Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista PC Infected - google redirecting - help please!


  • This topic is locked This topic is locked
25 replies to this topic

#1 godspeedh

godspeedh

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 13 November 2011 - 09:35 AM

Hello

Can anyone help? Recently my pc has been attacked heavily with the system restore trojan which through reading on sites i seem to have got rid of it (used trojan killer + grindinsoft unhider and restore). Now though i cant use google as it is redirecting me everywhere. Ive used super antispyware free edition and still have had no luck - malwarebytes wont load and tdsskiller doesn't seem to work. Been at it now for 7hrs and am losing the will to live.
Please can someone advise me on what i can do to get rid of these trojans, malware etc.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,947 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:51 PM

Posted 13 November 2011 - 12:14 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 13 November 2011 - 03:10 PM

Hi, I managed to get malwarebytes to work in safe mode and deleted some infections but googles still redirecting.
Followed the guide with some problems.

First dss started but a # sign kept loading across the screen until it was half way across then would hang - I left it for 30 mins (says it only takes 3 mins) and realised it had locked up my computer and i had to restart it - tried it a second time and it did the same thing. (Unsure of wether i should have left it for longer)

gmer - As I launched it it had this message:-

LoadDriver(
"C:\Users\GODSPE~1\AppData\Local\Temp\pwdyyuow.sys")
error 0xC000010E: An instance of the service is already running.

I clicked ok and it opened. It only had the bottom 3 options ticked (registry etc) clicked and the others were greyed out and I couldn't tick any.

Can't attach the log as it says its too big - advice??

Thank you for your help!

#4 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 13 November 2011 - 03:20 PM

Also don't know why but when i go into program files the folders are all faint apart from a couple of them. Don't know if that can be solved at all but i'm presuming its linked in some way to infections.

Thanks again.

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,947 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:51 PM

Posted 14 November 2011 - 09:18 AM

Please copy and paste the DDS log.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#6 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 14 November 2011 - 01:09 PM

Hi Orange Blossom

As a say above i can't post a log for dss because it keeps crashing my pc but below is the gmer log although like i say with this program all the tick boxes were greyed out apart from the bottom 3. Thank you again for you help!


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-14 17:41:54
Windows 6.0.6001 Service Pack 1
Running: gmer.exe; Driver: C:\Users\GODSPE~1\AppData\Local\Temp\pwdyyuow.sys


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x67 0xED 0x7E 0x24 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0xD3 0x9F 0x0C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x27 0x14 0x5B 0xB3 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x67 0xED 0x7E 0x24 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3E 0xD3 0x9F 0x0C ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x27 0x14 0x5B 0xB3 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0x5A 0x42 0x33 0x91 ...

---- EOF - GMER 1.0.15 ----

#7 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 16 November 2011 - 08:32 AM

Internet Explorer now not even working.

#8 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,668 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 PM

Posted 18 November 2011 - 09:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/427690 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#9 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 18 November 2011 - 02:40 PM

Problem:- Google Redirects, also was full of viruses - I have run Trojan Killer, Super Anti Spyware and Malwarebytes Anti Malware before posting. They seemed to get rid of them but hopefully you can let me know.

1. DDS does not create any logs - tried several times and each time i leave it for 30 minutes it crashes my pc and i have to restart.

2.GMER log attached although like i've said above - this warning comes up:-
LoadDriver(
"C:\Users\GODSPE~1\AppData\Local\Temp\pwdyyuow.sys")
error 0xC000010E: An instance of the service is already running.

And once running only the services, registry, files and ADS boxes are ticked. I can not tick any other boxes as they are greyed out and will not allow me to do so.

My system is:- 32bit Windows Vista Home Premium Service Pack 1

Thank you for any help!

Attached Files

  • Attached File  ark.txt   4.45KB   1 downloads


#10 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 PM

Posted 19 November 2011 - 08:27 AM

Welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

The GMER log is clean, so I need to see your log. Since DDS isn't working, let's use OTL. It often works when DDS doesn't.

We need to create an OTL report,
  • Please download OTL from this link.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Under the Custom Scan box paste this in:

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Quick Scan button.
  • The scan should take a few minutes.
  • Please copy and paste both logs in your reply.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#11 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 19 November 2011 - 10:47 AM

Hi etavares

Totally understand about the overwhelming requests you folks must get on here (as i can tell from the forums).
Thanks for looking into my PC's problems!

Logs:-


OTL logfile created on: 19/11/2011 15:21:25 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\godspeedh\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 56.32% Memory free
6.69 Gb Paging File | 5.24 Gb Available in Paging File | 78.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.09 Gb Total Space | 78.78 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.92 Gb Free Space | 66.12% Space Free | Partition Type: NTFS

Computer Name: GODSPEEDH-PC | User Name: godspeedh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/19 15:17:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\godspeedh\Desktop\OTL.exe
PRC - [2011/11/12 20:18:04 | 000,307,376 | -H-- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/09/06 20:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/09/06 20:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2010/02/03 12:57:56 | 000,389,120 | RH-- | M] (Teleca) -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2009/12/11 13:50:34 | 000,557,056 | RH-- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2009/11/19 15:19:48 | 000,598,016 | RH-- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
PRC - [2009/09/29 11:29:00 | 000,356,352 | RH-- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe
PRC - [2009/09/29 11:28:26 | 001,011,712 | RH-- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2009/09/29 11:03:26 | 000,253,952 | RH-- | M] (TODO: <Company name>) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2009/09/29 11:03:02 | 000,462,848 | RH-- | M] (Teleca AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2009/09/23 12:38:18 | 000,935,208 | -H-- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/06/03 08:25:16 | 000,106,496 | RH-- | M] (Popwire AB) -- C:\Program Files\Common Files\Teleca Shared\logger.exe
PRC - [2009/05/21 10:13:58 | 000,206,064 | -H-- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/14 11:14:26 | 000,139,264 | -H-- | M] (Teleca Sweden AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/13 23:04:44 | 000,201,968 | -H-- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/05/02 13:09:04 | 000,161,048 | -H-- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/02/21 05:12:32 | 000,023,552 | -H-- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2008/02/21 05:09:30 | 001,024,000 | -H-- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2008/01/21 02:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/14 15:59:20 | 001,071,472 | -H-- | M] (FSPro Labs) -- C:\Program Files\My Lockbox\flockbox.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/29 20:38:57 | 005,451,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll
MOD - [2011/08/29 20:38:42 | 012,432,896 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll
MOD - [2011/08/29 20:38:34 | 001,587,200 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll
MOD - [2011/08/29 20:35:48 | 007,950,848 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll
MOD - [2011/08/29 20:34:30 | 011,492,352 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll
MOD - [2010/11/17 13:16:34 | 000,324,896 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2010/09/23 13:32:28 | 005,242,880 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010/03/03 16:32:54 | 001,241,376 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/02/10 17:08:38 | 000,237,361 | RH-- | M] () -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\fsync.dll
MOD - [2010/02/10 17:08:38 | 000,237,361 | RH-- | M] () -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\fsync.dll
MOD - [2009/09/29 11:24:24 | 000,139,264 | RH-- | M] () -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\tcpsock_object.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2008/10/15 19:42:08 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3021.38468__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008/10/15 19:42:07 | 001,679,360 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3021.38476__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008/10/15 19:42:07 | 000,253,952 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3021.38434__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008/10/15 19:42:07 | 000,196,608 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3021.38488__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008/10/15 19:42:07 | 000,077,824 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3021.38664__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008/10/15 19:42:07 | 000,065,536 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3021.38629__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008/10/15 19:42:07 | 000,036,864 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3021.38587__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008/10/15 19:42:07 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3021.38455__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008/10/15 19:42:06 | 000,483,328 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3021.38696__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008/10/15 19:42:00 | 000,073,728 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3021.38448__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:59 | 000,442,368 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3021.38720__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:59 | 000,348,160 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3021.38636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:59 | 000,135,168 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3021.38702__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:59 | 000,090,112 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3021.38643__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008/10/15 19:41:59 | 000,065,536 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3021.38719__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:59 | 000,061,440 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3021.38636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:59 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3021.38695__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,802,816 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3021.38595__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,585,728 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3021.38501__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,479,232 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3021.38588__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,446,464 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3021.38581__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,438,272 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3021.38456__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,401,408 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3021.38656__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008/10/15 19:41:58 | 000,217,088 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3021.38495__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,118,784 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3021.38608__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008/10/15 19:41:58 | 000,073,728 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3021.38595__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,061,440 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3021.38587__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3021.38507__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3021.38594__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,036,864 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3021.38608__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3021.38622__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008/10/15 19:41:58 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3005.17490__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008/10/15 19:41:58 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3005.17473__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008/10/15 19:41:58 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3005.17516__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2008/10/15 19:41:57 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3005.17465__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008/10/15 19:41:57 | 000,028,672 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3005.17466__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008/10/15 19:41:57 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3005.17518__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008/10/15 19:41:57 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3005.17510__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008/10/15 19:41:57 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3005.17562__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008/10/15 19:41:57 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3005.17512__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008/10/15 19:41:57 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3005.17563__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008/10/15 19:41:57 | 000,006,656 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008/10/15 19:41:56 | 000,057,344 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3005.17553__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3005.17468__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008/10/15 19:41:56 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3005.17493__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3005.17540__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,049,152 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3005.17536__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008/10/15 19:41:56 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,028,672 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3005.17608__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008/10/15 19:41:56 | 000,028,672 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3005.17556__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008/10/15 19:41:56 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3005.17496__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3005.17491__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3005.17479__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3005.17517__90ba9c70f846762e\DEM.OS.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3005.17519__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3005.17488__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3005.17530__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008/10/15 19:41:56 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,065,536 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3005.17541__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3005.17535__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3005.17539__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3005.17506__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,028,672 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3005.17531__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,028,672 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3005.17521__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,024,576 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3005.17537__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,024,576 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3005.17514__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,024,576 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3005.17522__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008/10/15 19:41:55 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3005.17511__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008/10/15 19:41:55 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3005.17489__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008/10/15 19:41:52 | 000,491,520 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3021.38463__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008/10/15 19:41:52 | 000,417,792 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3021.38678__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008/10/15 19:41:52 | 000,102,400 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3021.38687__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008/10/15 19:41:52 | 000,061,440 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3021.38686__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008/10/15 19:41:52 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3021.38712__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008/10/15 19:41:52 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3005.17475__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008/10/15 19:41:52 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3005.17484__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008/10/15 19:41:52 | 000,024,576 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3005.17513__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008/10/15 19:41:52 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3005.17511__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008/10/15 19:41:52 | 000,016,384 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3005.17481__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008/10/15 19:41:52 | 000,011,264 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3021.38723__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008/10/15 19:41:52 | 000,007,168 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3021.38426__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008/10/15 19:41:51 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3021.38426__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008/10/15 19:41:51 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3005.17514__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008/10/15 19:41:50 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3005.17508__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008/10/15 19:41:49 | 001,511,424 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3021.38442__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008/10/15 19:41:49 | 000,040,960 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3005.17499__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008/10/15 19:41:48 | 000,065,536 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3021.38426__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008/10/15 19:41:48 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3021.38686__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008/10/15 19:41:48 | 000,020,480 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3005.17542__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008/10/15 19:41:47 | 000,053,248 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3021.38424__90ba9c70f846762e\APM.Server.dll
MOD - [2008/10/15 19:41:47 | 000,045,056 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3021.38425__90ba9c70f846762e\AEM.Server.dll
MOD - [2008/10/15 19:41:47 | 000,032,768 | -H-- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008/09/16 19:18:06 | 000,132,608 | -H-- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008/07/27 18:03:15 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2008/07/27 18:03:14 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2008/05/21 06:11:06 | 000,159,744 | -H-- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007/12/06 10:15:24 | 000,065,536 | -H-- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2007/09/24 13:14:22 | 000,002,560 | -H-- | M] () -- C:\Windows\CTXFIRES.DLL
MOD - [2007/04/24 09:41:04 | 000,105,472 | -H-- | M] () -- C:\Windows\System32\APOMngr.dll
MOD - [2007/01/11 16:33:20 | 000,106,496 | RH-- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc80-mt-1_33.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/06 20:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2009/09/23 12:38:18 | 000,935,208 | -H-- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/02/22 18:12:48 | 000,654,848 | -H-- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/15 19:50:09 | 000,016,680 | -H-- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/08/13 23:04:44 | 000,201,968 | -H-- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/05/02 13:09:04 | 000,161,048 | -H-- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 20:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 20:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 20:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 20:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 20:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 20:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/05/15 17:16:27 | 000,691,696 | -H-- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/04/29 14:39:26 | 000,020,952 | -H-- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2009/10/20 17:00:08 | 000,090,192 | -H-- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2009/10/20 17:00:02 | 000,131,152 | -H-- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2009/06/10 15:49:32 | 000,024,576 | -H-- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2008/07/21 11:18:20 | 000,027,648 | -H-- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/07/10 11:28:50 | 000,123,904 | -H-- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/05/21 06:11:00 | 003,591,168 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2008/05/21 06:11:00 | 003,591,168 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/05/16 12:33:14 | 000,115,752 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 12:33:14 | 000,025,512 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 12:33:14 | 000,015,016 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 12:33:12 | 000,110,632 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | -H-- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/02/21 06:33:30 | 001,177,624 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2008/02/21 06:33:26 | 000,095,768 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2008/02/21 06:33:22 | 000,158,744 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2008/02/21 06:33:14 | 000,014,360 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2008/02/21 06:33:08 | 000,129,560 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2008/02/21 06:33:00 | 000,526,872 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2008/02/21 06:32:56 | 000,511,000 | -H-- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2008/02/21 06:32:52 | 001,324,056 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTEXFIFX.dll -- (CTEXFIFX.DLL)
DRV - [2008/02/21 06:32:48 | 000,072,728 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2008/02/21 06:32:46 | 000,171,032 | -H-- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2008/01/21 02:23:25 | 000,220,672 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/12/13 19:13:02 | 000,017,264 | -H-- | M] (FSPro Labs) [Kernel | Boot | Running] -- C:\Windows\SYSTEM32\DRIVERS\MPRIFL.SYS -- (MPRIFL)
DRV - [2007/11/20 07:20:32 | 001,034,496 | -H-- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=5081016
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp?sourceid=navclient&hl=en-GB&ie=UTF-8
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)


[2009/02/08 21:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\godspeedh\AppData\Roaming\mozilla\Extensions
[2009/02/08 21:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\godspeedh\AppData\Roaming\mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Google\Chrome\Application\plugins\nprpjplug.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [flockbox] C:\Program Files\My Lockbox\flockbox.exe (FSPro Labs)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h File not found
O4 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex File not found
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex File not found
O4 - Startup: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\__aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-2278048181-840058800-2265932990-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{111A7DB0-788A-4879-9CD1-016FC910274A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71642E04-64B6-41D5-A56F-A8D14F25F53C}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\godspeedh\Pictures\other\logos\s-logo.jpg
O24 - Desktop BackupWallPaper: C:\Users\godspeedh\Pictures\other\logos\s-logo.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5b5a7188-6050-11df-bf5c-0021703e6b4c}\Shell - "" = AutoRun
O33 - MountPoints2\{5b5a7188-6050-11df-bf5c-0021703e6b4c}\Shell\AutoRun\command - "" = J:\Autorun.exe
O33 - MountPoints2\{82519255-159e-11df-81d0-0021703e6b4c}\Shell - "" = AutoRun
O33 - MountPoints2\{82519255-159e-11df-81d0-0021703e6b4c}\Shell\AutoRun\command - "" = K:\Password.exe
O33 - MountPoints2\{82519257-159e-11df-81d0-0021703e6b4c}\Shell\AutoRun\command - "" = L:\Player\DVR_Player.exe ..\20100128\093613\NORMAL\[000001].drv -DT010 -M08
O33 - MountPoints2\{c121ade3-87f0-11de-b5f3-0021703e6b4c}\Shell - "" = AutoRun
O33 - MountPoints2\{c121ade3-87f0-11de-b5f3-0021703e6b4c}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/19 15:17:45 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\godspeedh\Desktop\OTL.exe
[2011/11/18 19:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/14 17:43:22 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\godspeedh\Desktop\dds.scr
[2011/11/13 16:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/13 16:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/13 16:25:09 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\godspeedh\Desktop\mb.exe
[2011/11/13 13:45:48 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\godspeedh\Desktop\TFC.exe
[2011/11/13 11:49:36 | 000,000,000 | ---D | C] -- C:\Users\godspeedh\AppData\Roaming\SUPERAntiSpyware.com
[2011/11/13 11:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/11/13 11:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/11/13 11:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/11/13 11:41:29 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\godspeedh\Desktop\tdsskiller.exe
[2011/11/13 09:12:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2011/11/13 09:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2008/10/26 22:42:51 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\godspeedh\AppData\Roaming\pcouffin.sys
[2008/10/16 04:07:21 | 000,012,800 | -H-- | C] ( ) -- C:\Windows\System32\KILLAPPS.EXE
[2008/02/21 05:12:58 | 000,060,928 | -H-- | C] ( ) -- C:\Windows\System32\a3d.dll
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/19 15:17:53 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\godspeedh\Desktop\OTL.exe
[2011/11/19 15:16:46 | 000,002,265 | ---- | M] () -- C:\Users\godspeedh\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/11/19 15:16:19 | 000,001,356 | ---- | M] () -- C:\Users\godspeedh\AppData\Local\d3d9caps.dat
[2011/11/19 15:16:02 | 000,000,882 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/19 15:16:01 | 000,000,276 | -H-- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2011/11/19 15:15:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 15:15:49 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/19 15:15:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/18 19:03:56 | 000,000,886 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/14 17:43:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\godspeedh\Desktop\dds.scr
[2011/11/14 16:46:02 | 000,166,400 | ---- | M] () -- C:\Users\godspeedh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/13 18:42:37 | 000,294,216 | ---- | M] () -- C:\Users\godspeedh\Desktop\gmer.zip
[2011/11/13 18:04:01 | 000,000,176 | ---- | M] () -- C:\Users\godspeedh\defogger_reenable
[2011/11/13 18:01:57 | 000,050,477 | ---- | M] () -- C:\Users\godspeedh\Desktop\Defogger.exe
[2011/11/13 17:54:14 | 001,748,728 | -H-- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/13 16:25:21 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\godspeedh\Desktop\mb.exe
[2011/11/13 13:45:57 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\godspeedh\Desktop\TFC.exe
[2011/11/13 13:42:40 | 000,001,646 | ---- | M] () -- C:\Windows\System\msg.reg
[2011/11/13 13:42:40 | 000,000,018 | ---- | M] () -- C:\Windows\System\msg.bat
[2011/11/13 11:49:05 | 000,001,762 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/13 11:41:48 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\godspeedh\Desktop\tdsskiller.exe
[2011/11/13 09:12:14 | 000,000,962 | ---- | M] () -- C:\Users\godspeedh\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Killer.lnk
[2011/11/13 09:12:14 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011/11/13 01:08:09 | 000,000,296 | ---- | M] () -- C:\ProgramData\~hwGodHStaPN7nl
[2011/11/12 22:51:04 | 000,000,224 | ---- | M] () -- C:\ProgramData\~hwGodHStaPN7nlr
[2011/11/12 22:50:51 | 000,000,344 | ---- | M] () -- C:\ProgramData\hwGodHStaPN7nl
[2011/11/12 20:17:58 | 000,602,846 | -H-- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/12 20:17:58 | 000,106,292 | -H-- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/12 20:13:15 | 000,299,099 | -H-- | M] () -- C:\Windows\System\tubelist.dat
[2011/11/12 20:13:15 | 000,000,124 | -H-- | M] () -- C:\Windows\System\update.dat
[2011/11/11 21:26:19 | 000,055,996 | -H-- | M] () -- C:\Windows\System32\BMXStateBkp-{00000006-00000000-00000000-00001102-00000005-60021102}.rfx
[2011/11/11 21:26:19 | 000,055,996 | -H-- | M] () -- C:\Windows\System32\BMXState-{00000006-00000000-00000000-00001102-00000005-60021102}.rfx
[2011/11/11 21:26:19 | 000,000,788 | -H-- | M] () -- C:\Windows\System32\DVCState-{00000006-00000000-00000000-00001102-00000005-60021102}.rfx
[2011/11/10 22:18:12 | 000,002,751 | ---- | M] () -- C:\Users\godspeedh\Desktop\Readon TV Movie Radio Player.lnk
[2011/11/10 21:04:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\null
[2011/10/25 21:00:30 | 000,191,843 | ---- | M] () -- C:\Users\godspeedh\Joker_Laughing.mp3
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/13 18:42:32 | 000,294,216 | ---- | C] () -- C:\Users\godspeedh\Desktop\gmer.zip
[2011/11/13 18:03:47 | 000,000,176 | ---- | C] () -- C:\Users\godspeedh\defogger_reenable
[2011/11/13 18:01:57 | 000,050,477 | ---- | C] () -- C:\Users\godspeedh\Desktop\Defogger.exe
[2011/11/13 13:42:40 | 000,001,646 | ---- | C] () -- C:\Windows\System\msg.reg
[2011/11/13 13:42:40 | 000,000,018 | ---- | C] () -- C:\Windows\System\msg.bat
[2011/11/13 11:49:05 | 000,001,762 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/11/13 09:12:14 | 000,000,962 | ---- | C] () -- C:\Users\godspeedh\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Killer.lnk
[2011/11/13 09:12:14 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2011/11/12 22:51:04 | 000,000,224 | ---- | C] () -- C:\ProgramData\~hwGodHStaPN7nlr
[2011/11/12 22:51:03 | 000,000,296 | ---- | C] () -- C:\ProgramData\~hwGodHStaPN7nl
[2011/11/12 22:50:51 | 000,000,344 | ---- | C] () -- C:\ProgramData\hwGodHStaPN7nl
[2011/11/12 20:13:15 | 000,000,124 | -H-- | C] () -- C:\Windows\System\update.dat
[2011/10/25 21:00:29 | 000,191,843 | ---- | C] () -- C:\Users\godspeedh\Joker_Laughing.mp3
[2011/10/20 21:26:55 | 000,002,046 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Readon TV Movie Radio Player.lnk
[2011/02/19 14:52:11 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/08/13 09:33:24 | 000,001,356 | ---- | C] () -- C:\Users\godspeedh\AppData\Local\d3d9caps.dat
[2010/04/10 18:30:19 | 000,000,242 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\default.rss
[2010/02/22 17:45:30 | 000,000,604 | -H-- | C] () -- C:\ProgramData\T2
[2010/02/22 17:45:30 | 000,000,604 | -H-- | C] () -- C:\Program Files\STLL Notifier
[2009/08/29 13:39:02 | 000,027,648 | -H-- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009/03/29 21:34:28 | 000,000,600 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\winscp.rnd
[2009/01/30 16:24:24 | 000,037,376 | -H-- | C] () -- C:\Windows\System32\VbVfw.dll
[2008/10/29 20:17:29 | 000,000,018 | -H-- | C] () -- C:\Windows\gfact.ini
[2008/10/26 22:44:08 | 000,000,668 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\vso_ts_preview.xml
[2008/10/26 22:42:51 | 000,087,608 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\inst.exe
[2008/10/26 22:42:51 | 000,007,887 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\pcouffin.cat
[2008/10/26 22:42:51 | 000,001,144 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\pcouffin.inf
[2008/10/26 22:23:28 | 000,164,352 | -H-- | C] () -- C:\Windows\System32\unrar.dll
[2008/10/26 22:23:28 | 000,000,038 | -H-- | C] () -- C:\Windows\avisplitter.ini
[2008/10/25 00:58:13 | 000,166,400 | ---- | C] () -- C:\Users\godspeedh\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/24 19:09:48 | 000,002,560 | -H-- | C] () -- C:\Windows\_MSRSTRT.EXE
[2008/10/23 11:30:35 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/23 11:30:35 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/20 19:05:07 | 000,111,932 | -H-- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008/10/20 19:05:07 | 000,031,053 | -H-- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008/10/20 19:05:07 | 000,027,417 | -H-- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008/10/20 19:05:07 | 000,026,154 | -H-- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008/10/20 19:05:07 | 000,024,903 | -H-- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008/10/20 19:05:07 | 000,021,390 | -H-- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008/10/20 19:05:07 | 000,020,148 | -H-- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008/10/20 19:05:07 | 000,011,811 | -H-- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008/10/20 19:05:07 | 000,004,943 | -H-- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008/10/20 19:05:07 | 000,001,146 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2008/10/20 19:05:07 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008/10/20 19:05:07 | 000,001,139 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008/10/20 19:05:07 | 000,001,136 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008/10/20 19:05:07 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008/10/20 19:05:07 | 000,001,129 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008/10/20 19:05:07 | 000,001,120 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2008/10/20 19:05:07 | 000,001,107 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2008/10/20 19:05:07 | 000,001,104 | -H-- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008/10/20 19:05:07 | 000,000,097 | -H-- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/10/20 19:02:34 | 000,000,025 | -H-- | C] () -- C:\Windows\CDESX100DEFGIPS.ini
[2008/10/20 18:35:55 | 000,000,000 | ---- | C] () -- C:\Users\godspeedh\AppData\Roaming\wklnhst.dat
[2008/10/16 04:17:30 | 000,081,920 | -H-- | C] () -- C:\Windows\System32\ATIODE.exe
[2008/10/16 04:17:30 | 000,040,960 | -H-- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008/10/16 04:17:29 | 003,107,788 | -H-- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/16 04:17:29 | 000,168,883 | -H-- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/16 04:17:29 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/10/16 04:17:29 | 000,090,112 | -H-- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/10/16 04:17:28 | 000,066,048 | -H-- | C] () -- C:\Windows\System32\hcwxds.dll
[2008/10/16 04:07:21 | 000,007,680 | -H-- | C] () -- C:\Windows\System32\ENLOCSTR.EXE
[2008/10/16 04:07:21 | 000,000,307 | -H-- | C] () -- C:\Windows\System32\KILL.INI
[2008/10/15 20:22:30 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2008/10/15 19:39:23 | 000,065,536 | -H-- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/10/15 19:39:23 | 000,024,064 | -H-- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/10/15 19:37:23 | 000,002,560 | -H-- | C] () -- C:\Windows\CTXFIRES.DLL
[2008/10/15 19:37:19 | 000,105,472 | -H-- | C] () -- C:\Windows\System32\APOMngr.dll
[2008/10/15 19:37:19 | 000,067,072 | -H-- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008/05/26 20:33:08 | 003,607,040 | -H-- | C] () -- C:\Windows\System32\libavcodec.dll
[2008/05/26 20:33:08 | 000,741,376 | -H-- | C] () -- C:\Windows\System32\audxlib.dll
[2008/05/26 20:33:08 | 000,711,168 | -H-- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/05/26 20:33:08 | 000,692,224 | -H-- | C] () -- C:\Windows\System32\ff_x264.dll
[2008/05/26 20:33:08 | 000,455,680 | -H-- | C] () -- C:\Windows\System32\libmplayer.dll
[2008/05/26 20:33:08 | 000,245,760 | -H-- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2008/05/26 20:33:08 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2008/05/26 20:33:08 | 000,204,800 | -H-- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2008/05/26 20:33:08 | 000,155,648 | -H-- | C] () -- C:\Windows\System32\ff_libdts.dll
[2008/05/26 20:33:08 | 000,143,360 | -H-- | C] () -- C:\Windows\System32\ff_theora.dll
[2008/05/26 20:33:08 | 000,122,880 | -H-- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2008/05/26 20:33:08 | 000,118,784 | -H-- | C] () -- C:\Windows\System32\ff_libmad.dll
[2008/05/26 20:33:08 | 000,114,688 | -H-- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2008/05/26 20:33:08 | 000,097,280 | -H-- | C] () -- C:\Windows\System32\ff_realaac.dll
[2008/05/26 20:33:08 | 000,081,408 | -H-- | C] () -- C:\Windows\System32\ff_tremor.dll
[2008/05/26 20:33:08 | 000,041,984 | -H-- | C] () -- C:\Windows\System32\ff_liba52.dll
[2008/05/26 20:33:08 | 000,038,400 | -H-- | C] () -- C:\Windows\System32\ff_unrar.dll
[2008/05/26 20:33:08 | 000,023,552 | -H-- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2008/05/26 20:33:08 | 000,007,680 | -H-- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/03/29 15:42:22 | 000,245,248 | -H-- | C] () -- C:\Windows\System32\dxr.dll
[2008/03/29 15:42:20 | 000,159,744 | -H-- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008/03/29 15:42:14 | 000,102,400 | -H-- | C] () -- C:\Windows\System32\avss.dll
[2008/03/29 15:42:08 | 000,148,992 | -H-- | C] () -- C:\Windows\System32\mkx.dll
[2008/03/29 15:42:04 | 000,141,312 | -H-- | C] () -- C:\Windows\System32\mp4.dll
[2008/03/29 15:42:04 | 000,108,032 | -H-- | C] () -- C:\Windows\System32\avi.dll
[2008/03/29 15:42:02 | 000,335,872 | -H-- | C] () -- C:\Windows\System32\gdsmux.exe
[2008/03/29 15:42:02 | 000,120,832 | -H-- | C] () -- C:\Windows\System32\ogm.dll
[2008/03/29 15:42:00 | 000,163,840 | -H-- | C] () -- C:\Windows\System32\ts.dll
[2008/03/29 15:42:00 | 000,103,424 | -H-- | C] () -- C:\Windows\System32\dsmux.exe
[2008/03/29 15:41:54 | 000,135,168 | -H-- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2008/03/29 15:41:54 | 000,097,280 | -H-- | C] () -- C:\Windows\System32\avs.dll
[2008/03/29 15:41:52 | 000,079,360 | -H-- | C] () -- C:\Windows\System32\mkzlib.dll
[2008/03/29 15:41:52 | 000,023,552 | -H-- | C] () -- C:\Windows\System32\mkunicode.dll
[2008/03/21 20:30:08 | 003,596,288 | -H-- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/02/25 07:02:22 | 000,046,660 | -H-- | C] () -- C:\Windows\System32\instwdm.ini
[2008/02/21 05:32:06 | 000,000,054 | -H-- | C] () -- C:\Windows\System32\ctzapxx.ini
[2008/02/21 05:04:18 | 000,321,512 | -H-- | C] () -- C:\Windows\System32\ctdlang.dat
[2008/02/21 05:04:18 | 000,056,509 | -H-- | C] () -- C:\Windows\System32\ctdnlstr.dat
[2008/02/21 05:02:56 | 000,016,384 | -H-- | C] () -- C:\Windows\System32\regplib.exe
[2007/10/13 09:30:20 | 000,000,137 | -H-- | C] () -- C:\Windows\System32\Registration.ini
[2007/06/28 18:54:10 | 000,180,224 | -H-- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/06/07 22:10:50 | 000,020,480 | -H-- | C] () -- C:\Windows\System32\ac3config.exe
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 001,748,728 | -H-- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,602,846 | -H-- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | -H-- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,106,292 | -H-- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | -H-- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | -H-- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | -H-- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | -H-- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | -H-- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2009/10/14 21:47:42 | 000,000,000 | -H-D | M] -- C:\Users\Danielle\AppData\Roaming\EPSON
[2009/11/19 08:13:37 | 000,000,000 | -H-D | M] -- C:\Users\Danielle\AppData\Roaming\Spotify
[2008/10/21 22:45:00 | 000,000,000 | -H-D | M] -- C:\Users\Danielle\AppData\Roaming\Template
[2010/09/15 22:47:56 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\AnvSoft
[2009/06/28 16:58:45 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2011/08/16 21:25:46 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Bitmeter2
[2009/02/08 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Broad Intelligence
[2010/12/08 19:20:16 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/15 18:37:46 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\DAEMON Tools Lite
[2008/12/10 18:50:16 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\EPSON
[2009/06/20 17:39:59 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\GHISLER
[2009/01/02 17:18:25 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\GrabIt
[2009/12/13 00:25:10 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\LightFactory
[2009/03/17 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\MPEG Streamclip
[2010/05/15 18:42:28 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Propellerhead Software
[2010/04/07 16:43:04 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Red Kawa
[2010/04/13 15:09:15 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Regensoft
[2009/08/31 16:55:11 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\ScummVM
[2009/01/25 13:57:47 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Smart Recorder
[2011/10/09 16:31:58 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Spotify
[2010/07/17 20:14:43 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Teleca
[2008/10/20 18:35:57 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Template
[2010/08/21 18:13:26 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\TotalRecorder
[2008/10/27 16:22:36 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\Vso
[2009/08/03 14:28:41 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\AppData\Roaming\WinFF
[2011/11/19 15:16:01 | 000,000,276 | -H-- | M] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2011/11/18 21:40:48 | 000,032,556 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 21:43:36 | 000,000,024 | -H-- | M] () -- C:\autoexec.bat
[2008/01/21 02:24:42 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2006/09/18 21:43:37 | 000,000,010 | -H-- | M] () -- C:\config.sys
[2008/10/16 04:17:39 | 000,005,012 | RH-- | M] () -- C:\dell.sdr
[2008/10/29 20:18:07 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/06/28 19:11:17 | 000,000,109 | -H-- | M] () -- C:\mbam-error.txt
[2008/10/29 20:18:07 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/11/19 15:15:40 | 3802,411,008 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2006/11/02 12:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.sys /90 >
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[2008/05/21 06:10:58 | 000,397,312 | -H-- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2007/12/06 10:15:24 | 000,065,536 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\bcmwlrmt.dll
[2009/03/08 11:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2009/03/08 11:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >
[2010/10/15 14:08:12 | 003,600,272 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ntkrnlpa.exe
[2007/12/06 10:15:44 | 001,548,288 | -H-- | M] (Dell Inc.) Unable to obtain MD5 -- C:\Windows\system32\WLTRAY.EXE
[3 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2008/01/21 03:14:18 | 016,846,848 | -H-- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 03:14:08 | 000,106,496 | -H-- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 03:14:18 | 000,020,480 | -H-- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 10:34:08 | 010,133,504 | -H-- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 10:34:08 | 001,826,816 | -H-- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\* >
[2008/01/21 02:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2010/02/22 17:45:30 | 000,000,604 | -H-- | M] () -- C:\Program Files\STLL Notifier

< %USERPROFILE%\..|smtmp;true;true;true /FP >
[2011/11/12 22:41:24 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\..\godspeedh\AppData\Local\Temp\smtmp
[2011/11/12 22:41:24 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\..\godspeedh\AppData\Local\Temp\smtmp\1
[2011/11/13 10:26:53 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\..\godspeedh\AppData\Local\Temp\smtmp\2
[2011/11/12 22:41:24 | 000,000,000 | ---D | M] -- C:\Users\godspeedh\..\godspeedh\AppData\Local\Temp\smtmp\4

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 06:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/28 06:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/28 04:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 06:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/28 06:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/06/04 11:15:16 | 002,387,768 | -H-- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >






OTL Extras logfile created on: 19/11/2011 15:21:25 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\godspeedh\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.25 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 56.32% Memory free
6.69 Gb Paging File | 5.24 Gb Available in Paging File | 78.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 581.09 Gb Total Space | 78.78 Gb Free Space | 13.56% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 9.92 Gb Free Space | 66.12% Space Free | Partition Type: NTFS

Computer Name: GODSPEEDH-PC | User Name: godspeedh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3536B503-8349-45AB-99FF-42711C26C1FF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{871B6E95-C85A-4C78-BA42-9B1DE1185D67}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E78B3F77-7309-4643-B04B-8FEE25A6970C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E95DA72-F159-4B75-8C7A-029092C6EA6C}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{15BD3A05-5969-4260-8DBD-8070CAB97CE5}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4AC54358-1DF8-4771-B855-3D4D926E98C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4C41990F-6F5C-4515-9308-4F299E052AE9}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{5BA58CF2-782A-4D60-9F69-CFFBD9AA5638}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{5C842205-C2B2-4E87-8535-3AA47C2AA9DF}" = protocol=6 | dir=in | app=c:\program files\savetubevideo.com\savetubevideo\downloader.exe |
"{5DBE7359-A9AA-4FC7-A6BB-BBC7EC42BBA3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6AAF0466-3C6A-47CA-9EA0-9D4ABB6A3386}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A24BF1F5-7FD6-4433-958B-3D2A9B903F51}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A26AF86B-6688-4A12-8F57-52DDFB8B8241}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A9337D22-3531-4608-B7D4-0216D75351BD}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C73512D9-3DE3-4523-A7C2-EC324A045F25}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
"{D43EB6E1-7922-4BB8-B00D-863D20B00622}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E64C9268-7500-4AE4-AD9B-507C14BF8CD9}" = protocol=17 | dir=in | app=c:\program files\savetubevideo.com\savetubevideo\downloader.exe |
"TCP Query User{1096E212-8750-477A-ACAB-5DC6E9B14F3E}C:\users\godspeedh\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\godspeedh\appdata\roaming\spotify\spotify.exe |
"TCP Query User{2D883512-F0C1-452F-AE72-6B65BDF7EBD9}C:\program files\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\program files\spotify\spotify.exe |
"TCP Query User{368298F1-1991-45CA-8DE4-0BD5D645C2D4}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{4C86C239-445B-4BC7-BC16-DEC9FB97A9A8}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{537BC9D6-E03E-4DCF-A015-8D2EE9606873}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{6A5862AF-6818-41CF-83B3-C0AF8EAC2412}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{7965E3EE-3EA7-4BFB-8A0F-682C916A1013}C:\program files\readon technology\readon tv movie radio player 7.4.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.4.0.0\internettv.exe |
"TCP Query User{85EA457E-43AA-4973-A47D-BC27D8E17840}C:\program files\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |
"TCP Query User{B0D19B63-2ACB-45CA-AAAC-FB453E993A2C}C:\users\danielle\desktop\spotify.exe" = protocol=6 | dir=in | app=c:\users\danielle\desktop\spotify.exe |
"TCP Query User{BAF70956-D945-458A-A563-47B64944E49A}C:\program files\readon technology\readon tv movie radio player 7.3.0.0\internettv.exe" = protocol=6 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.3.0.0\internettv.exe |
"TCP Query User{BDFA8259-4DCC-4E2B-AF79-12E26B5FF71F}C:\program files\lightfactoryv2\lightfactory.exe" = protocol=6 | dir=in | app=c:\program files\lightfactoryv2\lightfactory.exe |
"TCP Query User{E0245842-F1F1-4DC9-B470-61CD8E140C82}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{EFB655F1-2E62-431D-98E9-B91207BADD0E}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{037CF2BC-0D54-408D-9A0E-8CF4EC942BC3}C:\program files\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\program files\spotify\spotify.exe |
"UDP Query User{186AFF40-9257-423A-A675-CCD7332A2769}C:\users\godspeedh\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\godspeedh\appdata\roaming\spotify\spotify.exe |
"UDP Query User{2D6A0AC1-3D57-4E67-8DB1-2EEEE99670ED}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{48C36E28-D429-49B5-A0B0-78EA819C05B8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{59C0292C-9BA4-40F5-9C82-93211744DC63}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{73BAFF37-E7DE-4D90-B152-C82B705A7782}C:\program files\lightfactoryv2\lightfactory.exe" = protocol=17 | dir=in | app=c:\program files\lightfactoryv2\lightfactory.exe |
"UDP Query User{7C62563B-8610-4F48-A10F-01BDBC7EB767}C:\program files\readon technology\readon tv movie radio player 7.4.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.4.0.0\internettv.exe |
"UDP Query User{A8757645-00BE-474E-8B33-BA9324AB56F6}C:\program files\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe |
"UDP Query User{BF8A69F1-7B65-4BE3-86E7-01A8F8990432}C:\users\danielle\desktop\spotify.exe" = protocol=17 | dir=in | app=c:\users\danielle\desktop\spotify.exe |
"UDP Query User{C1D5D05D-4D79-4A6F-8389-5927927F7CD4}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{CE74B1C3-26C2-43D9-A963-58F2982A4EFC}C:\program files\readon technology\readon tv movie radio player 7.3.0.0\internettv.exe" = protocol=17 | dir=in | app=c:\program files\readon technology\readon tv movie radio player 7.3.0.0\internettv.exe |
"UDP Query User{E7143552-5B64-4E58-9867-241EED3C3341}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{F7F65C7D-0B2D-4C6D-B20E-41BB89EA7E06}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{03840E8D-A75E-4C49-ADFC-09A867C7F943}" = Readon TV Movie Radio Player 7.5.0.0
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{056E7B58-F436-9614-6CD3-1DFDDD7DA470}" = CCC Help Turkish
"{0626167B-F30A-79EB-9B21-80B83468961A}" = CCC Help Chinese Traditional
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D6F386-D362-805B-05D2-79E4AB4F9CB9}" = CCC Help Korean
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2390D4C3-8CC7-2074-ACB9-A22ED2E1D4E9}" = CCC Help Portuguese
"{2555521A-9231-2F05-AEBE-FC1E2A7F825F}" = ccc-utility
"{27C42F0C-9090-97F7-9338-B6BD6DC25BB1}" = CCC Help Japanese
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BE84E12-E062-F989-BA16-25D53F343033}" = Skins
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31CAC150-58B2-F696-D9EB-2FC16C3A8FAA}" = Catalyst Control Center Localization Portuguese
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34475C54-DA68-DA37-E014-2ADD65AF627F}" = Catalyst Control Center Localization Hungarian
"{3541D8B6-BE96-0E6B-8987-D1CE1FBF848A}" = CCC Help German
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A732171-7856-43BD-B828-39B9E2B3E195}" = Catalyst Control Center Localization Spanish
"{4207500E-1543-47F3-1695-6728E6520903}" = Catalyst Control Center Graphics Full Existing
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4453BCB7-5327-F8D1-C048-851310A389EF}" = Catalyst Control Center Localization Turkish
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A2D8C96-7B4F-A66A-6773-23F7796F9BA2}" = CCC Help Spanish
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5d217eda-aee7-4568-9498-bf91e0657d7e}" = Nero 9 Trial
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{6FFB40A5-7F7D-4A32-8905-3CDF962EE1E4}" = Internet From BT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72A7495B-18CD-4751-AC38-5DBED9C6B1E7}" = YouTube Downloader Toolbar v4.6
"{7335D14A-7843-4168-B053-DB16D8496501}" = Virgin Media Broadband Help
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{73E8E831-160A-6E74-1AAA-AB698E1986BC}" = CCC Help Hungarian
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76E29237-CCAB-CD1A-F8A1-6C3CFF002F26}" = Catalyst Control Center Graphics Previews Vista
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7A33E298-5BEA-7C94-C512-1DF1C977537E}" = Catalyst Control Center Localization Italian
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{853026E0-CD36-1790-7988-194CADDDFB25}" = ccc-core-static
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.1
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D8E6D0B-5A57-9ABD-AEA2-C0052401C5F6}" = Catalyst Control Center Localization Chinese Traditional
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95E52415-B952-B013-A2AD-5163896D8B9C}" = Catalyst Control Center Graphics Full New
"{98B8052E-1E55-41D4-9A03-E2F718825D38}" = HTC Sync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A1E79477-B730-7E48-7EFF-0D1CB3202933}" = Catalyst Control Center Graphics Previews Common
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}" = Hauppauge TV Tuner Driver
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B25E016C-44C2-856A-98A8-789D1E2B1C56}" = Catalyst Control Center Graphics Light
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B463BAAF-A379-AAF1-8979-6ED69C25ED37}" = Catalyst Control Center Localization Japanese
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5A9BE1B-BDFE-4655-86BE-51D28E915A84}_is1" = Next DVD Ripper 2.1.0
"{B6CF1DB0-09E8-0A2E-A510-1F2F8BDE5ECF}" = CCC Help Italian
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC60B681-C3A3-0363-DA09-FA9706ED9680}" = CCC Help Chinese Standard
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BEA18030-8B42-1286-EF64-CDA6BD083888}" = BBC iPlayer Desktop
"{BECDD3A4-FEEC-9804-4782-F31A8A842361}" = CCC Help English
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C022906C-A509-33D1-E42B-FF92F8E7BED4}" = Catalyst Control Center Core Implementation
"{C23B8C30-E05E-4CB5-8188-F27CC3B2DD3E}" = Sibelius 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D035A6CA-E9DD-4B40-66F8-15842888E447}" = Catalyst Control Center Localization French
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E453921D-30B6-7692-179C-6F6112F18F81}" = Catalyst Control Center Localization Chinese Standard
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA853B19-A618-8D18-F4A4-6B96083DC3A3}" = Catalyst Control Center Localization Korean
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE46238E-2FB4-C9E1-323D-AD0DA64BED91}" = Catalyst Control Center Localization German
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FFC59020-35A5-4856-B0FB-23B95D6C2976}" = CCC Help French
"AC3ACM" = AC-3 ACM Codec
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Any Video Converter_is1" = Any Video Converter 3.0.7
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop
"BitLord" = BitLord 1.1
"BitMeter" = BitMeter
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Burn4Free" = Burn4Free CD and DVD
"CamStudio" = CamStudio
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 7.1.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX100_TX100 Userís Guide" = EPSON Stylus SX100_TX100 Manual
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"Free WMA MP3 Converter" = Free WMA MP3 Converter
"Freecorder Toolbar3.02" = Freecorder Toolbar 3.02 Application
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HaaliMkx" = Haali Media Splitter
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25296)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MediaCoder" = MediaCoder 0.6.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Morphyre" = Morphyre
"My Lockbox_is1" = My Lockbox 1.2 for Windows 2000/XP
"OpenAL" = OpenAL
"P2PFilter" = P2PFilter 3.0.5
"Poker.co.uk" = Poker.co.uk
"PQ_DVD_to_iPhone_Video_Suite" = PQ DVD to iPhone Video Suite (remove only)
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealAlt_is1" = Real Alternative 2.0.2
"Reason4_is1" = Reason 4.0
"SopCast" = SopCast 3.2.9
"Spotify" = Spotify
"ST4UNST #1" = Peck's Power Join
"Totalcmd" = Total Commander (Remove or Repair)
"TotalRecorder" = Total Recorder 8.0
"UnityWebPlayer" = Unity Web Player
"Veetle TV" = Veetle TV 0.9.18
"Videora iPhone 3G Converter" = Videora iPhone 3G Converter 5.04
"Videora iPod Converter" = Videora iPod Converter 6
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.2.1 beta
"YouTube Downloader App" = YouTube Downloader App 2.03

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2278048181-840058800-2265932990-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e905f3362c1b9f45" = CourseBuilder

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26/10/2010 17:39:33 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 17:39:33 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 17:39:33 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 17:43:00 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 17:43:00 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 17:43:00 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 26/10/2010 19:11:26 | Computer Name = godspeedh-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 8.0.6001.18928 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1380 Start Time: 01cb75559a2458be Termination Time: 0

Error - 26/10/2010 19:32:04 | Computer Name = godspeedh-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18928, time stamp
0x4bdfa327, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x0918cf28, process id 0x8d0, application start time
0x01cb7563c1598b9e.

Error - 26/10/2010 20:16:22 | Computer Name = godspeedh-PC | Source = EventSystem | ID = 4621
Description =

Error - 27/10/2010 11:40:24 | Computer Name = godspeedh-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ Broadcom Wireless LAN Events ]
Error - 19/10/2011 15:17:46 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 20:17:46, Wed, Oct 19, 11 Error - Unable to gain access to user store


Error - 12/11/2011 18:35:12 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 22:35:12, Sat, Nov 12, 11 Error - Unable to gain access to user store


Error - 13/11/2011 05:02:30 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 09:02:26, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 13/11/2011 09:55:16 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 13:55:16, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 13/11/2011 13:53:25 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 17:53:22, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 13/11/2011 14:21:29 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 18:21:28, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 13/11/2011 14:39:37 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 18:39:37, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 13/11/2011 15:47:58 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 19:47:57, Sun, Nov 13, 11 Error - Unable to gain access to user store


Error - 14/11/2011 14:01:54 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 18:01:54, Mon, Nov 14, 11 Error - Unable to gain access to user store


Error - 18/11/2011 14:32:28 | Computer Name = godspeedh-PC | Source = WLAN-Tray | ID = 0
Description = 18:32:28, Fri, Nov 18, 11 Error - Unable to gain access to user store


[ Media Center Events ]
Error - 22/10/2008 13:04:57 | Computer Name = godspeedh-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 10/22/2008 18:04:57. You may need to reschedule your recordings.

[ System Events ]
Error - 18/11/2011 14:53:15 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:15:41 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:15:47 | Computer Name = godspeedh-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.4 for the Network Card with network
address 0021703E6B4C has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 19/11/2011 11:15:50 | Computer Name = godspeedh-PC | Source = HTTP | ID = 15016
Description =

Error - 19/11/2011 11:15:57 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:16:01 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:16:10 | Computer Name = godspeedh-PC | Source = DCOM | ID = 10000
Description =

Error - 19/11/2011 11:16:48 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:26:43 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .

Error - 19/11/2011 11:26:43 | Computer Name = godspeedh-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .


< End of report >

#12 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 PM

Posted 19 November 2011 - 03:00 PM

Hello, godspeedh.



Ask Toolbar Warning"

I see you have the Ask.Com toolbar installed. This often comes bundled with spyware and is recommended you remove.

Please see here for more information:
http://www.bleepingcomputer.com/uninstall/94/Ask-Toolbar.html

If you would like to remove it, please go to add/Remove Programs and uninstall it.







Step 1


I see you have SuperAntiSpyware and MBAM running together. Please either uninstall one, or turn of the real time protection. Having two antimalware programs running will result in poor performance and conflicts as they fight each other to scan files. You should have 1 each of Antivirus (you have avast), ANti-malware (you have SAS and MBAM) and firewall (you're using the windows firewall) for the best performance and protection.



Step 2



Next, please download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop as etavaresCF.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on etavaresCF.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply, along with any symptoms that are present after it runs.

Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear.

etavares


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#13 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 20 November 2011 - 10:35 AM

Hi etavares

First of I tried uninstalling the toolbar but it wouldn't let me, said I had to close internet explorer before I could uninstall but I didn't have it open. Wondering if this is due to my pc's problems at the moment.
Uninstalled malwarebytes as instructed.
Combofix is running as I speak but was wondering if it should take this long, its been running now for 2hrs, seems like it maybe still working as the cursor on combofix is still flashing (as is the light on the front of the pc) but I am just unsure of how long this is taking an wondering if its not doin as it should?? (DDS did a similar thing before it crashed)

Advice please - Should I leave it alone or try and stop it?? I don't wanna cause more problems by doin something I shouldn't.

#14 etavares

etavares

    Bleepin' Remover


  • Malware Response Team
  • 15,514 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:51 PM

Posted 20 November 2011 - 01:05 PM

HI...the short answer is that it usually does that if an antivirus or antispyware program wasn't disabled before running it. It usually goes quicker than that. YOu can reboot if you want and then see if there's a log at C:\COmbofix.txt


If not, boot into Safe MOde, and run combofix as before.


If I don't respond within 2 days, please feel free to PM me.
Please don't ask for help via PM. The forums are there for a reason. Please post in the forums so others may benefit as well.

Posted Image
Unified Network of Instructors and Trusted Eliminators
 


#15 godspeedh

godspeedh
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:51 AM

Posted 20 November 2011 - 01:28 PM

Cheers for that, I did turn the AntiVirus and spyware off but it did still ask me to disable them while it started to run before pressing ok again. That may explain that.
So just got it goin in safe mode now, hopefully I'll get back to you shortly.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users