Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help deciphering OTL Logs


  • This topic is locked This topic is locked
4 replies to this topic

#1 davidcarter234

davidcarter234

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 11 January 2013 - 07:15 PM

Hey,

I have had my new PC for just over a week, 3 days after buying, my internet connection dropped from a constant 6.9mb to inconsistant speeds averaging between 1mb - 2mb.

I also found I could no longer download things via utorrent/newzbin pro the speed was terribly slow.

I have phoned my ISP explaining the slow connection and they have confirmed.

Could anyone here help me in deciphering any anomalies in the Netgear router log and the OTL logs pasted below:

Router Log:

Fri, 2013-01-11 23:41:51 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:41:51 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:41:51 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:42:31 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:42:31 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:42:31 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:42:31 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:43:05 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:43:05 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:43:05 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:43:05 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:33:40 - Router start up
Fri, 2013-01-11 23:43:51 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:43:51 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:43:51 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:43:51 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:44:31 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:44:31 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:44:31 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:44:31 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:45:03 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:45:03 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:45:04 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:45:04 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:45:48 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:45:48 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:45:48 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:45:48 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:46:32 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:46:32 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:46:32 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:46:32 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:47:08 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:47:08 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:47:08 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:47:08 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:47:45 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:47:45 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:47:45 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:47:45 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:48:21 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:48:21 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:48:21 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:48:21 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:00 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:49:00 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:00 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:49:00 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:01 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:49:01 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:01 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:49:01 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:36 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:49:36 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:49:36 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:49:36 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:50:14 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:50:14 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:50:14 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:50:14 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:50:55 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:50:55 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:50:55 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:50:55 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:51:38 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:51:38 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:51:39 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:51:39 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:52:17 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:52:17 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:52:17 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:52:17 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:53:01 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:53:01 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:53:01 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:53:01 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:53:34 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:53:34 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:53:34 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:53:34 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:54:13 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:54:13 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:54:13 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:54:13 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:54:47 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:54:47 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:54:47 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:54:47 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:55:31 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:55:31 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:55:31 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:55:31 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:56:08 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:56:08 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:56:08 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:56:08 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:56:42 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:56:42 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:56:42 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:56:42 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:57:24 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:57:24 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:57:24 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:57:24 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:58:09 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:58:09 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:58:09 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:58:09 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:58:44 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:58:44 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:58:44 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:58:44 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:59:16 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:59:16 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:59:16 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:59:16 - UPnP set event:AddPortMapping from source 192.168.0.2
Fri, 2013-01-11 23:59:49 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Fri, 2013-01-11 23:59:49 - UPnP set event:DeletePortMapping from source 192.168.0.2
Fri, 2013-01-11 23:59:49 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Fri, 2013-01-11 23:59:49 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:00:24 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:00:24 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:00:25 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:00:25 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:01:08 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:01:08 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:01:08 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:01:08 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:01:43 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:01:43 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:01:43 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:01:43 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:02:22 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:02:22 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:02:22 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:02:22 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:02:56 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:02:56 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:02:56 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:02:56 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:03:41 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:03:41 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:03:41 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:03:41 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:04:20 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:04:20 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:04:20 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:04:20 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:05:05 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:05:05 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:05:05 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:05:05 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:05:23 - DHCP IP: 192.168.0.3 to MAC address D0:23:DB:52:B9:3C
Sat, 2013-01-12 00:05:41 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:05:41 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:05:41 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:05:41 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:06:25 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:06:25 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:06:25 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:06:25 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:06:55 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:06:55 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:06:56 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:06:56 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:07:37 - UPnP set event: removing redirect rule port, port:58526 protocol:UDP
Sat, 2013-01-12 00:07:37 - UPnP set event:DeletePortMapping from source 192.168.0.2
Sat, 2013-01-12 00:07:37 - Upnp set event: redirecting port from 58526 to 192.168.0.2:58526 protocol UDP for: Teredo
Sat, 2013-01-12 00:07:37 - UPnP set event:AddPortMapping from source 192.168.0.2
Sat, 2013-01-12 00:07:38 - Administrator login successful - IP:192.168.0.2

OTL LOG:

OTL logfile created on: 11/01/2013 23:44:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.89 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 64.20% Memory free
7.39 Gb Paging File | 5.96 Gb Available in Paging File | 80.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 908.58 Gb Total Space | 753.49 Gb Free Space | 82.93% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 401.05 Gb Free Space | 43.05% Space Free | Partition Type: NTFS

Computer Name: SUPERCOMPUTER | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/11 23:42:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2013/01/05 16:21:06 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/12/25 08:53:30 | 002,547,816 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2012/11/28 16:28:22 | 000,548,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2012/10/17 01:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012/10/11 02:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccsvchst.exe
PRC - [2012/09/05 07:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
PRC - [2012/09/05 07:50:24 | 000,085,112 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
PRC - [2012/09/05 07:50:16 | 002,623,096 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Settings\sSettings.exe
PRC - [2012/09/05 02:40:30 | 002,790,008 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
PRC - [2012/08/15 11:41:26 | 000,097,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012/08/10 08:37:48 | 000,323,584 | R--- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/07/17 08:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/17 08:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/17 08:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/06/08 03:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012/04/03 13:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009/12/21 18:35:18 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2005/09/11 12:24:03 | 000,258,048 | ---- | M] (iISoftware) -- C:\Program Files (x86)\iISystem Wiper\SystemWiper.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/05 21:36:35 | 005,537,232 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2013/01/05 16:21:06 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/12/25 08:53:30 | 002,547,816 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2012/12/25 08:51:45 | 002,202,728 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/09/05 07:50:28 | 000,110,712 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
MOD - [2012/09/05 07:50:22 | 000,211,064 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
MOD - [2012/09/05 07:50:16 | 000,060,536 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
MOD - [2012/09/05 07:50:10 | 000,103,544 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
MOD - [2012/09/05 07:50:10 | 000,026,744 | ---- | M] () -- C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
MOD - [2012/06/08 03:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012/06/08 02:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012/05/30 14:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\wincfi39.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/06 04:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/11/06 04:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012/09/20 09:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012/09/20 06:32:59 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012/09/20 06:32:58 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012/09/20 06:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/09/20 06:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012/07/26 03:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2012/07/26 03:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2012/07/26 03:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 03:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012/07/26 03:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 03:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 03:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2012/07/26 03:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 03:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 03:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 03:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/07/26 03:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 03:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 03:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012/07/26 03:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 03:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 00:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/04/20 05:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2013/01/05 22:21:59 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/01/05 16:21:06 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/25 08:53:30 | 002,547,816 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012/11/28 16:28:22 | 000,548,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2012/11/06 04:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/10/17 01:22:28 | 000,386,920 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2012/10/11 02:29:13 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ccSvcHst.exe -- (N360)
SRV - [2012/09/05 07:50:26 | 001,593,976 | ---- | M] (Samsung Electronics CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe -- (Easy Launcher)
SRV - [2012/08/11 01:47:32 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/08/10 09:28:14 | 000,211,584 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/08/10 08:37:48 | 000,323,584 | R--- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/07/26 03:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 08:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 08:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/17 08:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/07/10 23:47:04 | 003,939,008 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012/04/03 13:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/07 22:12:56 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/11/20 04:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/15 01:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/11/06 07:52:07 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2012/11/06 07:36:23 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2012/11/06 07:36:14 | 000,096,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012/11/06 07:35:34 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012/11/06 03:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/09 01:00:02 | 000,776,864 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/10/04 01:40:35 | 001,133,216 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/10/04 01:40:20 | 000,493,216 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\symds64.sys -- (SymDS)
DRV:64bit: - [2012/10/04 01:19:14 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/20 07:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012/09/20 07:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012/09/20 07:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012/09/20 07:55:30 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/09/20 07:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/09/20 07:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 07:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/09/20 07:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012/09/20 07:03:03 | 000,055,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012/09/20 06:09:11 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2012/09/20 06:08:27 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/09/07 02:05:14 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/09/07 01:48:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/11 01:47:23 | 008,987,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/08/11 01:47:15 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/08/10 09:09:46 | 000,567,808 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2012/08/10 09:09:44 | 000,135,832 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/08/10 09:09:42 | 000,178,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/08/10 09:09:42 | 000,088,728 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/08/10 09:09:42 | 000,076,952 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/08/10 09:09:40 | 000,344,216 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/08/10 09:09:40 | 000,114,840 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/08/10 09:09:40 | 000,033,944 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/07/26 05:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 05:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 05:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 05:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 05:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 05:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 05:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012/07/26 05:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012/07/26 05:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 05:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 05:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 05:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 05:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 05:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 05:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 05:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 05:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 05:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 05:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 04:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 04:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2012/07/26 04:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2012/07/26 03:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/07/26 02:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 02:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 02:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 02:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 02:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 02:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 02:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 02:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 02:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 02:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 02:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 02:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 02:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 02:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 02:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 02:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 02:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 02:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 02:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 02:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 02:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 02:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/23 23:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/07/02 06:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/25 01:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012/06/21 02:45:12 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\symelam.sys -- (SymELAM)
DRV:64bit: - [2012/06/12 12:41:22 | 000,683,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/05/26 00:56:14 | 000,168,608 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00B\ccSetx64.sys -- (ccSet_NARA)
DRV:64bit: - [2012/05/25 05:36:56 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2013/01/07 22:35:01 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130108.022\ex64.sys -- (NAVEX15)
DRV - [2013/01/07 22:35:01 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130108.022\eng64.sys -- (NAVENG)
DRV - [2013/01/04 16:28:04 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130108.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/11/30 00:48:34 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/18 09:00:00 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/08/18 09:00:00 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6ADDF49F-EA9E-4E7C-9AD7-49B0DC5DFC74}
IE:64bit: - HKLM\..\SearchScopes\{6ADDF49F-EA9E-4E7C-9AD7-49B0DC5DFC74}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6ADDF49F-EA9E-4E7C-9AD7-49B0DC5DFC74}
IE - HKLM\..\SearchScopes\{6ADDF49F-EA9E-4E7C-9AD7-49B0DC5DFC74}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb196?a=6OyZmZXeBj&i=26
IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb196/?search={searchTerms}&loc=IB_DS&a=6OyZmZXeBj&i=26
IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http:\\\\www.google.co.uk"
FF - prefs.js..extensions.enabledAddons: %7B01A8CA0A-4C96-465b-A49B-65C46FAD54F9%7D:6.0
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.1.1.5%20-%202
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.2.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/mb196/?loc=IB_DS&a=6OyZmZXeBj&&i=26&search="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013/01/09 20:45:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/01/07 22:13:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/01/11 23:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/05 16:21:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/05 16:21:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/01/05 16:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions
[2013/01/05 21:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Firefox\Profiles\d4rmt3mr.default\extensions
[2013/01/09 21:50:52 | 000,002,534 | ---- | M] () -- C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\d4rmt3mr.default\searchplugins\safesearch.xml
[2013/01/08 21:28:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/09 20:45:55 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2013/01/11 23:35:34 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\COFFPLGN
[2013/01/07 22:13:05 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPLGN
[2013/01/05 16:21:06 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/20 06:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/20 06:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/07/26 05:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.2.0.19\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-34927871-1685996615-2104251865-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros Commnucations)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-34927871-1685996615-2104251865-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-34927871-1685996615-2104251865-1001..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe ()
O4 - HKU\S-1-5-21-34927871-1685996615-2104251865-1001..\Run: [iIWiper] C:\Program Files (x86)\iISystem Wiper\SystemWiper.exe (iISoftware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1070B724-0536-4942-9FEE-DF171F4B6C8F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4D19777-CF16-401C-A223-6D792AA8F57D}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20 - AppInit_DLLs: (c:\programdata\browserprotect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll) - c:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/10 03:45:49 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 12:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/11 23:42:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2013/01/11 23:35:02 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013/01/11 20:52:19 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Guides
[2013/01/08 19:08:28 | 001,133,216 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\symefa64.sys
[2013/01/08 19:08:28 | 000,776,864 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtsp64.sys
[2013/01/08 19:08:28 | 000,493,216 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\symds64.sys
[2013/01/08 19:08:28 | 000,432,800 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\symnets.sys
[2013/01/08 19:08:28 | 000,224,416 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\ironx64.sys
[2013/01/08 19:08:28 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtspx64.sys
[2013/01/08 19:08:28 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\symelam.sys
[2013/01/08 19:08:27 | 000,168,096 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.sys
[2013/01/08 19:07:54 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64\1402000.013
[2013/01/07 22:39:34 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\New folder
[2013/01/07 22:12:56 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/07 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013/01/07 22:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013/01/07 22:12:12 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\N360x64
[2013/01/07 22:12:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2013/01/07 22:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2013/01/07 21:29:49 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\GrabIt
[2013/01/07 21:17:31 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Alt.Binz
[2013/01/06 21:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewsBin
[2013/01/06 20:14:44 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Identities
[2013/01/06 01:35:26 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Hotspot Shield
[2013/01/06 01:25:05 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Nero_AG
[2013/01/06 01:24:18 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Nero
[2013/01/06 01:16:40 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\My Received Files
[2013/01/06 01:11:56 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2013/01/06 01:01:10 | 000,000,000 | ---D | C] -- C:\Users\David\Tracing
[2013/01/06 00:52:40 | 000,000,000 | ---D | C] -- C:\windows\en
[2013/01/06 00:52:26 | 000,000,000 | ---D | C] -- C:\windows\fr
[2013/01/06 00:52:22 | 000,000,000 | ---D | C] -- C:\windows\de
[2013/01/06 00:52:16 | 000,000,000 | ---D | C] -- C:\windows\it
[2013/01/06 00:45:35 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Windows Live
[2013/01/06 00:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iISystem Wiper
[2013/01/06 00:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iISystem Wiper
[2013/01/05 23:50:13 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\ConvertXtoDVD
[2013/01/05 23:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/01/05 23:40:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/01/05 23:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/01/05 23:40:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/01/05 23:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/01/05 23:38:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/01/05 23:37:42 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft Help
[2013/01/05 23:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/01/05 23:37:28 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/01/05 22:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2013/01/05 21:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013/01/05 21:18:03 | 000,000,000 | ---D | C] -- C:\Users\David\Adobe Flash Builder 4
[2013/01/05 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\DLING
[2013/01/05 20:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/01/05 20:03:48 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Symantec
[2013/01/05 19:45:23 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Shark007
[2013/01/05 19:45:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2013/01/05 19:45:22 | 001,921,024 | ---- | C] (xy-VSFilter Team) -- C:\windows\SysNative\VSFilter.dll
[2013/01/05 19:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Shark007
[2013/01/05 19:44:08 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Win8codecs
[2013/01/05 19:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2013/01/05 19:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win8codecs
[2013/01/05 19:43:57 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013/01/05 19:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013/01/05 19:43:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Babylon
[2013/01/05 19:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/01/05 19:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\win8codecs
[2013/01/05 19:31:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2013/01/05 19:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
[2013/01/05 19:31:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink
[2013/01/05 19:29:50 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Nero
[2013/01/05 19:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2013/01/05 19:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2013/01/05 19:24:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2013/01/05 19:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2013/01/05 19:08:56 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\AirVideoServer
[2013/01/05 19:04:01 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2013/01/05 18:48:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Apple Computer
[2013/01/05 18:48:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Apple Computer
[2013/01/05 18:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/01/05 18:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/01/05 18:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/01/05 18:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/05 18:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/01/05 18:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/01/05 18:46:23 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Apple
[2013/01/05 18:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/01/05 18:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/01/05 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/01/05 18:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/01/05 18:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/01/05 18:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/01/05 18:44:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/01/05 18:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/01/05 18:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/01/05 18:42:22 | 000,000,000 | -H-D | C] -- C:\jexepackres
[2013/01/05 18:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Video Server
[2013/01/05 18:42:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirVideoServer
[2013/01/05 18:35:40 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Splashtop
[2013/01/05 18:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013/01/05 18:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
[2013/01/05 18:27:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2013/01/05 18:25:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\{AB7CBD6B-0741-4997-8430-950DB17CC940}
[2013/01/05 18:00:53 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\David\AppData\Roaming\pcouffin.sys
[2013/01/05 18:00:53 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\PcSetup
[2013/01/05 18:00:52 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Vso
[2013/01/05 18:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2013/01/05 18:00:40 | 000,626,688 | ---- | C] (On2.com) -- C:\windows\SysWow64\vp7vfw.dll
[2013/01/05 18:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VSO
[2013/01/05 18:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VSO
[2013/01/05 18:00:00 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Programs
[2013/01/05 17:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013/01/05 17:47:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Newsbin Download
[2013/01/05 17:47:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Newsbin
[2013/01/05 17:34:21 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Ministry of Sound Anthems Hip Hop 2
[2013/01/05 17:31:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2013/01/05 17:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/01/05 17:16:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Extreme_Reality_Ltd
[2013/01/05 17:16:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\XTR3D_UI
[2013/01/05 17:12:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2013/01/05 16:44:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2013/01/05 16:44:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013/01/05 16:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/01/05 16:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/01/05 16:44:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2013/01/05 16:42:42 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\STUFF
[2013/01/05 16:42:38 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\FacetheFuture
[2013/01/05 16:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/01/05 16:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2013/01/05 16:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/01/05 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Adobe
[2013/01/05 16:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/05 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mozilla
[2013/01/05 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Mozilla
[2013/01/05 16:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/01/05 16:08:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/01/05 16:05:39 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Diagnostics
[2013/01/05 16:05:34 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VisualBeeExe
[2013/01/05 16:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2013/01/05 16:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013/01/05 16:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee
[2013/01/05 16:02:43 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia
[2013/01/05 15:58:18 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\BMExplorer
[2013/01/05 15:58:18 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Bluetooth Folder
[2013/01/05 15:57:59 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Samsung
[2013/01/05 15:57:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Atheros
[2013/01/05 15:57:41 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Power2Go8
[2013/01/05 15:56:53 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/01/05 15:56:53 | 000,000,000 | R--D | C] -- C:\Users\David\Searches
[2013/01/05 15:56:53 | 000,000,000 | R--D | C] -- C:\Users\David\Contacts
[2013/01/05 15:56:53 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/01/05 15:56:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe
[2013/01/05 15:55:42 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Uninstall Information
[2013/01/05 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VirtualStore
[2013/01/05 15:54:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Packages
[2013/01/05 15:53:29 | 000,000,000 | --SD | C] -- C:\Users\David\AppData\Roaming\Microsoft
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Videos
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Saved Games
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Pictures
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Music
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Links
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Favorites
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Downloads
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Documents
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\Desktop
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/01/05 15:53:29 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013/01/05 15:53:29 | 000,000,000 | -H-D | C] -- C:\Users\David\AppData
[2013/01/05 15:53:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Temp
[2013/01/05 15:53:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft
[2013/01/05 15:53:29 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/09/06 05:16:51 | 002,258,432 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/11 23:42:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2013/01/11 23:34:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/11 23:32:45 | 017,303,736 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/11 23:31:58 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/01/11 23:31:46 | 3341,910,016 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/11 23:31:07 | 000,000,018 | ---- | M] () -- C:\Users\David\iidelonb.ini
[2013/01/11 23:21:18 | 000,848,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/01/11 23:21:18 | 000,722,260 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/01/11 23:21:18 | 000,136,434 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/01/11 23:15:37 | 003,702,273 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/01/11 23:06:44 | 000,009,469 | ---- | M] () -- C:\Users\David\Documents\intranet.html
[2013/01/11 19:07:35 | 000,001,456 | ---- | M] () -- C:\Users\David\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/01/08 21:19:58 | 000,013,946 | ---- | M] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\VT20121114.016
[2013/01/07 22:12:56 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/01/07 22:12:56 | 000,007,466 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/07 22:12:56 | 000,000,855 | ---- | M] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/06 01:32:45 | 000,002,299 | ---- | M] () -- C:\Users\David\Desktop\Stream Films.lnk
[2013/01/05 23:12:37 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/01/05 18:00:53 | 000,099,384 | ---- | M] () -- C:\Users\David\AppData\Roaming\inst.exe
[2013/01/05 18:00:53 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\David\AppData\Roaming\pcouffin.sys
[2013/01/05 18:00:53 | 000,007,859 | ---- | M] () -- C:\Users\David\AppData\Roaming\pcouffin.cat
[2013/01/05 18:00:53 | 000,001,167 | ---- | M] () -- C:\Users\David\AppData\Roaming\pcouffin.inf
[2013/01/05 17:33:29 | 000,001,084 | ---- | M] () -- C:\Users\David\Desktop\Documents.lnk
[2013/01/05 17:33:14 | 000,000,491 | ---- | M] () -- C:\Users\David\Desktop\External Hardrive (F).lnk
[2013/01/05 16:55:32 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/01/05 16:19:10 | 000,000,906 | ---- | M] () -- C:\user.js
[2013/01/05 16:17:04 | 000,000,355 | ---- | M] () -- C:\Users\David\Desktop\Computer.lnk
[2013/01/05 15:55:48 | 000,000,000 | ---- | M] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_DP700_P04K.mrk
[1 C:\windows\SysNative\*.tmp files -> C:\windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/11 23:31:58 | 017,303,736 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/11 23:06:49 | 000,009,469 | ---- | C] () -- C:\Users\David\Documents\intranet.html
[2013/01/09 18:38:28 | 000,110,592 | ---- | C] () -- C:\windows\SysNative\OEMLicense.dll
[2013/01/09 18:38:28 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2013/01/08 21:19:58 | 003,702,273 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\Cat.DB
[2013/01/08 21:19:58 | 000,013,946 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\VT20121114.016
[2013/01/08 19:08:28 | 000,009,670 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symelam64.cat
[2013/01/08 19:08:28 | 000,007,605 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtspx64.cat
[2013/01/08 19:08:28 | 000,007,603 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symefa64.cat
[2013/01/08 19:08:28 | 000,007,601 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symnet64.cat
[2013/01/08 19:08:28 | 000,007,601 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtsp64.cat
[2013/01/08 19:08:28 | 000,007,597 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symds64.cat
[2013/01/08 19:08:28 | 000,007,593 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\iron.cat
[2013/01/08 19:08:28 | 000,003,433 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symefa.inf
[2013/01/08 19:08:28 | 000,002,851 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symds.inf
[2013/01/08 19:08:28 | 000,001,440 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symnet.inf
[2013/01/08 19:08:28 | 000,001,437 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtsp64.inf
[2013/01/08 19:08:28 | 000,001,418 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\srtspx64.inf
[2013/01/08 19:08:28 | 000,000,996 | R--- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symelam.inf
[2013/01/08 19:08:28 | 000,000,767 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\iron.inf
[2013/01/08 19:08:27 | 000,007,611 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.cat
[2013/01/08 19:08:27 | 000,000,853 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\ccsetx64.inf
[2013/01/08 19:07:54 | 000,009,103 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\symvtcer.dat
[2013/01/08 19:07:54 | 000,000,172 | ---- | C] () -- C:\windows\SysNative\drivers\N360x64\1402000.013\isolate.ini
[2013/01/07 22:12:56 | 000,007,466 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/01/07 22:12:56 | 000,000,855 | ---- | C] () -- C:\windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/01/06 16:46:45 | 000,001,456 | ---- | C] () -- C:\Users\David\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/01/06 14:10:15 | 000,001,205 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk
[2013/01/06 00:52:12 | 000,001,325 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/01/06 00:51:53 | 000,001,398 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/01/06 00:50:53 | 000,002,500 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/01/06 00:12:26 | 000,000,018 | ---- | C] () -- C:\Users\David\iidelonb.ini
[2013/01/05 23:12:37 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013/01/05 22:20:34 | 000,002,485 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk
[2013/01/05 22:20:34 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk
[2013/01/05 22:20:33 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2013/01/05 20:07:05 | 000,385,604 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013/01/05 19:45:27 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/01/05 19:45:23 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2013/01/05 19:45:22 | 000,965,120 | ---- | C] () -- C:\windows\SysNative\ac3filter.acm
[2013/01/05 19:45:22 | 000,206,336 | ---- | C] () -- C:\windows\SysNative\unrar.dll
[2013/01/05 19:27:29 | 000,000,558 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Control Panel.lnk
[2013/01/05 19:10:37 | 000,002,299 | ---- | C] () -- C:\Users\David\Desktop\Stream Films.lnk
[2013/01/05 18:46:22 | 000,002,563 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/01/05 18:00:53 | 000,099,384 | ---- | C] () -- C:\Users\David\AppData\Roaming\inst.exe
[2013/01/05 18:00:53 | 000,007,859 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.cat
[2013/01/05 18:00:53 | 000,001,167 | ---- | C] () -- C:\Users\David\AppData\Roaming\pcouffin.inf
[2013/01/05 17:44:51 | 000,001,173 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\nbpro.lnk
[2013/01/05 17:33:28 | 000,001,084 | ---- | C] () -- C:\Users\David\Desktop\Documents.lnk
[2013/01/05 17:33:14 | 000,000,491 | ---- | C] () -- C:\Users\David\Desktop\External Hardrive (F).lnk
[2013/01/05 16:55:32 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/01/05 16:38:57 | 000,001,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/01/05 16:17:04 | 000,000,355 | ---- | C] () -- C:\Users\David\Desktop\Computer.lnk
[2013/01/05 16:08:16 | 000,001,175 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/01/05 16:04:11 | 000,000,906 | ---- | C] () -- C:\user.js
[2013/01/05 15:56:47 | 000,001,442 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/01/05 15:55:48 | 000,000,000 | ---- | C] () -- C:\windows\SysNative\drivers\144D_SAMSUNG_na_DP700_P04K.mrk
[2012/09/06 05:16:51 | 000,003,196 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2012/09/06 05:01:44 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/08/03 01:35:04 | 000,598,780 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012/08/03 01:35:04 | 000,272,928 | ---- | C] () -- C:\windows\SysWow64\igvpkrng600.bin
[2012/08/03 01:34:34 | 000,064,512 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/08/03 01:34:28 | 000,963,388 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng600.bin
[2012/08/03 01:34:28 | 000,755,048 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012/07/26 08:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012/07/26 08:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012/07/26 07:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012/07/26 01:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012/07/25 20:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012/07/25 20:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012/06/10 01:21:56 | 000,178,688 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2012/06/02 14:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012/04/20 04:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/11/06 04:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/11/06 04:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 03:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 03:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 03:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/05 19:43:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Babylon
[2013/01/07 21:29:49 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\GrabIt
[2013/01/09 20:08:59 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Shark007
[2013/01/05 18:04:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Vso
[2013/01/09 20:08:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Win8codecs
[2013/01/05 17:16:47 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\XTR3D_UI

========== Purity Check ==========



< End of report >

OTL EXTRAS LOG:

OTL Extras logfile created on: 11/01/2013 23:44:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.89 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 64.20% Memory free
7.39 Gb Paging File | 5.96 Gb Available in Paging File | 80.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 908.58 Gb Total Space | 753.49 Gb Free Space | 82.93% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 401.05 Gb Free Space | 43.05% Space Free | Partition Type: NTFS

Computer Name: SUPERCOMPUTER | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-34927871-1685996615-2104251865-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0003C899-CAA9-402A-8AB6-57C88E246999}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0BEFB340-A598-4BFE-BDB5-6DD4AA120798}" = lport=137 | protocol=17 | dir=in | app=system |
"{104BE2B4-3D85-49C7-9A2F-865D45873F16}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{24CDA269-D66F-4DD8-AEA0-EE8B44852BD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C8CE6A8-EE29-4C7B-B8AB-D4A3BF686D3E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37C17FC3-9687-4D31-B084-21CFABB03137}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{486FAC50-1BD1-4364-B5D2-AFE24542790C}" = lport=139 | protocol=6 | dir=in | app=system |
"{48C80CC1-0040-48DB-8CC0-068EB6032A5A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5340C039-88C8-4B04-9520-CB14CC22AE53}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{540B75D2-F095-4D44-8369-2BFD590F8077}" = lport=138 | protocol=17 | dir=in | app=system |
"{5C51BAD2-2E16-42EB-9911-F4B0D1FB5F61}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F082CD2-B9A3-455E-8640-10530398CD8A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F41EF72-4661-4ED5-97D2-213431BB2939}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5F421EA2-1BE9-4BAC-832D-9272C82E460D}" = rport=137 | protocol=17 | dir=out | app=system |
"{60CEF67D-AE27-4D7B-96E9-FE545D3022C0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{626BA564-71A8-4079-BE28-DA2D155BD374}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{679D7C99-AA39-48B4-BB5A-34691886B15D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6E1B6569-AD9A-4AAF-8C6E-276AE4C391A4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77474E3B-9E22-4DED-8D86-958D6F77D800}" = rport=139 | protocol=6 | dir=out | app=system |
"{7E5A9173-A384-4677-ACEF-D2C77370CDBD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8325AD3D-FB84-4010-A3ED-F87ED5DFFF3F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{857E6835-09DF-442C-860A-8A10CD49DCC8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B452265-C946-4CCA-AD7B-539756433621}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{98A7096C-1624-44D2-8688-23EE80DE6F70}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9A4D6CD1-FC0A-4AD3-A321-A57E1CDBA95A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AF7B926E-0D6C-4026-8959-7735D383AF4C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B57E89DE-9D19-4145-8D15-BB399918C8EB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CF786F0A-3DCF-49C9-8CC1-9EFDAA9AC58F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D29F8ABF-9D71-4746-BD6D-CB9100EE35E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DAAF00E3-F5F7-4B1B-8D6D-2E9CC15DF4A9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F8823F85-329A-4E8D-9BFF-6516559CF781}" = rport=445 | protocol=6 | dir=out | app=system |
"{FB8DBAAB-54B3-4D83-B05F-3EEE1CD27C60}" = lport=445 | protocol=6 | dir=in | app=system |
"{FBB81C82-3D5D-4DF4-ABFF-5748F7AC44BE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{FC79D841-54DD-40EC-AA11-B4680DE22B0D}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0124BCF2-57E1-42A7-8CD8-820B0A45942D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{022B34C3-ECCE-40DE-AE25-FE5C65A78B41}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{067ACD3C-C447-475E-BDAB-0A2E0C2AF306}" = dir=out | name=skype |
"{07FBC0F1-CDD1-495F-905E-DB5554A6EA17}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0D950C56-DD3C-4FC5-A992-E70C31604953}" = dir=out | name=tvcatchup |
"{0E2BC901-DCB2-462E-8746-D1286F637DD2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{10DEE060-2DCC-4275-AA47-17A1190539F9}" = dir=out | name=s gallery |
"{11C960DB-B385-47EA-B2E0-BD4DEC4966DD}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{11FD8A8E-3FEB-44B5-8F94-30F544654924}" = protocol=6 | dir=in | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{142F9EA9-0AA0-4E48-96AB-4A40C73FC5CC}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{177C3016-33CB-4734-B0A5-FA8EDAAE40BB}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{21F92F3F-095F-43A7-8D39-EA90327FB3CF}" = dir=out | name=photoeditor |
"{22793D8E-0470-4986-8BB3-E775523D2892}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{22DEA017-613D-4975-BF8F-FD7B21CAD45E}" = dir=out | name=music hub |
"{230D8218-900C-4A4D-8DB6-5A549E9545A1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{239256BF-251F-4A06-AB63-AFF636408F64}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{269A1933-6EC1-4644-9EB1-9F03292AB817}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{28873CCC-F2CA-4AA6-9D52-9CA6759A83C1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2A009663-3056-487A-91EE-43DC0A638049}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2A3A132A-0E73-43CD-8711-0498128C5B0D}" = dir=out | name=music hub |
"{2E795CD6-CE3F-4132-A9EE-A78C46068910}" = dir=out | name=jamie's recipes |
"{2F21D0EF-6D2D-4469-ADA8-19017DAAA4E3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{2FBAA348-E254-45B8-AB8B-7BE95EFA70F8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{32211F85-C1D0-4755-AD23-599348D986F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{32C83150-4893-4A19-A85B-BDF1B89A4507}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{37406321-581B-447B-86BE-1647F8321553}" = dir=out | name=photoeditor |
"{3B099B89-3653-40CE-939D-C03FD5D548DE}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{3DB0D2A0-7558-4415-8A00-D04895EF11A2}" = dir=out | name=s camera |
"{3F2E6FCA-AAAA-4E5C-BE85-A19B3C33A790}" = dir=out | name=windows_ie_ac_001 |
"{3F47BC75-5DFE-4CF2-879F-635B7B549C38}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{40C0A830-BA8B-49B9-B188-C8B4B90776E8}" = dir=out | name=s camera |
"{411CCE5E-1C74-440E-8D44-703D57657D76}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41E893C9-D1B5-46E2-A49F-21421150F25A}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4221CFD2-35F8-4F8E-876E-5CAD75A1BFC4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{44ADC393-7E8F-48AA-861B-AC46D8CFCD38}" = dir=out | name=netflix |
"{46011E23-1415-4F23-8B09-3EFABC15824C}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{499DBD93-747F-465A-A6F1-BE0B8F857647}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{49D48F19-42C3-44E8-80E6-AF4EDE1FB6EB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4A688B57-239B-4F56-840E-113DA79C95C7}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{50EB33C7-9A2B-4077-AB6F-B1470E7E8CD9}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{53F1AAFB-F104-4B00-B55D-196E194CA518}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{57A359F9-C823-49D1-B295-D212BC9A0B95}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{5812C51A-1BBE-4CA7-B4FF-D4346A0A3010}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{59D09FA1-C595-44C1-A574-525CD0AD0590}" = dir=out | name=parcelgenie |
"{59EA1D83-E381-4C93-BCAE-D53DD84FAD9B}" = dir=in | name=financial times |
"{5C2DC64C-FBAD-4F2C-B0D3-3C655C4181FF}" = dir=out | name=netflix |
"{5C475DF3-85C1-48DB-8D9D-D719E59331E0}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5CDB893B-2BB8-4172-A799-3FEA98FBE8A4}" = dir=in | name=ebay |
"{5DB6964D-2563-4CDF-9DCF-5569BBBEA57A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{60C9E092-369E-4130-808D-73FD9A2CA245}" = dir=out | name=financial times |
"{625E1CA0-A992-46A1-AC70-2899981A75AF}" = dir=out | name=kindle |
"{62949A16-48E1-412D-8A37-29EE5471D638}" = dir=in | name=kindle |
"{6585E974-94FA-46A7-B4DE-60181EAA5649}" = protocol=6 | dir=out | app=system |
"{6A791DB4-5B56-42F5-86BA-09B002662EE2}" = dir=out | name=music maker jam |
"{6B8918DA-0130-4B24-B96F-1ECDF8DCE5A6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6BA3292B-72A9-4C13-A974-7B8917EB2402}" = dir=out | name=music maker jam |
"{6DAFF61D-1FE2-48F2-A066-88DC4EAF8D33}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6DC312F8-8B6D-497B-9CC5-DA4EFB05AC10}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{71662501-9122-440B-8FD6-11279BD70EA9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{730BC897-E0D8-4794-B530-FDD867D5F0FE}" = dir=out | name=evernote |
"{731FF404-7C45-462E-8CB1-52DB86FD978E}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7392749D-B086-4542-9564-4C5EFC871CF3}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{766AB4EB-C8C4-48DF-871A-F55AE7987801}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{76989A36-30CE-4A45-976F-8140754FE494}" = dir=out | name=merriam-webster dictionary |
"{796F7DC0-A578-4DA5-8348-A521919C797C}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{7AB33C6C-2CE2-4C47-8CF2-605A0067F06F}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{7BEE0D3E-97FC-4BF2-9F2F-95E4345F5E6A}" = dir=in | name=kindle |
"{7C18091C-6142-4FC6-813F-7433626DFB8F}" = dir=out | name=national rail enquiries |
"{7EBC7D67-8365-41D1-95D7-65E3A1B39189}" = dir=out | name=s player |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8132ECF9-DA00-42F4-B4D1-1511DDF98B54}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87F36F36-455E-4652-86F6-7575CD6577EE}" = dir=out | name=norton studio |
"{883EEB23-AEDE-445B-9C1B-655DF30F5338}" = dir=out | name=facebook touch |
"{8BAF0B7B-013E-42BF-8F60-E9BD04A8751B}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{8BC60F77-2371-48B6-94C4-B2130D234458}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{8D512A8E-8527-4BCE-9BA4-CBFA000DE5C5}" = dir=out | name=ebay |
"{8D956369-4D19-4067-B757-87FB42FB3B62}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{9213C703-2C81-4046-8BB9-064056FD7530}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{92FA10B3-9F95-49BD-8057-A0CF0FEDB224}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{934133E4-2E56-456B-8DD8-07C2A8C9EC8E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{97DCE3F1-12D2-49CA-B76E-9240CB4CED97}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{9E640599-152B-4C4D-9683-FEA1E8E55412}" = protocol=17 | dir=in | app=c:\program files (x86)\newsbin\nbpro.exe |
"{9F7E40B5-6277-48E3-A5A4-B2D4E2207547}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{9F9B55F4-B15C-4DBF-83DF-D17F9F402260}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{A0DCFD46-E832-443E-BFDA-1F0FCE519C38}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A474E154-9F37-4961-9D33-4CC34FA40F2D}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A48D2989-2B26-4428-B90E-F0EDD58B78F6}" = dir=in | name=evernote |
"{A5C8F7D3-D0A3-4B3B-A49B-22EBC8A2234B}" = protocol=17 | dir=in | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{A95C443D-2DA2-4F55-A63A-006158EF7AF6}" = dir=out | name=fresh paint |
"{A9D869CC-5B5B-4A4D-9BD3-1524E76AF55B}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{AC449792-286B-401E-BC77-F7E2678361B3}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{AC44992D-78B3-4F41-A52E-F4DB6807C9A0}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{AD110556-190A-4347-B234-CBBE1D691D9C}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{ADCA6AA5-5FA7-441B-8A6D-EF29149B7BFA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AECEE024-922E-4E61-A24D-F13A73450F87}" = dir=out | name=facebook lite |
"{B1682FE5-50E8-4BD7-9A1C-949BEE8ECB1B}" = dir=out | name=evernote |
"{B1D5314A-F942-4F51-923A-EF86B7155CCB}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{B3897418-D6CE-4B6B-B48F-D9CF0AC8817A}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
"{B38AD93B-D525-4CF6-B38C-D98C86C77EB2}" = dir=out | name=s player |
"{B50495AB-CCC6-44B8-9DBA-3D4E39335462}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B60299F2-012A-42DB-9665-879DBBD6A30D}" = dir=out | name=financial times |
"{B6C915DC-842A-40B7-A6A6-47F62E8CA705}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B7ED1EC3-C75B-44BA-B951-86CE47CB0851}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B909F3EE-3E5E-4893-94BF-BD2846BC4691}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{B9B2583D-4D95-4FD6-8AC7-9D4ED6DDDEAD}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"{BAC0A3B0-2CC6-4B0B-A64F-F63F4D5CD663}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BB94FDF2-3923-4C2B-B907-02864DC13D25}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC816494-52AA-44D4-8250-4E661F4EECBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD448E8C-E11A-49E9-9F19-0C676BBF2317}" = dir=in | name=skype |
"{BE6831EA-1240-4160-8590-3504AD42C2BF}" = dir=out | name=jamie's recipes |
"{BED12E99-95E3-437D-9290-497A212980D0}" = dir=out | name=- games app - |
"{C6C4B89C-74CB-4C9A-86DF-7755ECD8F819}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C6C8D700-985E-4E9E-B600-4553399715E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C79E3531-7341-405C-B7CA-681F7DA0EE7C}" = protocol=6 | dir=in | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{C8585144-DF21-44E9-AED6-9FDCE1B2D5A4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C98091BC-E663-48D2-91FE-6DB5B8E17C23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CA31200A-F045-49E7-90D9-475126EB4A71}" = dir=out | name=norton studio |
"{CB148B5F-59BE-4182-8EE7-33B828C6EF20}" = protocol=6 | dir=out | app=c:\program files (x86)\airvideoserver\airvideoserver.exe |
"{CC2E6E8A-4F41-4FEE-AB46-5EFC1F22A841}" = dir=out | name=parcelgenie |
"{CD1EE3BC-2DCC-4ACB-AD9B-E36A7F278C3E}" = dir=out | name=s gallery |
"{D038A4AD-1795-41BD-A1C1-0F750185508D}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D1D62063-6D5B-40D0-A407-C2A0900EC643}" = dir=in | name=financial times |
"{D5BA88F0-DBF2-4A04-84FF-AEBB9C9F330E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D5F73166-6986-4330-A5B0-820B5174288D}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D63EB5AA-A71F-4AB9-B70E-34C8CA7B58A6}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D7516C2F-6666-4896-B953-4A7EC02161E6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D82D497B-F23E-49DD-B339-87D6555291BD}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{D866BC1D-6435-4F33-82C3-219437722A18}" = dir=out | name=sky news |
"{DC773485-2528-4050-91BE-798A49FC180B}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{DD404945-BC2D-48EF-B775-D306676D91ED}" = protocol=6 | dir=in | app=c:\program files (x86)\newsbin\nbpro.exe |
"{DD7E5602-0808-4C05-B40D-AB4FDBF72B38}" = dir=out | name=- games app - |
"{DEA9ABDA-BC43-413D-9A4C-FAFC70233B08}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{E3404268-573D-443F-9FC8-0290D1721332}" = dir=out | name=sky news |
"{E45272EE-48C8-4B5E-A7FC-D02AA731FF0F}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E67EFA85-A145-4632-8749-0F92F094D96B}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7DF0DCD-5C40-4D96-AEC0-E80603791A61}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{EC1F304F-634C-4436-A357-72D287B24C0D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EC47020A-6F21-46F3-BA5E-74CBDA0A834E}" = dir=in | name=evernote |
"{EFAE28E2-562D-4F37-B750-B6A3CE4D99BC}" = dir=out | name=national rail enquiries |
"{F14FFB3A-89E5-48FA-A490-626FDC275F74}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F54B67C3-5363-41BB-BFF4-AA49C043613B}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F574DEA7-E77B-4E58-9922-1FB663BA0A6D}" = dir=out | name=kindle |
"{F6229140-BDA6-4FB9-9EA0-49D34A1B2A52}" = dir=out | name=fresh paint |
"{FB81F86A-8811-447C-A0C7-A7BD71ED526F}" = dir=out | name=merriam-webster dictionary |
"{FF87C6C6-E4C5-423F-A17B-C3F1512CDC1A}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{85BAA4B0-4294-4D39-8952-6C4433B11CC3}" = Support Center
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.03
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{969B5BFB-094D-4D96-AC0C-C1A2675DB583}" = S Agent
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}" = Help Desk
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel« Trusted Connect Service Client
"Win8 x64Components_is1" = Win8 x64Components v1.3.7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{00F2E61A-3A04-4B8C-A828-8E2596F7EFF5}" = GestureControl
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3607FA40-1D0F-4294-B034-6054349E1613}" = Windows Live Messenger
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{446CC8CE-0E90-44F7-ADD0-774B243EF090}" = Galerie de photos
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{52E5DE60-C96B-42CC-9A37-FE04725940AE}" = Settings
"{5547725A-B333-475C-93C7-3B89267A72D4}" = Support Center FAQ
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{898E81AD-6DB9-4750-866B-B8958C5DC7AA}" = win8codecs
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8AAEB5A5-A397-46B6-8AF3-B6DC790C4E48}" = Windows Live Messenger
"{8D813AFF-D91D-4EE0-821F-B901FC2E89FA}" = Windows Live
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90993BD9-C7D9-4C2F-B56C-2F7AFEBD4CD0}" = Windows Live UX Platform Language Pack
"{91786428-D4AA-476D-8AF9-A63FFAC2901F}" = Allshare Play Link
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9914AD8E-C0D6-420D-BEF6-40BF4DEDE3BA}" = User Guide
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A17946CA-18E5-4CF0-8D55-A56D804718F8}" = Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Franšais, Deutsch
"{AC76BA86-1033-F400-7760-000000000004}_930" = Adobe Acrobat 9.3.0 - CPSID_52073
"{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Franšais, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BC41C09D-FAA9-4346-9FE6-1E0017BC551A}" = Adobe Flash Player 10 Plugin
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DF3D62D2-B5E1-4134-8564-9CC55EC57391}" = SW Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{ECEA43C7-A861-498F-9B3E-5480C6C03E7F}" = Intel® C++ Redistributables on IA-32
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F54030F3-14B6-432D-9361-78DCB1473920}" = Photo Common
"{FBB02B04-C034-4382-A3F6-57416E2752C4}" = Adobe Creative Suite 5 Master Collection
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Air Video Server" = Air Video Server 2.4.6-beta3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"iISystem Wiper_is1" = iISystem Wiper 2.4.1
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}" = Splashtop Streamer
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Intel AppUp(SM) center 33070" = Intel AppUp(SM) center
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"NARA" = Norton Online Backup ARA
"NewsBin5" = NewsBin Pro
"Plants vs. Zombies" = Plants vs. Zombies
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05/01/2013 23:18:41 | Computer Name = SuperComputer | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
Encore CS5\SetupRoyalty\resources\libraries\ARKCmdFS.dll". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05/01/2013 23:18:41 | Computer Name = SuperComputer | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
Encore CS5\SetupRoyalty\resources\libraries\ARKCmdDefrag.dll". Dependent Assembly
Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 05/01/2013 23:18:43 | Computer Name = SuperComputer | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
Flash Builder 4\sdks\4.0.0\runtimes\air\win\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error
in manifest or policy file "C:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\runtimes\air\win\Adobe
AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 05/01/2013 23:18:44 | Computer Name = SuperComputer | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Adobe\Adobe
Flash Catalyst CS5\sdks\4.0.0\runtimes\air\win\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error
in manifest or policy file "C:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\runtimes\air\win\Adobe
AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 06/01/2013 08:17:56 | Computer Name = SuperComputer | Source = .NET Runtime | ID = 1022
Description =

Error - 06/01/2013 10:08:58 | Computer Name = SuperComputer | Source = .NET Runtime | ID = 1022
Description =

Error - 06/01/2013 11:05:05 | Computer Name = SuperComputer | Source = Microsoft-Windows-Immersive-Shell | ID = 2484
Description = Package Pearl.FacebookLite_1.0.1.19_neutral__zmrh3wba323wr was terminated
because it took too long to suspend.

Error - 06/01/2013 11:05:24 | Computer Name = SuperComputer | Source = Application Hang | ID = 1002
Description = The program TheSocialNetwork.exe version 1.0.0.0 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 104c Start
Time: 01cdec1e928da0ed Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\Pearl.FacebookLite_1.0.1.19_neutral__zmrh3wba323wr\TheSocialNetwork.exe

Report
Id: 73decabb-5812-11e2-be87-50b7c3af0845 Faulting package full name: Pearl.FacebookLite_1.0.1.19_neutral__zmrh3wba323wr

Faulting
package-relative application ID: App

Error - 06/01/2013 11:39:45 | Computer Name = SuperComputer | Source = .NET Runtime | ID = 1022
Description =

Error - 06/01/2013 12:20:02 | Computer Name = SuperComputer | Source = .NET Runtime | ID = 1022
Description =

[ System Events ]
Error - 12/11/2012 06:08:14 | Computer Name = SuperComputer | Source = NetBT | ID = 4321
Description = The name "WIN-IABB89LPT9P:0" could not be registered on the interface
with IP address 10.0.0.92. The computer with the IP address 10.0.0.105 did not allow
the name to be claimed by this computer.


< End of report >



Any help with this would be greatly appreciated!! Its only gonna be a matter of time till I throw this PC outta the window!

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:15 PM

Posted 11 January 2013 - 08:09 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:15 PM

Posted 14 January 2013 - 11:19 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:15 PM

Posted 17 January 2013 - 08:35 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:15 PM

Posted 19 January 2013 - 11:30 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users