Programs
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000421 | Country: Indonesia | Language: IND | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,77 Gb Available Physical Memory | 39,76% Memory free
3,85 Gb Paging File | 1,24 Gb Available in Paging File | 32,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 70,10 Gb Total Space | 23,88 Gb Free Space | 34,06% Space Free | Partition Type: NTFS
Drive D: | 218,12 Gb Total Space | 73,57 Gb Free Space | 33,73% Space Free | Partition Type: NTFS
Drive E: | 3,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 33,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: NAVIGATOR | User Name: Markun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02711DCA-EB67-4DEE-917E-E8A4D068206B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1A1EFAD2-976E-4498-B1ED-912D24EEC322}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1D060D73-11E5-4841-B4F6-37E01BEF3E17}" = rport=5358 | protocol=6 | dir=out | app=system |
"{3F6C363F-038C-434E-B8B1-F051C963F205}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{586D7481-E970-4ADC-B5FB-A1DF1A7DBED2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6509DF48-1D19-4471-A0B9-C8A957E20337}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{67CBBAEE-567F-4932-B53E-C99B614E0A9D}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{82704398-A35A-4D74-B3BB-25A2327AB039}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{993F705E-DABF-4C67-944C-310D5D706954}" = lport=5358 | protocol=6 | dir=in | app=system |
"{A176C7B8-763D-41D5-B9BD-DEBA6A906F09}" = lport=5357 | protocol=6 | dir=in | app=system |
"{A6C18689-1A18-44CA-BD50-9473112115B8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{AB1AD9CD-3CB1-427C-998E-4B16E87247FC}" = rport=5357 | protocol=6 | dir=out | app=system |
"{DA6F93D3-9F00-4B9B-A17A-9B023BDBA80A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{117632DA-0F47-4E67-A420-7692B6010CFE}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{29E16B15-1016-469D-8076-DE74426CA952}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{2DD46DF4-BC0A-4FBB-BFEF-DE7D3B85F530}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{2F295D69-D319-4654-B6BC-BEF26E37F405}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3B5A9192-AC0F-4A4A-8742-B4B651EDE525}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3B9C0E7B-CD28-4D2D-A216-D994E24B9FCD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{45413720-99EE-4C25-B0E9-A3F15D362ADA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4656CC62-019F-4D20-BCD9-937586913EA8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4ADEBD80-0D51-4988-984D-59D74B7BF8B1}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{4B253930-7674-4B5F-98D5-F33F8C5A107E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{53B5CCC4-0C0D-4C9B-B314-99F60F001EB4}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{557672AA-AC4E-44EB-BA4A-6E45D7DB580C}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{56850AF7-595B-4C5E-8B16-C984BF116B8B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{63AC5B3C-CFB8-41BC-8A44-547628CB9E6A}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{6CE8939E-7510-464B-8BF0-BFF888397FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{77E655F0-9D82-4E13-AFF8-A320B941F305}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9347DECE-28DD-414D-8BEF-0C8762752310}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9F468FD8-56DA-43B2-B607-A22D5615687E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A7131EF1-BC69-4C10-BB35-EB66E0C47D08}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{AFEEEDCD-5FBE-404D-8458-34BE114B8E0C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BAED2AA7-ED6C-4BA3-8539-7BF99A24881D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4EF69A5-EB35-4E16-90DD-B932C8FCD46D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C926EB43-4B2D-41ED-B600-35446DA70424}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{CE7C2122-6EA8-4CD0-AEE1-812B6F5F511B}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{E482540C-CDBB-4BC2-8BAA-0C9E81AC3AD9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F28D5E51-B9EE-4664-B356-CAC4CA9EA804}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{F6F9CC6B-11E8-457F-BA82-081B9DC0358D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F7311BF9-B4C7-4EE5-8BB6-84385F4CCEC7}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"TCP Query User{443295B7-9F0A-40CF-B655-E643FB2A6303}C:\program files (x86)\jdownloader\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\java.exe |
"TCP Query User{84B13178-BFE2-4341-BA15-6C5EC1CEB51C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{A26F09B3-791A-4985-AD89-490A2DA8CA44}C:\program files (x86)\qualcomm\qxdm\bin\pltproxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\qualcomm\qxdm\bin\pltproxy.exe |
"TCP Query User{E771B0F6-D0EF-4A59-A2C6-3B8DE9003040}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{8202C325-F501-49AC-BEFB-9B3104080F54}C:\program files (x86)\jdownloader\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\java.exe |
"UDP Query User{AC83989A-08A9-4454-8105-696DF61AEDB6}C:\program files (x86)\qualcomm\qxdm\bin\pltproxy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\qualcomm\qxdm\bin\pltproxy.exe |
"UDP Query User{D3680AC6-B3CE-412D-9B4B-3F49E0549631}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{FC994CFE-BE93-4253-A99F-5F553BB7475A}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 (64-Bit)
"_{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{06B60360-9DBD-4593-90A0-FD237F0845A2}" = Topaz DeNoise 5 (64-bit)
"{06DB2C4C-DC29-DA42-3B00-5581CBF545BB}" = AMD Drag and Drop Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{089E65D5-D06A-FE49-8D9C-9CABDF8858F5}" = ccc-utility64
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{10762393-1B90-4AC2-AF1A-4C0C04AE303F}" = CorelDRAW Graphics Suite X6 - VBA (x64)
"{11B7FDD0-6D31-1CAB-3BC4-9EB1ACD67803}" = ATI AVIVO64 Codecs
"{1967EF95-E00B-4669-8B1C-A589BE8BF24F}" = CorelDRAW Graphics Suite X6 - Capture (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1CDE9DB9-7D47-46F8-83DC-9DD9899BBBFC}" = Topaz ReMask 3 (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E3A578C-0A7D-4820-990F-B7545C0B2303}" = CorelDRAW Graphics Suite X6 - VSTA (x64)
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java™ 7 Update 5 (64-bit)
"{27AE72A4-B217-4CDC-B82B-3311E9D7460E}" = CorelDRAW Graphics Suite X6 - Draw (x64)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema 1.6.1.4235 x64
"{2C72B5E4-AA34-4F1A-8C7E-468530F9F6A3}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{35869A6C-BA31-4F23-B52D-BC1B1E41EC1B}" = CorelDRAW Graphics Suite X6 - Common (x64)
"{3933C06C-8239-432B-87FC-F2BDC5B49A10}" = CorelDRAW Graphics Suite X6 - FontNav (x64)
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6099F026-0A98-4D40-9B3D-ED2123A8CBD0}" = CorelDRAW Graphics Suite X6 - Redist (x64)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6DB97EF8-603B-FB96-9B56-6F0D23E14263}" = AMD Media Foundation Decoders
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7386B5FA-8715-481D-821F-7785110506DF}" = CorelDRAW Graphics Suite X6 - Custom Data (x64)
"{79899C6B-E315-4A3F-8904-02DEAB8D660D}" = Corel Graphics - Windows Shell Extension 32 Bit
"{7B79AE44-9B76-4815-84E5-ACAC3F0F0278}" = CorelDRAW Graphics Suite X6 - VideoBrowser (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D93BD99-EECF-4812-B3BA-B8A2E7FEEA11}" = Topaz Simplify 3 (64-bit)
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AAAB95-AEBE-437A-B7CA-37C7BE13FFE9}" = CorelDRAW Graphics Suite X6 - Connect (x64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6DF7031-2843-44FD-9CAB-DECAB4257456}" = CorelDRAW Graphics Suite X6 - IPM
"{BB65D262-3EBC-4F10-89D9-67A320E94EAA}" = CorelDRAW Graphics Suite X6 - EN (x64)
"{BDBFAC49-8877-472F-876B-75ADB7DBC955}" = CorelDRAW Graphics Suite X6 - Setup Files (x64)
"{CCE7423E-1D84-4CD3-9E32-220EC9358D97}" = CorelDRAW Graphics Suite X6 (x64)
"{D7C2687D-924E-4485-B367-C7D95CBF8DDD}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC8F0C18-E6B0-4722-A4AB-D134473091C2}" = Topaz DeJpeg 4 (64-bit)
"{DDE82E3D-20C4-48E1-AE1D-B1F10E42CA44}" = CorelDRAW Graphics Suite X6 - Writing Tools (x64)
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E44D14E2-A6D0-4F38-BF06-2E4244E23FED}" = Topaz InFocus (64-bit)
"{E699230D-4B5E-411E-9F45-FF50789B18DD}" = CorelDRAW Graphics Suite X6 - Filters (x64)
"{EBDC2D0D-1E26-4EF2-BB48-C7E18F7800C6}" = Corel Graphics - Windows Shell Extension
"{F375FC22-BC8A-4A15-ABE6-15EE1450BF86}" = Topaz B&W Effects (64-bit)
"{F4C71C2A-F068-8EEB-61AE-EA4707C57A1B}" = AMD Catalyst Install Manager
"{F7ADB493-B913-4D61-9A63-DA736C20C3F2}" = Adobe Photoshop Lightroom 4.1 64-bit
"{FA85C599-2569-4C48-9AA6-2B8D8F029FA7}" = Topaz Clean 3 (64-bit)
"{FF0EBE64-45AA-4B16-A0CC-945CECDCA0B6}" = Topaz Lens Effects (64-bit)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.3
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.20
"CustoPackTools" = CustoPackTools
"DW WLAN Card Utility" = DW WLAN Card Utility
"PC-Doctor for Windows" = Dell Support Center
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.27
"WhoCrashed_is1" = WhoCrashed 3.04
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CE0711D-A5E3-4E98-B3C0-0227A5E000CA}" = Angry Birds
"{0CE6E094-B07B-CC6B-F7FD-9D7BD7BE0D86}" = CCC Help Thai
"{0D637670-BC00-4FAC-8E00-518EB7F65091}" = Angry Birds Rio
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24BA2914-291B-4915-A9F3-5D28928B6C0A}" = Angry Birds
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2DCD0543-22F6-4E54-80D3-B4EFB9AC4943}" = TweetDeck
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37BEAE66-C8BD-43D4-A1F6-25381FDF67C0}" = Angry Birds Rio
"{3857A262-3B88-127A-96DB-5317B0F9B78C}" = CCC Help Dutch
"{3993DBF6-32F6-488B-9009-E156075AF7B7}" = CCC Help Greek
"{3A090DC5-ADF9-6B83-1095-017754BEC3D0}" = CCC Help Finnish
"{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}" = Catalyst Control Center InstallProxy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Netwaiting
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{41A63ADA-088B-1C2D-43B3-E4087FE79881}" = Pixlr-o-matic
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{45FFEC16-0615-47E2-8B70-CBAFD31D820C}" = Angry Birds Space
"{4925C0C2-E4E2-456B-9791-0F228BDDC428}" = Facebook Messenger 2.1.4570.0
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59FB1BE3-155C-72B1-B5F6-B086DEB7D064}" = CCC Help Hungarian
"{5BDEA9E0-E55B-45A7-93F7-6B8F68F851E5}" = Topaz InFocus
"{5EEA2FBB-1AAF-56D0-C2E5-580ACEA4DED5}" = CCC Help Russian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E07CF4B-A9EB-45BF-BE74-613B3D708E13}" = Topaz Lens Effects
"{7106B820-2071-2B46-7817-5F6ADD1FA112}" = CCC Help Polish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{725B5F90-BD27-A74D-7685-48795904FCF3}" = CCC Help Japanese
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{78887CA0-E5F1-3C99-B120-95310B217AB8}" = CCC Help French
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}" = Topaz ReMask 3
"{82892947-1311-D6CA-8B79-2753E398FE32}" = CCC Help German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{855E0BF8-5448-9681-B36E-B84029D355E4}" = CCC Help Danish
"{858D82BC-0497-4ABD-9342-111EE15789D7}_is1" = IDWS Desktop Uploader Udates version Updates 2012-09-14
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{8A1EBF29-7CF8-471E-B90B-95FF36AC8248}" = Topaz Simplify 3
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIOR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.VISIOR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.VISIOR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-0054-0409-0000-0000000FF1CE}_Office14.VISIOR_{CDC4310F-8189-485F-B47D-D972217CE173}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.VISIOR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.VISIOR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.VISIOR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9090E44B-CFBA-47D4-2225-3037C539E7E9}" = Catalyst Control Center Graphics Previews Common
"{90DCE328-65D6-0CC0-14FF-A86D6EC57035}" = CCC Help Chinese Traditional
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{91C3236F-645F-52FD-6A83-A4CE5EE8028D}" = CCC Help Czech
"{928501C9-CB3B-416C-99D7-9B6B89751FAD}" = Angry Birds Seasons
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943A7AF0-C019-0CFB-BA79-F063E7980B25}" = Catalyst Control Center
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{99011A6E-5200-11DE-BDB8-7ACD56D89593}" = Rosetta Stone Version 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E146BA1-26DD-4C3B-9F0F-90F2E3CEC9D2}" = Topaz DeJpeg 4
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6CF1995-854B-0B57-BF9D-AD665C52493C}" = CCC Help Chinese Standard
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0670D8-C462-750A-D34D-F18D38C0D64E}" = CCC Help Swedish
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD59DD0E-E36C-9FF1-2F22-ADFA10A43D61}" = CCC Help Italian
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B7EB8FB7-F89E-480B-952D-813F413653BE}" = Topaz B&W Effects
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C1C7818F-8270-BA45-D317-675187B9E33E}" = CCC Help Korean
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9115BBB-C00B-481A-FD6A-C2BCDC88D6A1}" = CCC Help Turkish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3B5A7A1-E3B8-11E0-98EC-005056C00008}" = MSVCRT Redists
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D53E0CE7-06A0-4C21-A3CF-82DFA268F195}" = MYOB Premier v7.5
"{D7782BD1-CD9A-0A73-083F-CB9779A17825}" = Adobe Content Viewer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100AC00-5097-16FE-E007-3D5156FC2B93}" = CCC Help Portuguese
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3AA13F6-F494-D77F-C678-B8E6F8B66448}" = CCC Help Spanish
"{E56685FB-BC75-3BC4-526A-15FD1278F174}" = Catalyst Control Center Localization All
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{ECA16F5B-C5FD-2021-09B1-CA7CB49FDF46}" = CCC Help Norwegian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EF2586BE-6016-DBED-06AB-569B429893A1}" = CCC Help English
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"360Amigo" = 360Amigo System Speedup PRO
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Afterburner" = MSI Afterburner 2.2.2
"AIMP3" = AIMP3
"Album Art Downloader XUI" = Album Art Downloader XUI 0.42.1
"Aplikasi Suara Pengusir Nyamuk & Tikus" = Aplikasi Suara Pengusir Nyamuk & Tikus
"avast" = avast! Internet Security
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"ExactFile_is1" = ExactFile 1.0.0.15
"foobar2000" = foobar2000 v1.1.13
"Free Video to Sony Phones Converter_is1" = Free Video to Sony Phones Converter version 5.0.15.706
"Game Booster_is1" = Game Booster 3
"Hard Disk Sentinel_is1" = Hard Disk Sentinel
"InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}" = Magic Bullet Suite 64-bit
"InstallShield_{D53E0CE7-06A0-4C21-A3CF-82DFA268F195}" = MYOB Premier v7.5
"Internet Download Manager" = Internet Download Manager
"IObit Malware Fighter_is1" = IObit Malware Fighter
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full)
"MiniLyrics" = Minilyrics
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
" avast! Internet Security 5, 6, 7 31.05.2012" = avast! Internet Security 5, 6, 7 31.05.2012
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Premium 2010
"Pale Moon 15.0 (x86 en-US)" = Pale Moon 15.0 (x86 en-US)
"Photodex Presenter" = Photodex Presenter
"Picasa 3" = Picasa 3
"Pixlromatic" = Pixlr-o-matic
"Process Tamer_is1" = Process Tamer 2.11.01
"Rainmeter" = Rainmeter
"Smartfren Connex EC1261-2 UI" = Smartfren Connex EC1261-2 UI
"SPlayer" = SPlayer
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"The KMPlayer" = The KMPlayer (remove only)
"Topaz Adjust 5" = Topaz Adjust 5
"Topaz Adjust 5 (64-bit)" = Topaz Adjust 5 (64-bit)
"Topaz B&W Effects" = Topaz B&W Effects
"Topaz B&W Effects (64-bit)" = Topaz B&W Effects (64-bit)
"Topaz Clean 3" = Topaz Clean 3
"Topaz Clean 3 (64-bit)" = Topaz Clean 3 (64-bit)
"Topaz DeJpeg 4" = Topaz DeJpeg 4
"Topaz DeJpeg 4 (64-bit)" = Topaz DeJpeg 4 (64-bit)
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz DeNoise 5 (64-bit)" = Topaz DeNoise 5 (64-bit)
"Topaz Detail 2" = Topaz Detail 2
"Topaz Detail 2 (64-bit)" = Topaz Detail 2 (64-bit)
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz Fusion Express 2 (64-bit)" = Topaz Fusion Express 2 (64-bit)
"Topaz InFocus" = Topaz InFocus
"Topaz InFocus (64-bit)" = Topaz InFocus (64-bit)
"Topaz Lens Effects" = Topaz Lens Effects
"Topaz Lens Effects (64-bit)" = Topaz Lens Effects (64-bit)
"Topaz ReMask 3" = Topaz ReMask 3
"Topaz ReMask 3 (64-bit)" = Topaz ReMask 3 (64-bit)
"Topaz Simplify 3" = Topaz Simplify 3
"Topaz Simplify 3 (64-bit)" = Topaz Simplify 3 (64-bit)
"Topaz Software Manager" = TopazSoftwareManager
"Topaz Star Effects" = Topaz Star Effects
"Topaz Star Effects (64-bit)" = Topaz Star Effects (64-bit)
"USB Safely Remove_is1" = USB Safely Remove 5.1
"uTorrent" = Torrent
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"RockMelt" = RockMelt

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19/07/2012 9:27:29 | Computer Name = Navigator | Source = System Restore | ID = 8193
Description =

Error - 19/07/2012 13:40:40 | Computer Name = Navigator | Source = SupportSoft Agent | ID = 0
Description =

Error - 20/07/2012 14:48:41 | Computer Name = Navigator | Source = SupportSoft Agent | ID = 0
Description =

Error - 21/07/2012 2:52:41 | Computer Name = Navigator | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1b5c Start
Time: 01cd670d1ec5bc41 Termination Time: 187 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: 883426d0-d300-11e1-9d48-b8ac6f61c9ee

Error - 21/07/2012 5:24:57 | Computer Name = Navigator | Source = Application Hang | ID = 1002
Description = The program splayer.exe version 3.7.0.2356 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 21c0 Start
Time: 01cd67228de89e75 Termination Time: 40 Application Path: C:\Program Files (x86)\SPlayer\splayer.exe

Report
Id: e6e16282-d315-11e1-a6ca-b8ac6f61c9ee

Error - 21/07/2012 7:58:57 | Computer Name = Navigator | Source = Application Error | ID = 1000
Description = Faulting application name: PandoraService.exe, version: 1.0.1.16,
time stamp: 0x4ef1305b Faulting module name: PanStreamer.dll, version: 1.0.0.3, time
stamp: 0x4ef07288 Exception code: 0xc0000005 Fault offset: 0x0001681c Faulting process
id: 0x670 Faulting application start time: 0x01cd6738242eb478 Faulting application
path: C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe Faulting module
path: C:\Program Files (x86)\PANDORA.TV\PanService\PanStreamer.dll Report Id: 73292829-d32b-11e1-958c-b8ac6f61c9ee

Error - 22/07/2012 1:32:55 | Computer Name = Navigator | Source = SupportSoft Agent | ID = 0
Description =

Error - 22/07/2012 12:19:40 | Computer Name = Navigator | Source = SupportSoft Agent | ID = 0
Description =

Error - 23/07/2012 1:53:46 | Computer Name = Navigator | Source = Application Error | ID = 1000
Description = Faulting application name: PandoraService.exe, version: 1.0.1.16,
time stamp: 0x4ef1305b Faulting module name: PanStreamer.dll, version: 1.0.0.3, time
stamp: 0x4ef07288 Exception code: 0xc0000005 Fault offset: 0x0001681c Faulting process
id: 0xd80 Faulting application start time: 0x01cd689753f67c85 Faulting application
path: C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe Faulting module
path: C:\Program Files (x86)\PANDORA.TV\PanService\PanStreamer.dll Report Id: c3b1d823-d48a-11e1-8727-b8ac6f61c9ee

Error - 23/07/2012 1:59:32 | Computer Name = Navigator | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: afc Start
Time: 01cd689749aaadb8 Termination Time: 21 Application Path: C:\Windows\Explorer.EXE

Report
Id: 7873ddfe-d48b-11e1-8727-001e101f2500

[ Media Center Events ]
Error - 07/09/2012 9:19:17 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 20:19:11 - Error connecting to the internet. 20:19:11 - Unable
to contact server..

Error - 13/09/2012 9:39:13 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 20:39:13 - Error connecting to the internet. 20:39:13 - Unable
to contact server..

Error - 13/09/2012 9:39:31 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 20:39:18 - Error connecting to the internet. 20:39:18 - Unable
to contact server..

Error - 14/09/2012 6:23:58 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 17:23:36 - Error connecting to the internet. 17:23:36 - Unable
to contact server..

Error - 14/09/2012 7:24:26 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 18:24:26 - Error connecting to the internet. 18:24:26 - Unable
to contact server..

Error - 14/09/2012 7:24:40 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 18:24:31 - Error connecting to the internet. 18:24:31 - Unable
to contact server..

Error - 14/09/2012 8:27:00 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 19:27:00 - Error connecting to the internet. 19:27:00 - Unable
to contact server..

Error - 14/09/2012 8:28:06 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 19:27:53 - Failed to retrieve MCESpotlight (Error: The remote name
could not be resolved: 'data.tvdownload.microsoft.com')

Error - 16/09/2012 7:16:16 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 18:16:16 - Error connecting to the internet. 18:16:16 - Unable
to contact server..

Error - 16/09/2012 7:16:38 | Computer Name = Navigator | Source = MCUpdate | ID = 0
Description = 18:16:22 - Error connecting to the internet. 18:16:22 - Unable
to contact server..

[ System Events ]
Error - 16/09/2012 21:24:17 | Computer Name = Navigator | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\hwinterface.sys has been blocked from
loading due to incompatibility with this system. Please contact your software vendor
for a compatible version of the driver.

Error - 16/09/2012 21:24:45 | Computer Name = Navigator | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (120000 milliseconds) while waiting for the
Microsoft Antimalware Service service to connect.

Error - 16/09/2012 21:24:45 | Computer Name = Navigator | Source = Service Control Manager | ID = 7000
Description = The Microsoft Antimalware Service service failed to start due to the
following error: %%1053

Error - 16/09/2012 21:25:44 | Computer Name = Navigator | Source = Service Control Manager | ID = 7003
Description = The Net.Msmq Listener Adapter service depends the following service:
msmq. This service might not be installed.

Error - 16/09/2012 21:25:44 | Computer Name = Navigator | Source = Service Control Manager | ID = 7003
Description = The Net.Pipe Listener Adapter service depends the following service:
was. This service might not be installed.

Error - 16/09/2012 21:25:44 | Computer Name = Navigator | Source = Service Control Manager | ID = 7003
Description = The Net.Tcp Listener Adapter service depends the following service:
was. This service might not be installed.

Error - 16/09/2012 21:27:33 | Computer Name = Navigator | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (120000 milliseconds) while waiting for the
Smartfren Connex EC1261-2 UI. OUC service to connect.

Error - 16/09/2012 21:27:33 | Computer Name = Navigator | Source = Service Control Manager | ID = 7000
Description = The Smartfren Connex EC1261-2 UI. OUC service failed to start due
to the following error: %%1053

Error - 16/09/2012 21:27:37 | Computer Name = Navigator | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
hwinterface

Error - 16/09/2012 21:30:23 | Computer Name = Navigator | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1058


< End of report >
  • 0

#3
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Hi, blackcampaign! :welcome: My nick name is CompCav and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any questions or you are unsure about anything, just ask and I will help you out. :)

If you have resolved the issues you were originally experiencing, or have received help elsewhere, please let me know so that this topic can be closed.


Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. One of the steps I will be asking you to do requires you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.

If you are ready to get started, please review and follow these guidelines so that we resolve your issues in a timely and effective manner:
  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post.
  • Please make sure to carefully read any instructions that I give you. Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • These instructions have been specifically tailored to your computer and the issues you are experiencing with your computer. These instructions are not suitable for any other computer, even if the issues are fairly similar.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. However, the one thing that you should always do, is to make sure your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Just do a Copy/Paste of the entire contents of the log file inside your post and submit.
  • You must reply within four days failure to reply will result in the topic being closed!
  • Please do not PM me directly for help. If you have any questions, post them in this topic. PM me only if I have not responded to your last post in 2 days.
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to ultimately reformat your hard drive and reinstall the operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Please have the software and storage media for backing up your data available.

Step 1.

You have a fewo iobit products that have limited effectiveness and in some cases can cause problems.
Please uninstall:

Advanced SystemCare 5
IObit Malware Fighter



Step 2.

P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent Toolbar and uTorrent P2P (Peer to Peer) File Sharing Programs on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent Toolbar and uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.


Step 3.

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
    IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
    IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
    IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://home.speedbit...q={searchTerms}
    IE - HKCU\..\SearchScopes\{E8E2A51B-1A15-4ED4-9B47-E0AE4928F453}: "URL" = http://websearch.ask...2E-E93A0F6E8BD2
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 10.17.27.250:8080
    FF - prefs.js..browser.search.defaultenginename: "SpeedBit Search"
    FF - prefs.js..browser.search.defaulturl: "http://home.speedbit.com/search.aspx?aff=115&q="
    FF - prefs.js..browser.search.order.1: "SpeedBit Search"
    FF - prefs.js..keyword.URL: "http://home.speedbit.com/search.aspx?aff=115&q="
    FF - prefs.js..network.proxy.gopher: ""
    FF - prefs.js..network.proxy.gopher_port: 0
    FF - prefs.js..network.proxy.share_proxy_settings: true
    FF - prefs.js..network.proxy.type: 0
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    [2012/09/15 01:56:31 | 000,371,729 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
    [2012/07/28 14:17:36 | 000,456,182 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\[email protected]
    [2012/05/04 17:27:28 | 000,003,714 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{c2921baa-9930-4d73-a203-f69db688f139}.xpi
    [2012/07/25 17:03:56 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2012/09/15 01:56:31 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
    [2012/09/15 01:56:31 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
    [2012/06/06 21:31:06 | 000,002,333 | ---- | M] () -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\searchplugins\askcom.xml
    [2012/08/26 09:37:01 | 000,002,534 | ---- | M] () -- C:\Users\Markun\AppData\Roaming\Mozilla\Firefox\Profiles\wu62w605.default\searchplugins\speedbit.xml
    [2012/07/29 22:49:46 | 000,002,167 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
    O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
    O4 - HKLM..\RunOnceEx: [Title] UnHackMe Rootkit Check File not found
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
    O16:64bit: - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
    O33 - MountPoints2\{808ef6ec-8952-11e1-99c7-b8ac6f61c9ee}\Shell - "" = AutoRun
    O33 - MountPoints2\{a0aecf9a-9f4b-11e1-b483-b8ac6f61c9ee}\Shell - "" = AutoRun
    O33 - MountPoints2\{a0aecf9a-9f4b-11e1-b483-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\Setup.exe /Auto
    O33 - MountPoints2\{b922ada0-d17d-11e1-b195-001e101fe70e}\Shell - "" = AutoRun
    O33 - MountPoints2\{b922ada0-d17d-11e1-b195-001e101fe70e}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{bcc27501-fe60-11e1-9d9f-b8ac6f61c9ee}\Shell - "" = AutoRun
    O33 - MountPoints2\{bcc27501-fe60-11e1-9d9f-b8ac6f61c9ee}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{f9f7b5cd-d005-11e1-a6ff-b8ac6f61c9ee}\Shell - "" = AutoRun
    O33 - MountPoints2\{f9f7b5cd-d005-11e1-a6ff-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\{f9f7b5d3-d005-11e1-a6ff-b8ac6f61c9ee}\Shell - "" = AutoRun
    O33 - MountPoints2\{f9f7b5d3-d005-11e1-a6ff-b8ac6f61c9ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2011/03/17 10:57:22 | 000,148,320 | R--- | M] ()
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
    [2012/09/10 18:47:23 | 000,000,000 | ---D | M] -- C:\Users\Markun\AppData\Roaming\uTorrent
    @Alternate Data Stream - 949 bytes -> C:\ProgramData\Microsoft:BNs4ZUk00zsVzaZVkVagBxhS3U
    @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:56E2E879
    @Alternate Data Stream - 1175 bytes -> C:\ProgramData\Microsoft:oDA9XSHtbwjPiqe8Tiog3XsJJ
    @Alternate Data Stream - 1012 bytes -> C:\ProgramData\Microsoft:NdpbV42eXl1pU1vrh
    
    
    :files
    ipconfig /flushdns /c
    
    
    :reg
    
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 4.

Download AdwCleaner from here to your desktop
Run AdwCleaner for Vista and 7 right click and select Run as administrator

Select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please post it


Step 5.

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

If it does not run rename it iexplore.exe and try it again.


Step 6.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under Extra Registry select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 7.

Please post:

OTL fix log
AdwCleaner log
aswMBR log
OTL.txt
Extras.txt


Give me an update on your computer's issues.
  • 0

#4
CompCav

CompCav

    Member 5k

  • Expert
  • 12,448 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP