Inactive Windows won't update, mouse troubles, had system fix too

Status
Not open for further replies.
treetops

treetops

Posts: 3,064   +784
I have some sort of infections, windows wont update, some browser pages don't view right and my mouse double clicks sometimes when I single click. Well here are the logs n such. I am getting a new 2 tb hard drive and I am long over due for a cleaning. Also when I click on words it circles the whole word or paragraph sometimes. I had a "system fix" virus recently as well I followed a guide i googled to get rid of it I suspect its still lingering.

]

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.25.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Josh :: THETIMEMACHINE [administrator]

4/25/2012 9:37:38 AM
mbam-log-2012-04-25 (09-37-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248791
Time elapsed: 4 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Gmer had no log with the automatic quick scan
 
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Josh at 10:13:10 on 2012-04-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2186 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Users\Josh\Desktop\Rarely Used\CoreTemp64\Core Temp.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe
C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\firefox.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1:9421;192.168.*.*;<local>????????†††??†††}:??????????????;<local>;<local>??????????????????????????????????????????????????????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Akamai NetSession Interface] "C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://67.128.8.65:12088/WatSearCtrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.26.2.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.3.1
TCP: Interfaces\{66B15DFE-C538-46E6-8B3A-458A7BCF3F19} : DhcpNameServer = 192.168.3.1
TCP: Interfaces\{D6F66D99-525E-450A-9C84-31B0FABEB1E9} : DhcpNameServer = 66.212.63.228 66.212.48.10
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB-X64: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
TB-X64: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z179&form=ZGAADF&install_date=20111104&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Downloader\npdd.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\hanbitsoft\nphlauncher.dll
FF - plugin: C:\ProgramData\Nexon\NGM\npNxGame.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\nptgeqplugin.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----> Edit: Deleted by Bobbye
 
Edit: Firefox policies deleted by Bobbye

============= SERVICES / DRIVERS ===============
.
R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\system32\Drivers\BtHidBus.sys --> C:\Windows\system32\Drivers\BtHidBus.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-25 44768]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-21 2348352]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\system32\DRIVERS\bcmwlhigh664.sys --> C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 253600]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\system32\Drivers\btnetBus.sys --> C:\Windows\system32\Drivers\btnetBus.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\system32\Drivers\IvtBtBus.sys --> C:\Windows\system32\Drivers\IvtBtBus.sys [?]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
S3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\Dnetr28ux.sys --> C:\Windows\system32\DRIVERS\Dnetr28ux.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 rt61x64;Linksys Wireless-G PCI Adapter Driver;C:\Windows\system32\DRIVERS\WMP54Gv41x64.sys --> C:\Windows\system32\DRIVERS\WMP54Gv41x64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 370024]
.
=============== Created Last 30 ================
.
2024-11-03 12:06:52 -------- d-----w- C:\DELL
2012-04-25 15:24:31 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1A7F9C7C-CE29-49D2-90EC-246628445AA5}\mpengine.dll
2012-04-25 14:24:57 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-04-25 14:24:57 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-04-25 14:24:57 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-04-25 14:23:40 41184 ----a-w- C:\Windows\avastSS.scr
2012-04-25 14:23:31 -------- d-----w- C:\ProgramData\AVAST Software
2012-04-25 14:23:31 -------- d-----w- C:\Program Files\AVAST Software
2012-04-21 06:56:08 -------- d-----w- C:\ProgramData\Battle.net
2012-04-21 02:07:03 -------- d-----w- C:\Program Files (x86)\Diablo III Beta
2012-04-17 05:48:59 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-17 05:06:02 98816 ----a-w- C:\Windows\sed.exe
2012-04-17 05:06:02 518144 ----a-w- C:\Windows\SWREG.exe
2012-04-17 05:06:02 256000 ----a-w- C:\Windows\PEV.exe
2012-04-17 05:06:02 208896 ----a-w- C:\Windows\MBR.exe
2012-04-17 05:00:10 388096 ----a-r- C:\Users\Josh\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-17 05:00:10 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-04-16 03:32:10 -------- d-----w- C:\Windows\CheckSur
2012-04-12 05:31:32 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-11 01:53:17 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2012-04-11 01:51:55 77824 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-04-11 01:51:55 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-04-11 01:51:55 221184 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll
2012-04-11 01:51:55 221184 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-04-11 01:51:55 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2012-04-11 01:50:28 610436 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
2012-03-27 12:06:25 -------- d-----w- C:\Program Files (x86)\PC Tools
2012-03-27 12:01:11 230952 ----a-w- C:\Windows\System32\drivers\PCTSD64.sys
2012-03-27 12:01:11 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2012-03-27 12:00:50 -------- d-----w- C:\ProgramData\PC Tools
2012-03-27 12:00:49 -------- d-----w- C:\Users\Josh\AppData\Roaming\TestApp
.
==================== Find3M ====================
.
2012-04-12 05:31:32 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 22:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-02 03:17:43 281408 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-03-02 03:15:30 281408 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-03-02 03:15:30 281408 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-03-01 13:41:07 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-03-01 01:23:16 249856 ------w- C:\Windows\Setup1.exe
2012-03-01 01:23:15 73216 ----a-w- C:\Windows\ST6UNST.EXE
2012-02-29 21:00:22 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-02-29 21:00:09 6074176 ----a-w- C:\Windows\System32\nvcpl.dll
2012-02-29 20:59:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-02-29 20:59:47 63296 ----a-w- C:\Windows\System32\nvshext.dll
2012-02-29 20:59:47 118080 ----a-w- C:\Windows\System32\nvmctray.dll
2012-02-29 20:26:56 416064 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-02-23 17:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-07 18:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 10:13:34.01 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/24/2009 11:54:40 AM
System Uptime: 4/25/2012 7:28:02 AM (3 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790XT-UD4P
Processor: AMD Phenom(tm) II X4 955 Processor | Socket M2 | 3200/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 596 GiB total, 57.003 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ROOT\SIDESHOW\0001
Manufacturer:
Name:
PNP Device ID: ROOT\SIDESHOW\0001
Service:
.
Class GUID:
Description:
Device ID: ROOT\SYSTEM\0001
Manufacturer:
Name:
PNP Device ID: ROOT\SYSTEM\0001
Service:
.
Class GUID:
Description:
Device ID: ROOT\SIDESHOW\0000
Manufacturer:
Name:
PNP Device ID: ROOT\SIDESHOW\0000
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Reader 9.4.5
Adobe Shockwave Player 11.6
Age of Empires Online
AGEIA GAME System Software 2.8.0
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
ATI - Software Uninstall Utility
AudibleManager
AutoIt v3.3.6.0
avast! Free Antivirus
Bandisoft MPEG-1 Decoder
Battlefield 3™
Battlelog Web Plugins
BitTorrent
DebugMode Wax 2.0
Diablo II
Diablo III Beta
Dota 2
Downloader
Dual-Core Optimizer
Duke Nukem Forever
ePSXe 1.7.0
ESN Sonar
FCEUX 2.1.2
Fraps
From Dust
GamersFirst LIVE!
Gigabyte Raid Configurer
Google Talk (remove only)
HbsMozillaLauncher 1.0
Hero Editor V0.96
HiJackThis
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)
ijji REACTOR
ImagXpress
ImgBurn
InfraRecorder
Java Auto Updater
Java(TM) 6 Update 29
League of Legends
Magic ISO Maker v5.5 (build 0276)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.61.0.1400
ManiaPlanet
Microsoft .NET Framework 1.1
Microsoft DirectX SDK (February 2010)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)
Microsoft XNA Framework Redistributable 3.1
MotoHelper MergeModules
Mozilla Firefox 4.0.1 (x86 en-US)
Mozilla Firefox 8.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero Installer
neroxml
Nexon Game Manager
Nokia Connectivity Cable Driver
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
Origin
Pando
Pando Media Booster
PC Connectivity Solution
PCSX-Reloaded 1.9.92
Plantronics Spokes Software
Play Wireless USB Adapter
Portforward Static IP Address 1.0.45
PunkBuster Services
Realtek Ethernet Controller Driver For Windows Vista and Later
RealUpgrade 1.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB2251487)
Service Pack 3 for SQL Server 2008 (KB2546951)
SpeedFan (remove only)
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
StarCraft II
Steam
swMSM
System Requirements Lab
TriDef 3D 4.4
Trine 2
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.11
Warcraft III
Warcraft III: All Products
WinDirStat 1.1.2
Windows SideShow Managed Runtime 1.0
WModem Driver Installer
WolfTeam
.
==== Event Viewer Messages From Past Week ========
.
4/25/2012 9:45:36 AM, Error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 430 time(s).
Edit: 429 Errors identical to above Deleted by Bobbye

Merging posts
4/18/2012 11:11:03 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070426: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2675157).

4/18/2012 11:10:55 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070426: Update for Windows 7 for x64-based Systems (KB2679255).

4/18/2012 11:10:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070426: Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2647518).

4/18/2012 11:10:47 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070426: Security Update for Windows 7 for x64-based Systems (KB2653956).

==== End Of File ===========================

im going on vacation for 3 days see u then!
 
Edit: Changing reply per review of posts.
Please use your head when it comes to to something like almost 500 of the same Error! And including Firefox policies is not needed. I spent considerable time cleaning up this thread! When you return, please run the following and leave the logs.
Thank you for letting me know you had marked the thread Active. Now you know why it wasn't picked up.
==========================================
Please note: If you have previously run Combofix and it's still on the system, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed
  • Click START> then RUN
  • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
--------------------------------------
Before you run the Combofix scan, please disable any security software you have running.

Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop
  • Double click combofix.exe & follow the prompts.
  • If prompted for Recovery Console, please allow.
  • Once installed, you should see a blue screen prompt that says:
    • The Recovery Console was successfully installed.[/b]
    • Note: If Combofix was downloaded to a flash drive, the Recovery Console will not install- just bypass and go on.[/b]
    • Note: No query will be made if the Recovery Console is already on the system.
  • .Close/disable all anti virus and anti malware programs
    (If you need help with this, please see HERE)
  • .Close any open browsers.
  • .Click on Yes, to continue scanning for malware
  • .If Combofix asks you to update the program, allow
  • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
Re-enable your Antivirus software.
Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2:If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart the computer.
Note 3:CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
===============================================
To run the Eset Online Virus Scan:
If you use Internet Explorer:
  1. Open the ESETOnlineScan
  2. Skip to #4 to "Continue with the directions"

    If you are using a browser other than Internet Explorer
  3. Open Eset Smart Installer
    [o] Click on the esetsmartinstaller_enu.exelink and save to the desktop.
    [o] Double click on the desktop icon to run.
    [o] After successful installation of the ESET Smart Installer, the ESET Online Scanner will be launched in a new Window
  4. Continue with the directions.
  5. Check 'Yes I accept terms of use.'
  6. Click Start button
  7. Accept any security warnings from your browser.
    esetonlinescannersettings_thumb.jpg
  8. Uncheck 'Remove found threats'
  9. Check 'Scan archives/
  10. Leave remaining settings as is.
  11. Press the Start button.
  12. ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
  13. When the scan completes, press List of found threats
  14. Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
  15. Push the Back button, then Finish
NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
===========================================
Download CKScanner and save to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.
  • When the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
===================================================
My Guidelines: please read and follow:
  • Be patient. Malware cleaning takes time. I am also working with other members while I am helping you.
  • Read my instructions carefully. If you don't understand or have a problem, ask me. Follow the order of the tasks I give you. Order is crucial in cleaning process.
  • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
  • File sharing programs should be uninstalled or disabled during the cleaning process..
  • Observe these:
    [o] Don't follow directions given to someone else
    [o] Don't use any other cleaning programs or scans while I'm helping you.
    [o] Don't use a Registry cleaner or make any changes in the Registry.
    [o] Don't download and install new programs- except those I give you.
Threads are closed after 5 days if there is no reply.
 
Sorry about the unneeded cleanup. I greatly appreciate your help. I have used combofix about a month ago and it is uninstalled. My browser no longer asks me where to download to, so I will drag it to the desktop from downloads.


Deleted a huge chunk of multi entries sorry if it is still cluttered, I did not want to delete anything you might want to look at. If I took anything out I should not have(unlikely) I still have the original log. I am now doing the rest of your directions. Also my mouse is having a very hard time circling text atm, if it doesn't stop acting wacky after your help I am buying a new one.

EDIT
I was following your instructions top to bottom and just saw your rule do not use any cleaning program while receiving help. I ran ccleaner after combofix. The cleaner and the registry. I will continue the rest of your advice I hope I did not mess anything up. Also I have bittorrent I will not run it, If I need to uninstall it during this process I will gladly do so.


ComboFix 12-04-31.02 - Josh 04/30/2012 10:50:23.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2640 [GMT -7:00]
Running from: c:\users\Josh\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch\clients.json
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch\tabs.json
c:\windows\SysWow64\urttemp
c:\windows\SysWow64\urttemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-28 to 2012-04-30 )))))))))))))))))))))))))))))))
.
.
2024-11-03 12:06 . 2011-04-30 02:26 -------- d-----w- C:\DELL
2012-04-30 18:22 . 2012-04-30 18:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-04-30 18:22 . 2012-04-30 18:22 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2012-04-30 18:22 . 2012-04-30 18:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-25 15:24 . 2012-04-18 10:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A7F9C7C-CE29-49D2-90EC-246628445AA5}\mpengine.dll
2012-04-25 14:24 . 2012-03-07 00:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-04-25 14:24 . 2012-03-07 00:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-25 14:24 . 2012-03-07 00:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-04-25 14:24 . 2012-03-07 00:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-04-25 14:24 . 2012-03-07 00:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-04-25 14:24 . 2012-03-07 00:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-04-25 14:24 . 2012-03-07 00:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-04-25 14:23 . 2012-03-07 00:15 41184 ----a-w- c:\windows\avastSS.scr
2012-04-25 14:23 . 2012-03-07 00:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-04-25 14:23 . 2012-04-25 14:23 -------- d-----w- c:\programdata\AVAST Software
2012-04-25 14:23 . 2012-04-25 14:23 -------- d-----w- c:\program files\AVAST Software
2012-04-21 06:56 . 2012-04-21 06:56 -------- d-----w- c:\programdata\Battle.net
2012-04-21 02:07 . 2012-04-21 08:40 -------- d-----w- c:\program files (x86)\Diablo III Beta
2012-04-17 05:00 . 2012-04-17 05:00 388096 ----a-r- c:\users\Josh\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-17 05:00 . 2012-04-17 05:00 -------- d-----w- c:\program files (x86)\Trend Micro
2012-04-16 03:32 . 2012-04-16 03:32 -------- d-----w- c:\windows\CheckSur
2012-04-12 05:31 . 2012-04-12 05:31 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-11 01:53 . 2012-04-11 01:53 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-04-11 01:51 . 2009-07-30 07:31 77824 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-04-11 01:51 . 2009-07-30 07:31 32768 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-04-11 01:51 . 2009-07-30 07:31 221184 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2012-04-11 01:51 . 2009-07-30 07:31 221184 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-04-11 01:51 . 2009-07-30 07:31 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2012-04-11 01:50 . 2009-07-29 16:31 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-12 05:31 . 2011-07-10 14:32 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 22:56 . 2009-10-24 20:01 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 03:17 . 2010-02-14 21:38 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-02 03:15 . 2010-02-14 21:34 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-02 03:15 . 2010-02-14 21:34 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-03-01 13:41 . 2010-02-14 21:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-03-01 01:23 . 2012-03-01 01:23 249856 ------w- c:\windows\Setup1.exe
2012-03-01 01:23 . 2012-03-01 01:23 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-03-01 00:02 . 2009-09-28 06:12 2660160 ----a-w- c:\windows\system32\nvapi64.dll
2012-02-29 21:00 . 2011-01-08 03:49 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-02-29 21:00 . 2011-01-08 03:49 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:59 . 2011-01-08 03:48 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:59 . 2011-01-08 03:48 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:59 . 2009-09-28 01:22 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-02-29 20:26 . 2012-02-29 20:26 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-02-24 17:36 . 2012-03-27 12:01 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-02-23 17:18 . 2009-10-24 19:00 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Cryptography Services Error !!
.
((((((((((((((((((((((((((((( SnapShot@2012-04-17_05.41.23 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-03-27 12:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-30 17:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-30 17:21 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 12:34 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-30 17:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-27 12:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-24 19:15 . 2012-04-29 15:32 47304 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-30 17:22 26020 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-10-24 18:46 . 2012-04-03 13:49 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-10-24 18:46 . 2012-04-24 15:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-24 18:46 . 2012-04-03 13:49 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-10-24 18:46 . 2012-04-24 15:41 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-03 13:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 15:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-04-19 06:28 97520 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-04-22 19:39 . 2012-04-22 19:39 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\e7efc73c52a5aeaf1fc83470ed455f4f\System.Web.DynamicData.Design.ni.dll
+ 2009-10-26 11:04 . 2012-04-30 05:54 5940 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-10-24 19:08 . 2012-04-30 17:22 7000 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1737896416-2570679988-651388281-1000_UserData.bin
+ 2012-04-30 17:09 . 2012-04-30 17:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-17 00:49 . 2012-04-17 00:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-17 00:49 . 2012-04-17 00:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-30 17:09 . 2012-04-30 17:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-25 21:38 . 2012-04-25 21:30 422412 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2012-04-24 15:24 . 2012-04-24 15:24 413000 c:\windows\system32\FNTCACHE.DAT
- 2012-04-09 19:51 . 2012-04-09 19:51 413000 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:01 . 2012-04-16 14:50 395216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-30 05:54 395216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-22 19:39 . 2012-04-22 19:39 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ebd99d5801192b27f605630e2665db37\WindowsFormsIntegration.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\76a205e2eeeafe760194d69c2513c1aa\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\d83371c8d64fd4071182f34a96f09983\System.Web.Extensions.Design.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\b147a82018c10ea7dfaf8f8125c92f56\System.Web.Entity.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\a98a8990270a77e6a62e067909aa332e\System.Web.Entity.Design.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\9b16b040d3d0c86777de01bab5b9d0f1\System.Web.DynamicData.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\a6fbeebf631e147104fbde01bcc6602c\System.Web.DataVisualization.Design.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9cabbb335fc6dff10392376707a4d0a2\System.ServiceProcess.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\621d2aae96fd06f9ccf66d335d7f1232\System.Messaging.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09237903b1f9e5c7a69a4995d85eaa35\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\2965fcd151e21543887df9006519ed58\AspNetMMCExt.ni.dll
+ 2010-02-06 10:17 . 2012-04-19 14:06 2939544 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-06-02 11:27 . 2012-04-24 22:35 7336828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1737896416-2570679988-651388281-1000-12288.dat
+ 2012-04-22 19:39 . 2012-04-22 19:39 1226752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\abfe51993df8d3de6f000297de7ead9d\System.WorkflowServices.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 4476416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\03a20bf18f39c7d1a98769c6bcb46830\System.Workflow.ComponentModel.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\533c90d6e55e0529feb68df7f0dad47b\System.Workflow.Activities.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\acae13e8725a0a5da6dcda3e309cb9d2\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\cfd26c0116fafc3f71408fb255ff824a\System.Web.Mobile.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 3126784 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\494597da341f23eed60c65daf13d93dd\System.Web.Extensions.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 4575232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\ff3ad02fb7f572ec84afc681fda661fc\System.Web.DataVisualization.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\7175344bfab919484674d37de776a82f\System.Printing.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\d0ae88ebdc709e940fbd0c6bafcab13c\System.Deployment.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\f4311e621d2bbf4de0d32bae765b1484\System.Activities.Presentation.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\f4ab7bc19b981163de613143a1e1c997\ReachFramework.ni.dll
+ 2012-04-22 19:39 . 2012-04-22 19:39 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\3e896ba1c3cc8d62c267508dccd7aa5a\PresentationUI.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\7511c9da502ed9c4e630a902d462cdef\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1f54c28f39e25b121c374480ad50d384\Microsoft.VisualBasic.ni.dll
+ 2012-04-22 19:38 . 2012-04-22 19:38 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\98d8d80f4b2d74cb4c5dc31483793bfb\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2010-05-03 11:35 . 2012-04-30 05:54 25066296 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1737896416-2570679988-651388281-1000-8192.dat
+ 2012-04-22 19:39 . 2012-04-22 19:39 12079616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\a0fb4bd3ae9ce574167ae3a79b7a1aa5\System.Web.ni.dll
.
-- Snapshot reset to current date --
 
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Josh\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-29 36864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 253600]
R3 ATICDSDr;ATICDSDr;c:\users\Josh\AppData\Local\Temp\ATICDSDr.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 cpuz130;cpuz130;c:\users\Josh\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\aeriagames\MetalAssault\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28ux.sys [x]
R3 rt61x64;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\DRIVERS\WMP54Gv41x64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
R3 X6va005;X6va005;c:\users\Josh\AppData\Local\Temp\005CF5F.tmp [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-23 370024]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 ALSysIO;ALSysIO;c:\users\Josh\AppData\Local\Temp\ALSysIO64.sys [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 05:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-01 1873288]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;192.168.*.*;<local>????????†††??†††}:??????????????;<local>;<local>??????????????????????????????????????????????????????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.3.1
DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} - hxxp://67.128.8.65:12088/WatSearCtrl.cab
FF - ProfilePath - c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z179&form=ZGAADF&install_date=20111104&q=
FF - user.js: signed.applets.codebase_principal_support - true
/* To avoid the user interaction, add the following lines: */
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/
/* GLDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/
/* BGFR */
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/
/* BILD */
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/
/* BTUK */
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/
/* CLIC */
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/
/* COUK */
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/
/* MEDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/
/* EUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/
/* FUNR */
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/
/* GONE */
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/
/* GUDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/
/* META */
FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.id - hxxp://www.preprod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.id - hxxp://www.preprod.metaboli.fr/
/* MNDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/
/* MNFR */
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/
/* MNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/
/* NCNU */
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/
/* QPUK */
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/
/* SFFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/
/* SPDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/
/* WOJ_ */
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/
user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);
/* added 17-03-09 */
user_pref(capability.principal.codebase.YummyPlayer_XX0412.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0412.id,hxxp://cnet.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.id,hxxps://cnet.metaboli.co.uk);
/* GWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.id - hxxp://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.id - hxxp://gwde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.id - hxxps://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.id - hxxps://gwde.int.metaboli.fr/
/* GMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.id - hxxp://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.id - hxxp://gmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.id - hxxps://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.id - hxxps://gmuk.int.metaboli.fr/
/* CNET */
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.id - hxxp://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.id - hxxp://cnet.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.id - hxxps://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.id - hxxps://cnet.int.metaboli.fr/
/* IGUK */
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.id - hxxp://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.id - hxxp://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.id - hxxps://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.id - hxxps://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.id - hxxp://Incgamers.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.id - hxxps://Incgamers.metaboli.co.uk/
/* SKFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.id - hxxp://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.id - hxxp://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.id - hxxps://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.id - hxxps://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.id - hxxp://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.id - hxxps://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.id - hxxp://ondemand.premium.games.skyrock.net/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.id - hxxps://ondemand.premium.games.skyrock.net/
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.id - hxxp://free-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.id - hxxps://free-int.metaboli.fr/
/* GNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.id - hxxp://gamestation.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.id - hxxps://gamestation.metaboli.co.uk/
/* NEW MSN UK DE */
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.id - hxxp://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.id - hxxps://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.id - hxxp://pc-spiele-flatrate.msn.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.id - hxxps://pc-spiele-flatrate.msn.de/
/* VMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.id - hxxp://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.id - hxxps://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.id - hxxp://vmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.id - hxxps://vmuk.int.metaboli.fr/
/* WDDE (web de) INT */
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.id - hxxp://wdde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.id - hxxps://wdde.int.metaboli.fr/
 
/* ORUK */
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.id - hxxp://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.id - hxxps://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.id - hxxp://oruk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.id - hxxps://oruk.int.metaboli.fr/
/* MEDI int */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.id - hxxp://medi.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.id - hxxps://medi.int.metaboli.fr/
/* SAT1 */
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.id - hxxp://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.id - hxxps://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.id - hxxp://sat1.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.id - hxxps://sat1.int.metaboli.fr/
/* OWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.id - hxxp://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.id - hxxps://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.id - hxxp://owde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.id - hxxps://owde.int.metaboli.fr/
/* GRAD INT */
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.id - hxxp://grad.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.id - hxxps://grad.int.metaboli.fr/
/* RTLN */
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.id - hxxp://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.id - hxxps://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.id - hxxp://rtln.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.id - hxxps://rtln.int.metaboli.fr/
/* MNIT */
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.id - hxxp://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.id - hxxps://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.id - hxxp://mnit.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.id - hxxps://mnit.int.metaboli.fr/
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.id - hxxps://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.id - hxxp://atheneum.uk.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.id - hxxps://atheneum.uk.com/
/* SCDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.id - hxxp://schueler.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.id - hxxps://schueler.metaboli.de/
/* MNSE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.id - hxxp://spela.pcspel.msn.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.id - hxxps://spela.pcspel.msn.se/
/* GMSE */
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.id - hxxp://game.metaboli.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.id - hxxps://game.metaboli.se/
/* OHFR */
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.id - hxxp://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.id - hxxps://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.id - hxxp://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.id - hxxps://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.id - hxxp://ohfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.id - hxxps://ohfr.metaboli.fr/
/* OHDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.id - hxxp://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.id - hxxps://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.id - hxxp://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.id - hxxps://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.id - hxxp://ohde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.id - hxxps://ohde.metaboli.de/
/* GAMETAP */
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.id - hxxp://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.id - hxxps://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Josh\AppData\Local\Temp\005CF5F.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1737896416-2570679988-651388281-1000\Software\SecuROM\License information*]
"datasecu"=hex:a6,3c,20,65,84,74,d3,b2,5e,76,6d,7d,31,4e,a7,35,63,18,5a,ca,66,
93,99,d8,1b,fd,f5,df,b8,88,83,7a,2c,7d,93,a4,8b,f7,b1,9a,9a,05,b8,22,ab,94,\
"rkeysecu"=hex:fe,99,c2,8a,da,a7,f4,1d,e1,87,b2,09,ea,48,1d,fc
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-30 11:25:13
ComboFix-quarantined-files.txt 2012-04-30 18:25
.
Pre-Run: 80,176,156,672 bytes free
Post-Run: 80,010,706,944 bytes free
.
- - End Of File - - 8FBB79F8D269A9B99D4DC33FBBE380ED
 
ESETOnlineScan found no infections

CKSCANNER LOG
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\debugmode\wax 2.0\presets\vl presets\vl misc\cracked.wxpr
c:\program files (x86)\microsoft directx sdk (february 2010)\samples\c++\direct3d\uvatlas\crackdecl.cpp
c:\program files (x86)\microsoft directx sdk (february 2010)\samples\c++\direct3d\uvatlas\crackdecl.h
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_1.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_1b.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_2.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_2b.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_3.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_4.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_5.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_6.psf
c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota\particles\particle_snapshots\good_ancient_destruction\goodancient_ground_crackglow_7.psf
scanner sequence 3.GE.11.NELBUO
----- EOF -----
 
Please see this: P2P SOFTWARE USER ADVISORIES

All of the goodancient_ground_crackglow_#.psf are torrent downloads.
---------------------------------------
My browser no longer asks me where to download to, so I will drag it to the desktop from downloads.
Click to expand...
Advise open your browser and set default download location to desktop.:
For Firefox: Open Firefox> Tools> Options> Main section> Downloads section> Check Save download to.......Browse to an select Desktop
=========================
About this:
I am getting a new 2 tb hard drive and I am long over due for a cleaning.
Click to expand...
The purpose of this forum is to help you find and remove malware. You should do any other 'cleaning' such as uninstall programs you don't use, delete temporary internet files nad Cookies, do disc cleanup, defrag and error check. Also delete files and folders you are finished with. Don't do this now but it will be up to you to get it done when we have finished with malware cleaning. When I see some logs, I get the feeling that we are frequently used as the local laundrymat!
========================
Error seen in Combofix: Cryptography Services Error !!
You cannot install some updates or programs:
Setup could not verify the integrity of the file Update.inf. Make sure the Cryptographic service is running on this computer.
See if this handles the update problem:
Set Cryptographic Services to Automatic, and then try to install the program again.
1. Click on Start> Run> type in services.msc> Enter.
2. Double-click Cryptographic Service to open
3. Set Startup Type to Automatic Start
4. Click Start to start the Service.
Exit Services.
Try the update again- see if the error is gone. If not, we'll go further.
=========================================
Possible update problem or tool related:
You may become unable to install updates from Windows Update, due to inconsistencies in file data or registry data. By installing the System Update Readiness Tool, you can resolve these inconsistencies and you will be able to install updates from Windows Update. After the System Update Readiness Tool is installed, install updates again from Windows Update.
Entry: 2012-04-16 03:32 -------- d-----w- c:\windows\CheckSur> for Checking System Update Readiness.
Reference: http://support.microsoft.com/kb/947821
=========================================
Regarding the Firefox entry section beginning with:
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
and continuing down to:
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect
Click to expand...

Have you added lines to invoke this? Please see http://forums.mozillazine.org/viewtopic.php?f=25&t=729685&p=3801935
I have never seen entries like this output persistently in Combofix.
--------------------------------------
Combofix has also deleted some FF files that may be related to DPC Latency. This is not an area I'm familiar with, but if you are setting up special features to run, you might want to examine them:
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch\clients.json
c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\weave\toFetch\tabs.json
Click to expand...
There are also removals of URTTemp entries: These are related to the NET Framework:
c:\windows\SysWow64\urttemp
c:\windows\SysWow64\urttemp\regtlib.exe
Click to expand...
==================================================
There is a proxy override setting from hell! We can handle that:
Reset your browser proxies
  • For Firefox:
    o Open Firefox, click on "Tools" then "Options" and then on "Advanced".
    o Click on the "Network" tab, and then on the "Settings" button.
    o Please make sure that the "No Proxy" option is selected.
  • For Internet Explorer:
    o Open Internet Explorer.
    o Click on "Tools" and then select "Internet Options".
    o Click on the "Connections" tab and click the "Lan Settings" button at the bottom.
    o Uncheck "Use a Proxy server for your LAN".
    o Click Ok to close the Local Area Network (LAN) Settings window.
    o Click Ok to close the Internet Options window.
==================================================
Please run this Custom CFScript:

  • [1]. Close any open browsers.
    [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:
Code: 
File::
DDS::
uInternet Settings,ProxyOverride = 127.0.0.1:9421;192.168.*.*;<local>????????†††??†††}:??????????????;<local>;<local>??????????????????????????????????????????????????????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Save this as CFScript.txt, in the same location as ComboFix.exe
CFScriptB-4.gif


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . Please paste into to your next reply.
====================
Note: Spell check has not been run.
 
I have dota 2 beta, iv had it for about 4 months as far as I know you cannot get a cracked version as is with most betas. Perhaps youv made a mistake or rather the search program made a mistake. Again I really do appreciate your help :), time to get to business. Oh when I said cleaning I really meant the malware, since that setup fix virus I have had a few trojans a week, I dont want them spreading to my new hd. My download manager no longer works my mouse is wacky etc. If this was a laundry mat it would be the best on the web hehe.

Downloads have been set to the desktop.

Cryptographic service was and is set to automatic, I pressed start and got error 1067.
I will wait for more instructions before I proceed.

No I did not add any lines to combo fix nor am I running it in any special way. That system fix virus seems to hit your computer all over.
 
I'd like you to run OTL. It has 2 logs and may give me a bit more information about some of the entries. Please check your logs and let me know if you have any idea why all the Firefox user.js: capability.principal.codebase...... entries are printing out.

For the Cryptographic Service error: When I attempt to start the service I receive an error 1067, please see THIS.
===========================
  • Download OTL from one of the links below and save it to your desktop.
    OTL.exe
    OTL.com
    OTL.scr
    You just need one. Sometimes the file extension gets blocked.

    Note: When using these links, use Internet Explorer to download. If using Firefox, you should right-click and use "Save link As". Otherwise, on some systems, FF attempts to open the file as a script and just a bunch of gibberish is displayed.
  • Double click the OTL icon to run it.
    OTL_icon.gif
  • The opened console will resemble this:
    OTLv3.1.5.0.gif
  • Set Output at the top to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Copy the entries in the Codebox below> Paste in the Custom Scan box.
    Code: 
    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
userinit.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    Make sure all other windows are closed and to let it run uninterrupted.
  • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
 
I really do not know why they are printing out, ill look at them more when I post em here its easier on the eyes, my computer knowledge is still low compared to the helpers on here.

OTL Extras logfile created on: 5/1/2012 12:41:32 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Josh\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 67.45% Memory free
8.00 Gb Paging File | 6.65 Gb Available in Paging File | 83.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.16 Gb Total Space | 66.00 Gb Free Space | 11.07% Space Free | Partition Type: NTFS

Computer Name: THETIMEMACHINE | User Name: Josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Play_with_TriDef_Media_Player] -- "C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" "%1" (DDD Group Plc.)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe" = C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel
"C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe" = C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe" = C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel
"C:\Program Files (x86)\Subagames\ACE Online\Launcher.atm" = C:\Program Files (x86)\Subagames\ACE Online\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Subagames\ACE Online\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Subagames\ACE Online\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)
"C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe" = C:\Program Files (x86)\NCsoft\Exteel\System\Exteel.exe:*:Enabled:Exteel
"C:\Program Files (x86)\Subagames\ACE Online\Launcher.atm" = C:\Program Files (x86)\Subagames\ACE Online\Launcher.atm:Enabled:GameExe2
"C:\Program Files (x86)\Subagames\ACE Online\Res-Voip\SCVoIP.exe" = C:\Program Files (x86)\Subagames\ACE Online\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe" = C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef 3D Media Player -- (DDD Group Plc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C66F40-7B40-4FFB-A13F-D2356D9D6DB8}" = lport=53 | protocol=17 | dir=in | name=udp5 |
"{09DE5738-1C2D-43AF-9380-9DD2631BF8AE}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0E7558D6-4897-4AD5-B497-DF7FEBB4D2E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1339EE0D-DAB7-4857-BFAC-FE9ECDE338E4}" = lport=88 | protocol=17 | dir=in | name=udp1 |
"{145BB0B4-1073-4C1A-AE9C-032CDF0C2645}" = lport=3074 | protocol=17 | dir=in | name=udp3 |
"{1EF12B8C-43A6-4345-8C94-29F393B6CFAB}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{57FBE1C5-6FA7-419F-84C9-1941EF93F5B0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{64F49F1D-0364-442F-B347-B3FDF523E1C4}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{6A816175-72B0-4139-A487-996D16209987}" = lport=53 | protocol=6 | dir=in | name=tcp3 |
"{7A30A575-EACE-41A9-A6C4-F784C3AE140B}" = lport=8370 | protocol=6 | dir=in | name=league of legends launcher |
"{7ED99E97-0A72-4D47-A410-B75E69A9481C}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{8023DB12-8294-4996-AB81-977E5FA10A5D}" = lport=8370 | protocol=17 | dir=in | name=league of legends launcher |
"{86778EA5-1313-4B2C-B1B5-17DB23287301}" = lport=88 | protocol=17 | dir=in | name=udp2 |
"{89DC954F-85CE-439E-B717-6E8F3E2BD34B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A59C389F-F0E2-475B-A423-FED65E0EB0BB}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{A8F9CDA0-66F8-4BC3-B17B-2B85A85A5F63}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{ADEDD33C-1965-4FC3-944E-5E9CA54E3D78}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{B52189CA-2231-41D8-9356-EC0D9C35C2BD}" = lport=3074 | protocol=6 | dir=in | name=tcp2 |
"{C0848C80-74D9-49E1-8EB2-1AB97FBAD590}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C2F25AF0-B6EF-46AA-88F4-91AE8AD91213}" = lport=80 | protocol=6 | dir=in | name=tcp windows live |
"{CA89BA0D-AAEA-47C3-A30A-8E27176C3AC5}" = rport=2869 | protocol=6 | dir=out | app=system |
"{E1B9772F-4284-4FEF-B83C-47B0C8A20F75}" = lport=443 | protocol=6 | dir=in | name=tcp4 |
"{ED202BEA-0D14-4813-8668-4301EDA7F97D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0090860C-C0DD-4C6E-9531-F52AF2AB945F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{01C85E96-DAD8-417B-A4AE-AA05B631980B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{05E0C51D-5AD2-486A-86D1-6866BF6943F4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{08DD33F2-5E83-4B42-BE5A-4545CB9BD9BC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E17B385-5AC9-45C3-85E5-3DAFEACE516F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{109D716A-2987-4B48-94D3-2E904E645524}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"{10F9BC23-E181-4ADE-B97A-F4AFA220BB7C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{17873069-6CF0-48A6-AAD8-D3780199D7B7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{17ACB3FE-F992-48BE-B41A-6D37CA1549C3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1923DD3F-34C8-4A73-901C-007A5B640B5E}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{1FF5DA0B-8670-411E-B5DE-1042987D4AAB}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{211AACA7-1B11-491A-9611-7B3AD76C3F7E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"{21281D35-3BBA-4E31-BB33-93132F550203}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{239CCFE3-7BB2-480B-AF07-C4000FDA7541}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"{2AA4FD06-1620-4C66-B982-CE0D58369AC5}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"{2AC01B09-B502-4363-8253-2B226F888229}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"{3842B008-BF2D-43ED-B79D-F6B8A1319BF4}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"{3D91190E-7760-4210-879A-4FFA09D9F3A7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{545BB4F0-FADB-4175-B45E-00DB997D1418}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{564AB15D-974B-473C-924E-98A14738B7FE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{571724F0-FBCA-442D-ABD3-3295EE711C75}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19132\sc2.exe |
"{57B718B9-B64F-4E89-B2A0-E524519A6076}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{5A3A59D1-71C2-45BA-B168-A4A05BF6F4CC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5A819D00-FF2F-41CF-9F7D-81A24CA849BF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{5B335C2B-C803-4BED-A362-24D2E72940D2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5BD28610-23BF-4315-B901-E31AE61A5DC5}" = protocol=6 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"{603E6669-BE87-4373-93C9-1691F1663283}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{618E57B1-7D58-4788-B2D2-5E500EA07AB8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"{6F40B860-ADA4-4E38-A1E7-5DC4BD617E3B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74CEB489-8532-41B0-8F35-BDD283B4C068}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{7ABC659C-7F74-4E55-A8CB-7D573388EC98}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"{7B8A7B89-84CE-4838-B8D0-4028349EB181}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{7CDCECB4-BBB9-42A5-AEF6-3D81DCDD6698}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7D50A914-18B5-4D02-9364-F1C10F4F8B44}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7EA540A5-F14A-47E2-AC6F-E5798C1A87D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{8822A171-669D-4131-9E1D-C7B06A351675}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{883CDE15-B1A3-4478-9DFE-36E852BE5342}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{8AFF3DFF-C081-4C4D-AF7D-1BAFF143B013}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8B9D2B3C-0CA9-4A29-81C2-5BFCAFE7D7C7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9609CE80-1932-4CD1-9F6F-362AD6FF2306}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{99EEE59E-8CB0-4B11-8475-573F59FA772D}" = protocol=6 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{9BE576ED-2C0C-45CC-8AB3-0012BD72B662}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\from dust\from_dust.exe |
"{9C34B9E2-3BEF-49BA-8F0E-F1EBBFDF285C}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{9E50A2B7-1309-4294-8E2A-519BDDC788A9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{9F024925-5970-48E1-8110-C09230AEF828}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield 3\bf3.exe |
"{A20D6A17-9F9D-4273-B010-8C39EE7D36E6}" = protocol=17 | dir=in | app=c:\programdata\nexon\ngm\ngm.exe |
"{A52190A0-3363-450A-88A3-F3E7A2423CCF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{A9E75948-BF21-44DE-96E1-DC1B1973B257}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"{AB0E41FB-3043-4724-A2D4-F54C74DA0828}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{ABBA8F69-342D-43EA-AFBA-428013E82EE6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{ABC838C6-A66B-450A-9675-491FD99E7012}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{B43BEEE4-150D-479E-A667-74CBDA0CB2BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\duke nukem forever\system\dukeforever.exe |
"{B5D96292-0740-408A-87F1-20EC1FC31AA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B980B8E6-3FFD-4F49-80A7-5976803F27AF}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"{BEEA5C0F-F7FC-48F2-B128-D5F701E0180A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C8E812CB-F32E-4D77-9319-436CC0A76F55}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CBEE7952-1269-4F0D-9DD8-166500E25C3D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D1B7204B-955C-4CED-80F6-B1B95EFB1E74}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19132\sc2.exe |
"{D6A449C2-B00C-46D9-A867-4B3D72705FDB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D717B8DA-72BB-4F28-9F77-6A098207BCE5}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{DCF340C9-E161-468A-933E-518ACA3D2BE5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{DE4EC0B3-1520-42C7-9AF6-1CD911E13C2F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E573A550-14F6-4652-AA64-6780416E99FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E9665578-0D90-4387-BB66-AF1DE1ADD747}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{EC903A9B-837E-4B1C-B20B-D5CF9119C0CE}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{ECC8EDF9-C377-4C3A-A76F-9C4458109BD1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F09544C1-8C91-43C7-819D-40A001DD96F4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base19679\sc2.exe |
"{F0AB8F5F-86FB-4D26-BB21-FEA917409B4D}" = protocol=17 | dir=in | app=c:\users\josh\appdata\local\akamai\netsession_win.exe |
"{F0AD404E-5340-4D59-B45E-8A1CF9CD6573}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{F324E3B6-5978-4C3E-9849-72559517540A}" = dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"{F5C15393-7653-473E-A7B1-2110DA893551}" = protocol=6 | dir=in | app=c:\users\josh\appdata\local\akamai\netsession_win.exe |
"{FBD09683-DE11-4DDE-8E28-5417BDE70710}" = protocol=17 | dir=in | app=c:\programdata\nexon\common\nmservice.exe |
"TCP Query User{0EF667BD-CFB0-4E12-A817-828F16E81C19}C:\users\josh\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\josh\appdata\local\akamai\netsession_win.exe |
"TCP Query User{27F5E630-C41F-48EE-9EA3-27E05D70FE0E}C:\aeriagames\wolfteam\wolfteam.bin" = protocol=6 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"TCP Query User{2E72A283-A3A5-4846-8489-A1FBE0489C00}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"TCP Query User{33A5ED10-911D-49A6-919C-E56BC3C75DEF}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{36DB6F2C-C60B-434E-8896-A942E2C052D5}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"TCP Query User{3D29B3DA-1F18-446C-BBEA-0D0692387909}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{422B1F89-1AAE-41F3-88E2-7237439B2CAF}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"TCP Query User{43C70E30-1BBD-43B6-BD7E-545FFE55387F}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"TCP Query User{5650649B-398D-41AF-A3B5-DAB9ABEA3D21}C:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe |
"TCP Query User{73051508-40B5-484D-81E8-BCC3F51F5B13}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{81D3F706-7AE3-48F2-9618-3238592811C9}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"TCP Query User{8DBBF219-4C81-454C-B313-8C0D3ACEE6AD}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{9422646D-CC81-40B9-A06E-1A41883E42E4}C:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe |
"TCP Query User{A7D04F8C-2CA3-4D71-8161-602C827AF2F2}C:\program files (x86)\ijji\ijji reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ijji\ijji reactor\reactor.exe |
"TCP Query User{AB4862BB-6C68-42E1-A1DE-D39F06584C0A}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"TCP Query User{AC27D427-9BB4-4146-8B64-16B88C1BD1A0}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"TCP Query User{B30330B5-EA28-4812-8CEE-DB9631E70976}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{BF3543CB-4921-45F9-B43B-0B035F23DABC}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{CC605B57-5C9D-48B1-A43F-30AEAC20CF68}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{D5B5DB21-35EB-491B-BAE8-69EF0DAF89EB}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 |
 
dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{D5D7EC66-0779-4F06-8F5C-76D9DDFF23E6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{E4054737-297B-4B80-B60A-285B51756BA9}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{E486B51A-58F2-4327-96FF-C1AB8A28EEBA}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"TCP Query User{FA483206-6E56-4AF0-A04C-A9E45CE672CF}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{0B96B93F-26A0-4D69-8633-DB91207D6779}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{1F7DBA32-DCD5-4CD9-868D-71AAED72D9DD}C:\program files (x86)\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{3917C0D0-4D79-4F0B-8C96-DC7F8D5BBA11}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{3C56250B-9D57-41C4-AF88-F0C6B6235AAD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{3D465F1D-11BB-445B-9C12-DD1B1AFDDDA0}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{4942E4C8-2D4E-4E33-952C-0FDF9504CF10}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{6712DFA6-1A03-4673-9661-D02F60385D5F}C:\program files (x86)\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{6B9E65FB-A12A-4435-B434-A12F9AD70F64}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{6BF6A22E-A25C-4295-A12F-ED9241911307}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe |
"UDP Query User{7CB3D044-736B-411D-AAE2-D1C4308271DF}C:\program files (x86)\starcraft ii\versions\base16605\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16605\sc2.exe |
"UDP Query User{7EDF809B-2783-4667-80BB-EF5784A35147}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{92215D07-97D9-4F53-B044-3691706AF1FB}C:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\firefly studios\stronghold 3\bin\win32_release\stronghold3.exe |
"UDP Query User{9ADF0F81-BF21-49E9-A02A-DFF5DF27231F}C:\program files (x86)\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maniaplanet\maniaplanet.exe |
"UDP Query User{9AF50C16-1495-4D5C-8C70-4E6037DF8DAE}C:\aeriagames\wolfteam\wolfteam.bin" = protocol=17 | dir=in | app=c:\aeriagames\wolfteam\wolfteam.bin |
"UDP Query User{9BD74B37-843C-45D7-B9FD-5CEC60136A8F}C:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe |
"UDP Query User{9FC147DC-0B8C-46FB-98AF-18CDF05F4E12}C:\program files (x86)\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{A9CA096F-1E34-4AC6-8D43-E1F7A6D76C03}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{AE3EC6A9-459A-4B7B-A20E-E79C7D1B73E3}C:\program files (x86)\ijji\ijji reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ijji\ijji reactor\reactor.exe |
"UDP Query User{B1F039E5-647E-46CA-B1CC-A3B6683331C0}C:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\users\josh\desktop\rarely used\games\left.4.dead.2.full.patched.directplay.ibbes\left 4 dead 2\left4dead2.exe |
"UDP Query User{B3F59A95-F518-4CA2-9E91-CA34DA658939}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base15405\sc2.exe |
"UDP Query User{D18EB8C5-AE5E-4A46-805A-62F256820D68}C:\program files (x86)\diablo iii beta\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii beta\diablo iii.exe |
"UDP Query User{D6D49866-D316-4792-A37D-6982062F0B92}C:\program files (x86)\starcraft ii\versions\base16755\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base16755\sc2.exe |
"UDP Query User{ED2B7BA9-E622-454E-8C61-DBC8D83D4BF2}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{F50C9325-EFDA-4469-B4CE-73B31C515062}C:\users\josh\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\josh\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}" = Microsoft SQL Server 2008 Native Client
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{111DB3F0-0C58-4475-9954-1BD5B7B28618}" = League of Legends
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5C9530C0-957F-4CC4-ADA9-A7195BD9394C}" = AGEIA GAME System Software 2.8.0
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6F3D2F66-F050-45E3-BEB1-6523FE6D6690}" = MotoHelper MergeModules
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{8118FA36-FB52-4738-9BFB-4380E91B7D36}" = Google Drive
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{868EC22E-7E82-4760-9265-3F2E705BF24B}" = League of Legends
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{E736D890-A1FE-41FF-85E6-77F94E3CC8D4}" = Plantronics Spokes Software
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Akamai" = Akamai NetSession Interface Service
"All ATI Software" = ATI - Software Uninstall Utility
"AudibleManager" = AudibleManager
"AutoItv3" = AutoIt v3.3.6.0
"avast" = avast! Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"DebugMode Wax 2.0" = DebugMode Wax 2.0
"Diablo II" = Diablo II
"Diablo III Beta" = Diablo III Beta
"Downloader" = Downloader
"ePSXe" = ePSXe 1.7.0
"ESET Online Scanner" = ESET Online Scanner v3
"ESN Sonar-0.70.0" = ESN Sonar
"ESN Sonar-0.70.4" = ESN Sonar
"essentials-bundle" = TriDef 3D 4.4
"FCEUX" = FCEUX 2.1.2
"Fraps" = Fraps
"GamersFirst LIVE!" = GamersFirst LIVE!
"GFWL_{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"HbsMozillaLauncher" = HbsMozillaLauncher 1.0
"HTC_WModemDriver" = WModem Driver Installer
"ImgBurn" = ImgBurn
"InfraRecorder" = InfraRecorder
"InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"ManiaPlanet_is1" = ManiaPlanet
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft DirectX SDK (February 2010)" = Microsoft DirectX SDK (February 2010)
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PCSX-Reloaded" = PCSX-Reloaded 1.9.92
"Portforward Static IP Address" = Portforward Static IP Address 1.0.45
"PunkBusterSvc" = PunkBuster Services
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Hero Editor V0.96
"StarCraft II" = StarCraft II
"Steam App 33460" = From Dust
"Steam App 570" = Dota 2
"Steam App 57900" = Duke Nukem Forever
"SystemRequirementsLab" = System Requirements Lab
"Trine 2_is1" = Trine 2
"ULTIMATER" = Microsoft Office Ultimate 2007
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"WolfTeam" = WolfTeam

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"Akamai" = Akamai NetSession Interface
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"Warcraft III" = Warcraft III: All Products
"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/30/2012 4:45:10 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0xf88 Faulting application start time: 0x01cd27122259fecb Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\ESENT.dll
Report
Id: 6015b4bd-9305-11e1-b55f-00241d7d5d3a

Error - 4/30/2012 5:04:02 PM | Computer Name = TheTimeMachine | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Josh\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 4/30/2012 6:05:46 PM | Computer Name = TheTimeMachine | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Users\Josh\Downloads\esetsmartinstaller_enu.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 5/1/2012 2:26:02 PM | Computer Name = TheTimeMachine | Source = MSSQL$SQLEXPRESS | ID = 9003
Description = The log scan number (405:456:1) passed to log scan in database 'master'
is not valid. This error may indicate data corruption or that the log file (.ldf)
does not match the data file (.mdf). If this error occurred during replication,
re-create the publication. Otherwise, restore from backup if the problem results
in a failure during startup.

Error - 5/1/2012 2:26:16 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0x41c Faulting application start time: 0x01cd27c7d30f051c Faulting application
path: C:\Windows\system32\svchost.exe Faulting module path: C:\Windows\system32\ESENT.dll
Report
Id: 2308b0ab-93bb-11e1-a82d-00241d7d5d3a

Error - 5/1/2012 2:27:57 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0xe14 Faulting application start time: 0x01cd27c7fda0ed51 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\System32\ESENT.dll
Report
Id: 5f1c5795-93bb-11e1-a82d-00241d7d5d3a

Error - 5/1/2012 2:46:06 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0xda4 Faulting application start time: 0x01cd27c821938159 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\System32\ESENT.dll
Report
Id: e8527a42-93bd-11e1-a82d-00241d7d5d3a

Error - 5/1/2012 2:46:44 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0x744 Faulting application start time: 0x01cd27cabdfbcd93 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\System32\ESENT.dll
Report
Id: fecff2af-93bd-11e1-a82d-00241d7d5d3a

Error - 5/1/2012 3:36:19 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0xd78 Faulting application start time: 0x01cd27cb58f5db0f Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\System32\ESENT.dll
Report
Id: ec8fdffd-93c4-11e1-a82d-00241d7d5d3a

Error - 5/1/2012 3:36:38 PM | Computer Name = TheTimeMachine | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: ESENT.dll, version: 6.1.7601.17577,
time stamp: 0x4d79bfba Exception code: 0xc0000005 Fault offset: 0x00000000000059a0
Faulting
process id: 0x1254 Faulting application start time: 0x01cd27d1b42b6e10 Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\System32\ESENT.dll
Report
Id: f7a51a98-93c4-11e1-a82d-00241d7d5d3a

[ System Events ]
Error - 5/1/2012 2:46:44 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The DNS Client service terminated unexpectedly. It has done this
4 time(s).

Error - 5/1/2012 2:46:44 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Workstation service terminated unexpectedly. It has done this
4 time(s).

Error - 5/1/2012 3:36:20 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Cryptographic Services service terminated unexpectedly. It has
done this 5 time(s).

Error - 5/1/2012 3:36:20 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The DNS Client service terminated unexpectedly. It has done this
5 time(s).

Error - 5/1/2012 3:36:20 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Workstation service terminated unexpectedly. It has done this
5 time(s).

Error - 5/1/2012 3:36:20 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Telephony service terminated unexpectedly. It has done this 3
time(s).

Error - 5/1/2012 3:36:38 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Cryptographic Services service terminated unexpectedly. It has
done this 6 time(s).

Error - 5/1/2012 3:36:38 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The DNS Client service terminated unexpectedly. It has done this
6 time(s).

Error - 5/1/2012 3:36:38 PM | Computer Name = TheTimeMachine | Source = Service Control Manager | ID = 7034
Description = The Workstation service terminated unexpectedly. It has done this
6 time(s).

Error - 5/1/2012 3:47:01 PM | Computer Name = TheTimeMachine | Source = volsnap | ID = 393230
Description = The shadow copies of volume C: were aborted because of an IO failure
on volume C:.


< End of report >
 
OTL logfile created on: 5/1/2012 12:41:32 PM - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Josh\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 67.45% Memory free
8.00 Gb Paging File | 6.65 Gb Available in Paging File | 83.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.16 Gb Total Space | 66.00 Gb Free Space | 11.07% Space Free | Partition Type: NTFS

Computer Name: THETIMEMACHINE | User Name: Josh | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Josh\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


========== Modules (No Company Name) ==========

MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\pythoncom26.dll ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32com.shell.shell.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\pyexpat.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32api.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\_elementtree.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\_ctypes.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._html2.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\_socket.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32crypt.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._core_.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._controls_.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._windows_.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._gdi_.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._misc_.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\_ssl.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\unicodedata.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\_hashlib.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32gui.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\wx._wizard.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32file.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\PyWinTypes26.dll ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32inet.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32process.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\win32event.pyd ()
MOD - C:\Users\Josh\AppData\Local\Temp\_MEI25162\select.pyd ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (WLANBelkinService) -- C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe ()
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (btnetBUs) -- C:\Windows\SysNative\drivers\btnetBus.sys ()
DRV:64bit: - (BtHidBus) -- C:\Windows\SysNative\drivers\BtHidBus.sys (IVT Corporation.)
DRV:64bit: - (IvtBtBUs) -- C:\Windows\SysNative\drivers\IvtBtBus.sys (IVT Corporation.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\Dnetr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (rt61x64) -- C:\Windows\SysNative\drivers\WMP54Gv41x64.sys (Ralink Technology Inc.)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek Corporation)
DRV:64bit: - (HabuFltr) -- C:\Windows\SysNative\drivers\habu.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebsearch.com/myweb...n=77de5b10&psa=&st=sb&searchfor={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {AD7B9ADE-16DB-439E-B078-B09A42A29E13}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=12316
IE - HKCU\..\SearchScopes\{1BB2D5A5-CB28-6828-A0B4-440879C5BE32}: "URL" = http://www.bing.com/search?q={searc...install_date=20111104&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebsearch.com/myweb...n=77de5b10&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{AD7B9ADE-16DB-439E-B078-B09A42A29E13}: "URL" = http://findgala.com/?&uid=5762&q={searchTerms}
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80031&lng=en
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://dm.startnow.com/s/?q={search...s_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;192.168.*.*;<local>????????†††??†††}:??????????????;<local>;<local>??????????????????????????????????????????????????????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.01
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {4DC70064-89E2-4a55-8FC6-E8CDEAE3612C}:0.6.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.26.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.mywebsearch.prevKwdURL: "data:text/plain,keyword.URL=http://search.yahoo.com/search?ei=UTF-8&fr=yff35awe&p="
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z179&form=ZGAADF&install_date=20111104&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@hanbiton.com/HbsMozillaLauncher: C:\ProgramData\hanbitsoft\nphlauncher.dll (hanbitsoft)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/04/25 07:23:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\components [2012/04/29 13:57:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins [2011/06/17 12:24:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\components [2012/04/29 13:57:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins [2011/06/17 12:24:38 | 000,000,000 | ---D | M]

[2009/11/14 02:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions
[2009/11/14 02:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2012/04/29 14:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions
[2011/12/02 06:04:47 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/01/09 15:00:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/01/09 15:01:02 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
[2011/12/02 06:13:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009/11/14 02:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josh\AppData\Roaming\Mozilla\SeaMonkey\Profiles\m50jeiji.default\extensions
[2011/02/27 19:39:30 | 000,002,059 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\searchplugins\daemon-search.xml
 
[2010/06/15 02:06:15 | 000,002,168 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\searchplugins\inbox-search.xml
[2010/06/15 02:06:14 | 000,010,060 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\searchplugins\mywebsearch.xml
[2012/03/27 01:02:33 | 000,001,210 | ---- | M] () -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\searchplugins\search.xml
() (No name found) -- C:\USERS\JOSH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8UDUIOJM.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JOSH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8UDUIOJM.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?q={searchTerms}&pc=Z179&form=ZGACDF&install_date=20111104
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query=%s
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Josh\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Josh\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Josh\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: TestGen Plug-in 7.4 (Enabled) = C:\Users\Josh\Desktop\Rarely Used\Mozilla Firefox\plugins\nptgeqplugin.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll
CHR - plugin: IGN Download Manager Plug-in (Enabled) = C:\Program Files (x86)\Download Manager\npfpdlm.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\Nexon\NGM\npNxGame.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Josh\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: We-Care Reminder Lite = C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.9_0\

O1 HOSTS File: ([2012/04/30 11:23:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Josh\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} http://67.128.8.65:12088/WatSearCtrl.cab (WebGuard Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} http://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab (IGDTester Class)
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.26.2.cab (Battlefield Play4Free Updater)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{365488EF-5C53-4A24-816F-85FF023530B1}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66B15DFE-C538-46E6-8B3A-458A7BCF3F19}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6F66D99-525E-450A-9C84-31B0FABEB1E9}: DhcpNameServer = 66.212.63.228 66.212.48.10
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\belarc - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2024/11/03 05:08:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2024/11/03 05:06:52 | 000,000,000 | ---D | C] -- C:\DELL
[2012/05/01 12:38:19 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/04/30 13:48:25 | 000,000,000 | --SD | C] -- C:\Users\Josh\Google Drive
[2012/04/30 13:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/04/30 13:30:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/04/30 11:54:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/04/30 11:53:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/30 11:25:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/04/30 10:42:37 | 004,479,582 | R--- | C] (Swearware) -- C:\Users\Josh\Desktop\ComboFix.exe
[2012/04/25 07:24:58 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/04/25 07:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/04/25 07:24:57 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/04/25 07:24:57 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/04/25 07:24:57 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/04/25 07:24:57 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/04/25 07:24:57 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/04/25 07:24:57 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/04/25 07:23:40 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/04/25 07:23:39 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/04/25 07:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/04/25 07:23:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/04/20 23:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012/04/20 19:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta
[2012/04/20 19:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III Beta
[2012/04/16 22:06:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/04/16 22:06:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/04/16 22:06:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/04/16 22:05:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/04/16 22:05:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/04/16 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/04/16 22:00:10 | 000,000,000 | ---D | C] -- C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/04/15 20:32:10 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/04/10 18:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012/04/10 18:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/04/10 17:43:54 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/04/10 17:43:54 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/04/06 15:02:28 | 000,000,000 | ---D | C] -- C:\Users\Josh\Desktop\School Semester 6
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/01 12:40:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/01 12:38:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Josh\Desktop\OTL.exe
[2012/05/01 12:35:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/01 11:31:04 | 000,019,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 11:31:04 | 000,019,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/01 11:25:53 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/01 11:25:52 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/05/01 11:25:42 | 000,413,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/05/01 11:25:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/01 11:25:28 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/30 13:48:25 | 000,001,700 | ---- | M] () -- C:\Users\Josh\Desktop\Google Drive.lnk
[2012/04/30 11:23:00 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/04/30 10:43:03 | 004,479,582 | R--- | M] (Swearware) -- C:\Users\Josh\Desktop\ComboFix.exe
[2012/04/25 07:24:58 | 000,001,801 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/25 07:24:57 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/04/20 19:08:48 | 000,001,219 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk
[2012/04/18 23:20:58 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/04/16 02:22:53 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/10 19:03:33 | 000,000,743 | ---- | M] () -- C:\Windows\ATICIM.INI
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/01 11:25:32 | 000,413,000 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/30 13:48:25 | 000,001,700 | ---- | C] () -- C:\Users\Josh\Desktop\Google Drive.lnk
[2012/04/30 13:30:06 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/30 13:30:04 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/25 07:24:58 | 000,001,801 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/25 07:24:57 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/04/20 19:07:03 | 000,001,219 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III Beta.lnk
[2012/04/16 22:06:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/04/16 22:06:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/04/16 22:06:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/04/16 22:06:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/04/16 22:06:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/04/16 02:22:53 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/04/11 22:31:32 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/10 19:03:21 | 000,000,743 | ---- | C] () -- C:\Windows\ATICIM.INI
[2012/03/27 01:01:55 | 000,000,112 | ---- | C] () -- C:\ProgramData\R4LNyYXq.dat
[2012/03/01 06:41:05 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/02 05:44:33 | 000,004,954 | ---- | C] () -- C:\ProgramData\pubjtini.xmz
[2010/12/28 00:10:30 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2010/09/02 01:21:22 | 000,000,190 | ---- | C] () -- C:\Users\Josh\AppData\Roaming\default.rss
[2010/07/06 19:27:33 | 000,000,092 | ---- | C] () -- C:\Users\Josh\AppData\Local\fusioncache.dat
[2010/05/05 21:51:27 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\uc_karos_launching.dll
[2010/05/05 18:36:45 | 002,427,248 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe

========== LOP Check ==========

[2011/02/16 17:17:27 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\.bsnes
[2011/07/09 02:52:02 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\.minecraft
[2012/01/09 14:33:35 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Ashampoo
[2012/04/30 22:48:47 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\BitTorrent
[2011/05/28 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Command and Conquer 4
[2010/02/11 03:57:57 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Command and Conquer 4 Beta
[2011/11/15 13:29:31 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DAEMON Tools Lite
[2010/12/21 00:35:00 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Darkfall
[2011/08/25 21:56:30 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Darkfall US
[2012/03/03 13:27:00 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\DarknessIIDemo
[2010/10/26 02:26:58 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\elefundesktops
[2009/12/11 14:09:17 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\FileZilla
[2009/10/26 16:05:10 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Free-backup.info
[2009/11/15 00:52:41 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\FrostWire
[2010/05/21 13:51:38 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\FUEL Demo
[2010/06/16 08:00:58 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\GetRightToGo
[2011/03/09 10:07:01 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Hi-Rez Studios
[2010/05/05 23:08:59 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\ijjigame
[2010/09/02 02:33:55 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\ImgBurn
[2012/01/09 15:22:59 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\InfraRecorder
[2011/02/26 12:50:31 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Kalypso Media
[2011/03/29 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\LolClient
[2009/11/14 11:14:37 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2009/11/14 08:51:13 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Mount&Blade
[2011/03/02 05:44:31 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Movavi
[2010/11/09 20:07:31 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Need for Speed World
[2010/10/26 06:33:29 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\NoteTab Light
[2011/07/10 07:04:27 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\OpenCandy
[2011/11/22 21:25:56 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Origin
[2012/01/17 22:04:24 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\PFStaticIP
[2010/11/27 03:49:02 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\runic games
[2009/12/19 00:29:18 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Subversion
[2011/11/24 22:00:09 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\supertuxkart
[2010/01/06 22:10:03 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\SystemRequirementsLab
[2012/03/27 05:00:49 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\TestApp
[2011/12/08 14:32:41 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Trine2
[2010/07/06 19:30:20 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Turbine
[2010/11/23 00:37:43 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\W
[2010/11/23 00:30:30 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\Wargaming.Net
[2010/05/21 19:49:02 | 000,000,000 | ---D | M] -- C:\Users\Josh\AppData\Roaming\ZombieDriver
[2012/04/23 23:32:00 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

As for the link regarding error 1067
[FONT=Arial]1. The setup mode is still active, you must return to setup mode and end the process through the shutdown link.[/FONT]

How do I go about this what is the shutdown link?

[FONT=Arial]2. You have another application running on port 443. For Windows 2000 this will be IIS, for other Operating Systems you will need to find out what process is using the port. There are two solutions for this, change the port that SSL-Explorer forwards on, or to change the port/shutdown the application that is currently using port 443.[/FONT]

What program can I use to see what ports are being used?

edit
I'm heading out will check back tomorrow.
 
I'm leaving the following OTL Fix for you to run- if it will run. There is so much running in this system! There are line and line of temp Python modules and dozens of other processes I don't even know why they are showing.
You are working on a 64-bit Windows NTWorkstation. This is not a system that can be worked on effectively on this kind of board- there's too much output. You are going to either find-and pay for remote help-or take it to a shpt with a very experienced tech. The work needed exceeds what we do here:
=======================================================
OTL Custom Scan Fixes
  • Run OTL
  • Copy the contents of the Code box and paste in the Custom Scans/Fixes box at the bottom:
    Code: 
    :OTL
IE - HKLM\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebsearch.com/myweb...n=77de5b10&psa=&st=sb&searchfor={searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes,DefaultScope = {AD7B9ADE-16DB-439E-B078-B09A42A29E13}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=12316
IE - HKCU\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebsearch.com/myweb...n=77de5b10&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{AD7B9ADE-16DB-439E-B078-B09A42A29E13}: "URL" = http://findgala.com/?&uid=5762&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;192.168.*.*;<local>????????†††??†††}:??????????????;<local>;<local>??????????????????????????????????????????????????????????????????????????????;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>;<local>
[2012/01/09 15:01:02 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} http://67.128.8.65:12088/WatSearCtrl.cab (WebGuard Control)
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\belarc - No CLSID value found
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2
:Files
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[emptyflash]
[emptyjava]
[resethosts]
[CreateRestorePoint]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run uninterrupted, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
 
On post # 10 I stopped just before your instructions of,
There is a proxy override setting from hell! We can handle that:
perhaps that is why I still have so much output. I stopped because I could not get around the error. Noting this just in case.

I'm flattered you refereed to my computer as a workstation and disappointed your help is nearing a end. How much do you think remote assistance or bringing my computer in will cost? I will consider reinstalling windows 7, I would like to back a few things up on my new HD but I am afraid it will become infected and don't want to install before I reinstall windows, thoughts? Also I think I would have a very hard time in finding a high level tech at a local computer shop am I wrong in this assumption? By the way I backed up important school work on google drive already.

I will change my firefox proxy setting as you stated in post 10 before running this OTL fix as I am now convinced was not a chronological ordered step instruction.

Ok that is done, note I did not run the post 10 custom script but I shall run the one in post 17 as I believe that is what you intend for me to do, lol I guess that is implied.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44f44034-6036-4f06-9336-74ec4620edab}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44f44034-6036-4f06-9336-74ec4620edab}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD7B9ADE-16DB-439E-B078-B09A42A29E13}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD7B9ADE-16DB-439E-B078-B09A42A29E13}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\skin folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\locale\en-US folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\locale folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome\content folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\chrome folder moved successfully.
C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Starting removal of ActiveX control {03C0000A-CF6D-4EF4-A2D6-376622318018}
C:\Windows\Downloaded Program Files\WatSearCtrl.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{03C0000A-CF6D-4EF4-A2D6-376622318018}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C0000A-CF6D-4EF4-A2D6-376622318018}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{03C0000A-CF6D-4EF4-A2D6-376622318018}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C0000A-CF6D-4EF4-A2D6-376622318018}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\belarc\ deleted successfully.
File Protocol\Handler\belarc - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\belarc\ not found.
File Protocol\Handler\belarc - No CLSID value found not found.
C:\Windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\1C4551A64743409391E41477CD655043.TMP folder deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder deleted successfully.
C:\Windows\64F6748976BB4CDDA236F954BE774B35.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\64F6748976BB4CDDA236F954BE774B35.TMP folder deleted successfully.
C:\Windows\6833245EDD86479A882A8360D62C8194.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\6833245EDD86479A882A8360D62C8194.TMP folder deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP folder deleted successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder deleted successfully.
C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP folder deleted successfully.
C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP folder deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder deleted successfully.
C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\DD1865F0AD7340FBB23E1822E02396FF.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:5C321E34 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Josh\Desktop\cmd.bat deleted successfully.
C:\Users\Josh\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes
User: Josh
->Temp folder emptied: 24030759 bytes
->Temporary Internet Files folder emptied: 2352452 bytes
->Java cache emptied: 23253846 bytes
->FireFox cache emptied: 944711571 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 8800688 bytes
User: OOG
->Temp folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->Flash cache emptied: 53632 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2098 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 12094297 bytes
RecycleBin emptied: 3738113893 bytes
Total Files Cleaned = 4,533.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: DefaultAppPool
->Flash cache emptied: 0 bytes
User: Josh
->Flash cache emptied: 0 bytes
User: OOG
User: Public
User: UpdatusUser
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: DefaultAppPool
User: Josh
->Java cache emptied: 0 bytes
User: OOG
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0.00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.42.2 log created on 05022012_092521
Files\Folders moved on Reboot...
C:\Users\Josh\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\_avast_\unp140293926.tmp moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
 
Please reboot the computer.

Then update Combofix and run it again. From OTM: Total Files Cleaned = 4,533.00 mb This is a huge number of files!

Let's see if this improved anything. The bad proxy override has been removed as were the current Alternate Data Streams.
Please leave the new Combofix log.
 
Alright but note I never did this as I was stalled by the error.
Please run this Custom CFScript:


Rebooted now rerunning combo fix. I am not running the custom fix I believe you are having me just run it again and hope it updates on its own this time. I over analyze I know.

Looks like it updated fine, but still produced a monster log

ComboFix 12-05-02.03 - Josh 05/02/2012 14:40:39.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4094.2721 [GMT -7:00]
Running from: c:\users\Josh\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Josh\AppData\Local\Temp\_MEI28962\_ctypes.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\_elementtree.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\_hashlib.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\_socket.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\_ssl.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\pyexpat.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\pysqlite2._sqlite.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\python26.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\pythoncom26.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\PyWinTypes26.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\select.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32api.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32com.shell.shell.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32crypt.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32event.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32file.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32gui.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32inet.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\win32process.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._controls_.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._core_.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._gdi_.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._html2.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._misc_.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._windows_.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wx._wizard.pyd
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxbase293u_net_vc.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxbase293u_vc.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxmsw293u_adv_vc.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxmsw293u_core_vc.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxmsw293u_html_vc.dll
c:\users\Josh\AppData\Local\Temp\_MEI28962\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-04-02 to 2012-05-02 )))))))))))))))))))))))))))))))
.
.
2024-11-03 12:06 . 2011-04-30 02:26 -------- d-----w- C:\DELL
2012-05-02 22:20 . 2012-05-02 22:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-05-02 22:20 . 2012-05-02 22:20 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2012-05-02 22:20 . 2012-05-02 22:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-02 16:25 . 2012-05-02 16:25 -------- d-----w- C:\_OTL
2012-04-30 20:48 . 2012-05-02 21:30 -------- d-s---w- c:\users\Josh\Google Drive
2012-04-30 20:30 . 2012-04-30 20:47 -------- d-----w- c:\program files (x86)\Google
2012-04-30 18:53 . 2012-04-30 18:53 -------- d-----w- c:\program files (x86)\ESET
2012-04-25 15:24 . 2012-04-18 10:03 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A7F9C7C-CE29-49D2-90EC-246628445AA5}\mpengine.dll
2012-04-25 14:24 . 2012-03-07 00:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-04-25 14:24 . 2012-03-07 00:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-04-25 14:24 . 2012-03-07 00:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-04-25 14:24 . 2012-03-07 00:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-04-25 14:24 . 2012-03-07 00:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-04-25 14:24 . 2012-03-07 00:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-04-25 14:24 . 2012-03-07 00:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-04-25 14:23 . 2012-03-07 00:15 41184 ----a-w- c:\windows\avastSS.scr
2012-04-25 14:23 . 2012-03-07 00:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-04-25 14:23 . 2012-04-25 14:23 -------- d-----w- c:\programdata\AVAST Software
2012-04-25 14:23 . 2012-04-25 14:23 -------- d-----w- c:\program files\AVAST Software
2012-04-21 06:56 . 2012-04-21 06:56 -------- d-----w- c:\programdata\Battle.net
2012-04-21 02:07 . 2012-04-21 08:40 -------- d-----w- c:\program files (x86)\Diablo III Beta
2012-04-17 05:00 . 2012-04-17 05:00 388096 ----a-r- c:\users\Josh\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-17 05:00 . 2012-04-17 05:00 -------- d-----w- c:\program files (x86)\Trend Micro
2012-04-16 03:32 . 2012-04-16 03:32 -------- d-----w- c:\windows\CheckSur
2012-04-12 05:31 . 2012-04-12 05:31 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-11 01:53 . 2012-04-11 01:53 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-04-11 01:51 . 2009-07-30 07:31 77824 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2012-04-11 01:51 . 2009-07-30 07:31 32768 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2012-04-11 01:51 . 2009-07-30 07:31 221184 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll
2012-04-11 01:51 . 2009-07-30 07:31 221184 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2012-04-11 01:51 . 2009-07-30 07:31 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2012-04-11 01:50 . 2009-07-29 16:31 610436 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-12 05:31 . 2011-07-10 14:32 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 22:56 . 2009-10-24 20:01 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 03:17 . 2010-02-14 21:38 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-02 03:15 . 2010-02-14 21:34 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-02 03:15 . 2010-02-14 21:34 281408 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-03-01 13:41 . 2010-02-14 21:34 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-03-01 01:23 . 2012-03-01 01:23 249856 ------w- c:\windows\Setup1.exe
2012-03-01 01:23 . 2012-03-01 01:23 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-03-01 00:02 . 2009-09-28 06:12 2660160 ----a-w- c:\windows\system32\nvapi64.dll
2012-02-29 21:00 . 2011-01-08 03:49 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
2012-02-29 21:00 . 2011-01-08 03:49 6074176 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-29 20:59 . 2011-01-08 03:48 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-29 20:59 . 2011-01-08 03:48 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-29 20:59 . 2009-09-28 01:22 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-02-29 20:26 . 2012-02-29 20:26 416064 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-02-24 17:36 . 2012-03-27 12:01 230952 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-02-23 17:18 . 2009-10-24 19:00 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-07 18:02 . 2012-02-07 18:02 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Cryptography Services Error !!
.
((((((((((((((((((((((((((((( SnapShot_2012-04-30_18.23.03 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-04-30 17:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-05-02 22:33 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-30 17:21 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-02 22:33 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-02 22:33 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-30 17:21 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-24 19:15 . 2012-05-02 21:32 48194 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-05-02 22:35 26326 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-10-24 18:46 . 2012-05-02 22:15 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-10-24 18:46 . 2012-04-24 15:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-05-02 22:15 . 2012-05-02 22:15 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-24 15:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-05-02 22:15 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-04-30 20:30 . 2012-04-30 20:30 25600 c:\windows\Installer\ae5f84.msi
+ 2009-10-24 19:08 . 2012-05-02 22:35 7382 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1737896416-2570679988-651388281-1000_UserData.bin
+ 2012-05-02 22:33 . 2012-05-02 22:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-30 17:09 . 2012-04-30 17:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-05-02 22:33 . 2012-05-02 22:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-30 17:09 . 2012-04-30 17:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-05-01 18:25 . 2012-05-01 18:25 413000 c:\windows\system32\FNTCACHE.DAT
- 2012-04-24 15:24 . 2012-04-24 15:24 413000 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 05:01 . 2012-05-02 22:32 395216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-04-30 05:54 395216 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-06-02 11:27 . 2012-05-01 23:48 7336828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1737896416-2570679988-651388281-1000-12288.dat
- 2010-06-02 11:27 . 2012-04-24 22:35 7336828 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1737896416-2570679988-651388281-1000-12288.dat
+ 2010-05-03 11:35 . 2012-05-02 22:32 25433584 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1737896416-2570679988-651388281-1000-8192.dat
+ 2012-04-30 20:47 . 2012-04-30 20:47 12035584 c:\windows\Installer\ae5f89.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Josh\AppData\Local\Akamai\netsession_win.exe" [2012-03-13 3331872]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-04-26 11397448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-30 116648]
R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-29 36864]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 253600]
R3 ATICDSDr;ATICDSDr;c:\users\Josh\AppData\Local\Temp\ATICDSDr.sys [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [x]
R3 cpuz130;cpuz130;c:\users\Josh\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\aeriagames\MetalAssault\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-30 116648]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 netr28ux;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\Dnetr28ux.sys [x]
R3 rt61x64;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\DRIVERS\WMP54Gv41x64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
R3 X6va005;X6va005;c:\users\Josh\AppData\Local\Temp\005CF5F.tmp [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-23 370024]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 ALSysIO;ALSysIO;c:\users\Josh\AppData\Local\Temp\ALSysIO64.sys [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 05:31]
.
2012-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-30 20:30]
.
2012-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-30 20:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-04-26 19:22 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-04-26 19:22 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-04-26 19:22 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-04-26 19:22 779776 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-01 1873288]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.3.1
FF - ProfilePath - c:\users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\8uduiojm.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z179&form=ZGAADF&install_date=20111104&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: signed.applets.codebase_principal_support - true
/* To avoid the user interaction, add the following lines: */
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_YAEL.id - hxxp://yael.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_LHOST.id - hxxp://localhost/
/* GLDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDE.id - hxxp://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WGLDE.id - hxxp://www.gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GLDEINT.id - hxxp://glde-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGLDE.id - hxxps://gamesflatrate.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSGLDE.id - hxxps://www.gamesflatrate.de/
/* BGFR */
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFR.id - hxxp://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBGFR.id - hxxps://linternaute.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BGFRINT.id - hxxp://bgfr-int.metaboli.fr/
/* BILD */
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILD.id - hxxp://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBILD.id - hxxps://bild.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BILDINT.id - hxxp://bild-int.metaboli.fr/
/* BTUK */
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUK.id - hxxp://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SBTUK.id - hxxps://btvision.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_BTUKINT.id - hxxp://bt-int.metaboli.fr/
/* CLIC */
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLIC.id - hxxp://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCLIC.id - hxxps://clubic.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CLICINT.id - hxxp://clic-int.metaboli.fr/
/* COUK */
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUK.id - hxxp://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WCOUK.id - hxxp://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSCOUK.id - hxxps://www.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCOUK.id - hxxps://metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_COUKINT.id - hxxp://uk-int.metaboli.fr/
/* MEDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDE.id - hxxp://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMEDE.id - hxxp://www.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDE.id - hxxps://metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDEINT.id - hxxp://de-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMEDE.id - hxxps://www.metaboli.de/
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://custompc.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk-int.metaboli.fr/
/* EUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUK.id - hxxp://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SEUUK.id - hxxps://eurogamer.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_EUUKINT.id - hxxp://euuk-int.metaboli.fr/
/* FUNR */
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNR.id - hxxp://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFUNR.id - hxxps://fun.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FUNRINT.id - hxxp://fun-int.metaboli.fr/
/* GONE */
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONE.id - hxxp://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGONE.id - hxxps://gameone.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GONEINT.id - hxxp://gone-int.metaboli.fr/
/* GUDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDE.id - hxxp://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGUDE.id - hxxps://gamerunlimited.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GUDEINT.id - hxxp://gude-int.metaboli.fr/
/* META */
FF - user.js: capability.principal.codebase.YummyPlayer_META.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_META.id - hxxp://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WMETA.id - hxxp://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETA.id - hxxps://metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WSMETA.id - hxxps://www.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT.id - hxxp://fr-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_METAINT2.id - hxxp://www.preprod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMETAINT2.id - hxxp://www.preprod.metaboli.fr/
/* MNDE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDE.id - hxxp://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNDE.id - hxxps://livegames.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNDEINT.id - hxxp://msde-int.metaboli.fr/
/* MNFR */
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFR.id - hxxp://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNFR.id - hxxps://livegames.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNFRINT.id - hxxp://msfr-int.metaboli.fr/
/* MNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUK.id - hxxp://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNUK.id - hxxps://livegames.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNUKINT.id - hxxp://msuk-int.metaboli.fr/
/* NCNU */
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNU.id - hxxp://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNCNU.id - hxxps://numericable.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NCNUINT.id - hxxp://ncnu-int.metaboli.fr/
/* QPUK */
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUK.id - hxxp://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SQPUK.id - hxxps://quintplay.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_QPUKINT.id - hxxp://qpuk-int.metaboli.fr/
/* SFFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFR.id - hxxp://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFR.id - hxxps://jeux-pc.sfr.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRM.id - hxxp://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSFFRM.id - hxxps://sfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFFRINT.id - hxxp://sfr-int.metaboli.fr/
/* SPDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDE.id - hxxp://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSPDE.id - hxxps://spieletipps.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPDEINT.id - hxxp://spde-int.metaboli.fr/
/* WOJ_ */
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_.id - hxxp://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_.id - hxxps://woj-prod.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_INT.id - hxxp://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_INT.id - hxxps://woj-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PP.id - hxxp://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PP.id - hxxps://woj-pp.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_PPINT.id - hxxp://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_PPINT.id - hxxps://woj-int.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_2.id - hxxp://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_2.id - hxxps://preprod-god.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WOJ_3.id - hxxp://prod.jeu.orange.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWOJ_3.id - hxxps://prod.jeu.orange.fr/
user_pref(capability.principal.codebase.YummyPlayer_XX0001.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0001.id,hxxp://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0002.id,hxxps://www.neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0003.id,hxxp://neufgame.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0004.id,hxxp://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0005.id,hxxps://ad.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0006.id,hxxp://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0007.id,hxxps://ads.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0008.id,hxxp://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0009.id,hxxps://ads.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0010.id,hxxp://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0011.id,hxxps://ads.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0012.id,hxxp://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0013.id,hxxps://ag.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0014.granted,UniversalXPConnect);
 
user_pref(capability.principal.codebase.YummyPlayer_XX0014.id,hxxp://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0015.id,hxxps://alice.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0016.id,hxxp://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0017.id,hxxps://allocine.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0018.id,hxxp://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0019.id,hxxps://am.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0020.id,hxxp://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0021.id,hxxps://aol.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0022.id,hxxp://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0023.id,hxxps://bc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0024.id,hxxp://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0025.id,hxxps://linternaute.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0026.id,hxxp://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0027.id,hxxps://bild.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0028.id,hxxp://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0029.id,hxxps://btvision.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0030.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0031.id,hxxp://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0032.id,hxxps://cg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0033.id,hxxp://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0034.id,hxxps://cibleclick.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0035.id,hxxp://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0036.id,hxxps://cegetel.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0037.id,hxxp://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0038.id,hxxps://choc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0039.id,hxxp://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0040.id,hxxps://cj.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0041.id,hxxp://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0042.id,hxxps://cj.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0043.id,hxxp://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0044.id,hxxps://cj.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0045.id,hxxp://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0046.id,hxxps://cj.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0047.id,hxxp://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0048.id,hxxps://metaboli.clubic.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0049.id,hxxp://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0050.id,hxxps://metaboli.club-internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0051.id,hxxp://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0052.id,hxxps://coeur.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0053.id,hxxp://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0054.id,hxxps://come.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0055.id,hxxp://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0056.id,hxxps://lesaccros2.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0057.id,hxxp://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0058.id,hxxps://surcouf.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0059.id,hxxp://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0060.id,hxxps://www.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0061.id,hxxp://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0062.id,hxxps://cs.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0063.id,hxxp://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0064.id,hxxps://custompc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0065.id,hxxp://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0066.id,hxxps://cvg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0067.id,hxxp://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0068.id,hxxps://daooda.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0069.id,hxxp://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0070.id,hxxps://daooda.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0071.id,hxxp://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0072.id,hxxps://daooda.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0073.id,hxxp://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0074.id,hxxps://digitaldownload.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0075.id,hxxp://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0076.id,hxxps://eurogamer.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0077.id,hxxp://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0078.id,hxxps://eurogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0079.id,hxxp://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0080.id,hxxps://exagame.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0081.id,hxxp://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0082.id,hxxps://fb.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0083.id,hxxp://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0084.id,hxxps://fb.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0085.id,hxxp://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0086.id,hxxps://fb.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0087.id,hxxp://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0088.id,hxxps://firstcoffee.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0089.id,hxxp://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0090.id,hxxps://fnac.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0091.id,hxxp://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0092.id,hxxps://fox.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0093.id,hxxp://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0094.id,hxxps://fox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0095.id,hxxp://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0096.id,hxxps://fox.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0097.id,hxxp://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0098.id,hxxps://free.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0099.id,hxxp://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0100.id,hxxps://funsta.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0101.id,hxxp://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0102.id,hxxps://funsta.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0103.id,hxxp://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0104.id,hxxps://metaboli.funradio.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0105.id,hxxp://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0106.id,hxxps://fastweb.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0107.id,hxxp://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0108.id,hxxps://god1.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0109.id,hxxp://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0110.id,hxxps://god2.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0111.id,hxxp://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0112.id,hxxps://god3.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0113.id,hxxp://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0114.id,hxxps://gamona.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0115.id,hxxp://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0116.id,hxxps://giga.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0117.id,hxxp://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0118.id,hxxps://gameseek.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0119.id,hxxp://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0120.id,hxxps://www.gamesflatrate.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0121.id,hxxp://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0122.id,hxxps://games24.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0123.id,hxxp://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0124.id,hxxps://ondemand.game.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0125.id,hxxp://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0126.id,hxxps://google.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0127.id,hxxp://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0128.id,hxxps://google.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0129.id,hxxp://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0130.id,hxxps://gameone.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0131.id,hxxp://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0132.id,hxxps://google.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0133.id,hxxp://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0134.id,hxxps://goog.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0135.id,hxxp://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0136.id,hxxps://google.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0137.id,hxxp://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0138.id,hxxps://gameplay.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0139.id,hxxp://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0140.id,hxxps://gamesonradar.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0141.id,hxxp://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0142.id,hxxps://gameshadow.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0143.id,hxxp://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0144.id,hxxps://gametap.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0145.id,hxxp://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0146.id,hxxps://gametap2.metaboli.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0147.id,hxxp://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0148.id,hxxps://gamespot.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0149.id,hxxp://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0150.id,hxxps://gamerunlimited.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0151.id,hxxp://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0152.id,hxxps://guts.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0153.id,hxxp://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0154.id,hxxps://gameswelt.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0155.id,hxxp://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0156.id,hxxps://gmx.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0157.id,hxxp://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0158.id,hxxps://hoaxbuster.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0159.id,hxxp://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0160.id,hxxps://incgamers.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0161.id,hxxp://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0162.id,hxxps://imbogames.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0163.id,hxxp://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0164.id,hxxps://ja.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0165.id,hxxp://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0166.id,hxxps://janews.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0167.id,hxxp://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0168.id,hxxps://jvfr.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0169.id,hxxp://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0170.id,hxxps://jeux-pc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0171.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0171.id,hxxp://kelkoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0172.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0172.id,hxxps://kelkoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0173.granted,UniversalXPConnect);
 
user_pref(capability.principal.codebase.YummyPlayer_XX0340.id,hxxp://sg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0341.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0341.id,hxxps://sg.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0342.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0342.id,hxxp://sg.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0343.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0343.id,hxxps://sg.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0344.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0344.id,hxxp://sg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0345.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0345.id,hxxps://sg.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0346.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0346.id,hxxp://shopping.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0347.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0347.id,hxxps://shopping.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0348.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0348.id,hxxp://shopping.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0349.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0349.id,hxxps://shopping.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0350.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0350.id,hxxp://shoot.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0351.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0351.id,hxxps://shoot.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0352.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0352.id,hxxp://shopping.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0353.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0353.id,hxxps://shopping.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0354.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0354.id,hxxp://spieletipps.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0355.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0355.id,hxxps://spieletipps.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0356.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0356.id,hxxp://sqoops.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0357.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0357.id,hxxps://sqoops.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0358.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0358.id,hxxp://tiscali.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0359.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0359.id,hxxps://tiscali.metaboli.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0360.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0360.id,hxxp://tradedoubler.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0361.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0361.id,hxxps://tradedoubler.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0362.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0362.id,hxxp://metaboli.tele2internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0363.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0363.id,hxxps://metaboli.tele2internet.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0364.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0364.id,hxxp://www.metaboli.fr:8889);
user_pref(capability.principal.codebase.YummyPlayer_XX0365.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0365.id,hxxps://www.metaboli.fr:8889);
user_pref(capability.principal.codebase.YummyPlayer_XX0366.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0366.id,hxxp://telecharger.tomsgames.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0367.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0367.id,hxxps://telecharger.tomsgames.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0368.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0368.id,hxxp://to-record.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0369.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0369.id,hxxps://to-record.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0370.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0370.id,hxxp://turbo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0371.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0371.id,hxxps://turbo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0372.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0372.id,hxxp://twenga.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0373.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0373.id,hxxps://twenga.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0374.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0374.id,hxxp://vc.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0375.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0375.id,hxxps://vc.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0376.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0376.id,hxxp://vc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0377.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0377.id,hxxps://vc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0378.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0378.id,hxxp://vc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0379.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0379.id,hxxps://vc.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0380.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0380.id,hxxp://videogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0381.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0381.id,hxxps://videogamer.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0382.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0382.id,hxxp://jeuxvideopc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0383.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0383.id,hxxps://jeuxvideopc.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0384.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0384.id,hxxp://virginmega.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0385.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0385.id,hxxps://virginmega.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0386.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0386.id,hxxp://virginmedia.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0387.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0387.id,hxxps://virginmedia.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0388.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0388.id,hxxp://metaboli.goa.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0389.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0389.id,hxxps://metaboli.goa.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0390.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0390.id,hxxp://webde.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0391.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0391.id,hxxps://webde.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0392.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0392.id,hxxp://metaboli.libero.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0393.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0393.id,hxxps://metaboli.libero.it);
user_pref(capability.principal.codebase.YummyPlayer_XX0394.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0394.id,hxxp://metaboli.goa.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0395.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0395.id,hxxps://metaboli.goa.com);
user_pref(capability.principal.codebase.YummyPlayer_XX0396.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0396.id,hxxp://jeuxvideo.orange.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0397.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0397.id,hxxps://jeuxvideo.orange.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0398.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0398.id,hxxp://yahoo.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0399.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0399.id,hxxps://yahoo.metaboli.de);
user_pref(capability.principal.codebase.YummyPlayer_XX0400.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0400.id,hxxp://yahoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0401.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0401.id,hxxps://yahoo.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0402.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0402.id,hxxp://yahoo.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0403.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0403.id,hxxps://yahoo.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0404.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0404.id,hxxp://yahooclic.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0405.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0405.id,hxxps://yahooclic.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0406.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0406.id,hxxp://zanox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0407.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0407.id,hxxps://zanox.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0408.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0408.id,hxxp://zavvi.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0409.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0409.id,hxxps://zavvi.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0410.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0410.id,hxxp://go.metaboli.fr);
user_pref(capability.principal.codebase.YummyPlayer_XX0411.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0411.id,hxxps://go.metaboli.fr);
/* added 17-03-09 */
user_pref(capability.principal.codebase.YummyPlayer_XX0412.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0412.id,hxxp://cnet.metaboli.co.uk);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.granted,UniversalXPConnect);
user_pref(capability.principal.codebase.YummyPlayer_XX0413.id,hxxps://cnet.metaboli.co.uk);
/* GWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDE.id - hxxp://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GWDEINT.id - hxxp://gwde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDE.id - hxxps://gwde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGWDEINT.id - hxxps://gwde.int.metaboli.fr/
/* GMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUK.id - hxxp://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMUKINT.id - hxxp://gmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUK.id - hxxps://game.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMUKINT.id - hxxps://gmuk.int.metaboli.fr/
/* CNET */
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNET.id - hxxp://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CNETINT.id - hxxp://cnet.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNET.id - hxxps://cnet.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCNETINT.id - hxxps://cnet.int.metaboli.fr/
/* IGUK */
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK.id - hxxp://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUKINT.id - hxxp://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK.id - hxxps://iguk.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUKINT.id - hxxps://iguk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGUK2.id - hxxp://Incgamers.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SIGUK2.id - hxxps://Incgamers.metaboli.co.uk/
/* SKFR */
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR.id - hxxp://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFRINT.id - hxxp://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR.id - hxxps://skfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFRINT.id - hxxps://skfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR2.id - hxxp://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR2.id - hxxps://Skyrock.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SKFR3.id - hxxp://ondemand.premium.games.skyrock.net/
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSKFR3.id - hxxps://ondemand.premium.games.skyrock.net/
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_FREEINT.id - hxxp://free-int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SFREEINT.id - hxxps://free-int.metaboli.fr/
/* GNUK */
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GNUK.id - hxxp://gamestation.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGNUK.id - hxxps://gamestation.metaboli.co.uk/
/* NEW MSN UK DE */
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNUK.id - hxxp://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNUK.id - hxxps://playnow.tech.uk.msn.com/
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_NEWMNDE.id - hxxp://pc-spiele-flatrate.msn.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SNEWMNDE.id - hxxps://pc-spiele-flatrate.msn.de/
/* VMUK */
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUK.id - hxxp://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUK.id - hxxps://virginmedia.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_VMUKINT.id - hxxp://vmuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SVMUKINT.id - hxxps://vmuk.int.metaboli.fr/
/* WDDE (web de) INT */
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_WDDEINT.id - hxxp://wdde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SWDDEINT.id - hxxps://wdde.int.metaboli.fr/
/* ORUK */
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUK.id - hxxp://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUK.id - hxxps://orange.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ORUKINT.id - hxxp://oruk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SORUKINT.id - hxxps://oruk.int.metaboli.fr/
/* MEDI int */
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MEDIINT.id - hxxp://medi.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.granted - UniversalXPConnect
 
FF - user.js: capability.principal.codebase.YummyPlayer_SMEDIINT.id - hxxps://medi.int.metaboli.fr/
/* SAT1 */
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1.id - hxxp://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1.id - hxxps://spieleflatrate.sat1.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SAT1INT.id - hxxp://sat1.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSAT1INT.id - hxxps://sat1.int.metaboli.fr/
/* OWDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDE.id - hxxp://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDE.id - hxxps://onlinewelten.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OWDEINT.id - hxxp://owde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOWDEINT.id - hxxps://owde.int.metaboli.fr/
/* GRAD INT */
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GRADINT.id - hxxp://grad.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGRADINT.id - hxxps://grad.int.metaboli.fr/
/* RTLN */
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLN.id - hxxp://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLN.id - hxxps://rtl.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_RTLNINT.id - hxxp://rtln.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SRTLNINT.id - hxxps://rtln.int.metaboli.fr/
/* MNIT */
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNIT.id - hxxp://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNIT.id - hxxps://pcgames.msn.it/
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNITINT.id - hxxp://mnit.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNITINT.id - hxxps://mnit.int.metaboli.fr/
/* CUUK */
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUK.id - hxxp://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUK.id - hxxps://atheneum.metaboli.co.uk/
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CUUKINT.id - hxxp://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCUUKINT.id - hxxps://cuuk.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_CCUK2.id - hxxp://atheneum.uk.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCCUK2.id - hxxps://atheneum.uk.com/
/* SCDE */
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SCDE.id - hxxp://schueler.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SSCDE.id - hxxps://schueler.metaboli.de/
/* MNSE */
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_MNSE.id - hxxp://spela.pcspel.msn.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SMNSE.id - hxxps://spela.pcspel.msn.se/
/* GMSE */
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GMSE.id - hxxp://game.metaboli.se/
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGMSE.id - hxxps://game.metaboli.se/
/* OHFR */
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR.id - hxxp://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR.id - hxxps://jeuxpc.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFRINT.id - hxxp://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFRINT.id - hxxps://ohfr.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHFR2.id - hxxp://ohfr.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHFR2.id - hxxps://ohfr.metaboli.fr/
/* OHDE */
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE.id - hxxp://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE.id - hxxps://pcspiele.orange.ch/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDEINT.id - hxxp://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDEINT.id - hxxps://ohde.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_OHDE2.id - hxxp://ohde.metaboli.de/
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SOHDE2.id - hxxps://ohde.metaboli.de/
/* GAMETAP */
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_GTUS.id - hxxp://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SGTUS.id - hxxps://www.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IGTUS.id - hxxp://integ.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_ISGTUS.id - hxxps://integ.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IIGTUS.id - hxxp://gtus.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_IISGTUS.id - hxxps://gtus.int.metaboli.fr/
FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPGTUS.id - hxxp://preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPSGTUS.id - hxxps://preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://unlimited-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://unlimited-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_PPPSGTUS.id - hxxp://retro-preprod.gametap.com/
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.granted - UniversalXPConnect
FF - user.js: capability.principal.codebase.YummyPlayer_SPPPSGTUS.id - hxxps://retro-preprod.gametap.com/
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va005]
"ImagePath"="\??\c:\users\Josh\AppData\Local\Temp\005CF5F.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1737896416-2570679988-651388281-1000\Software\SecuROM\License information*]
"datasecu"=hex:a6,3c,20,65,84,74,d3,b2,5e,76,6d,7d,31,4e,a7,35,63,18,5a,ca,66,
93,99,d8,1b,fd,f5,df,b8,88,83,7a,2c,7d,93,a4,8b,f7,b1,9a,9a,05,b8,22,ab,94,\
"rkeysecu"=hex:fe,99,c2,8a,da,a7,f4,1d,e1,87,b2,09,ea,48,1d,fc
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Completion time: 2012-05-02 15:41:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-02 22:41
ComboFix2.txt 2012-04-30 18:25
.
Pre-Run: 72,742,088,704 bytes free
Post-Run: 73,045,172,224 bytes free
.
- - End Of File - - 14611E085711992943A2FF348C03A3E2

I am not sure what yummy player is but I dont like it
 
I am not sure what yummy player is but I dont like it
Click to expand...

I found one other post with same entries from Oct. 2011: http://forums.malwarebytes.org/index.php?showtopic=98789

So I did a Yummy Player search. It's a game and I'd like you to check this: http://support.mozilla.org/en-US/questions/837925

It seems to me that if you have this game you'd know it or know you installed it. Check the reference site as there is a compatibility problem. It might be as simply as removing the plug in or extension from Firefox.

THIS is the section that I don't understand. It's coded into your Firefox. It is not normal entry! We getting better. Combofix removed some of the temp Python processes. Did I ask you about Python? I mean to. There is a whole block of Modules for temp Python entries.
 
Ah to bad they didn't respond to the helper in that first link. Oh yeah I believe its associated with gametap, however I haven't used that in some time(years?) and as far as I can tell its uninstalled. I did not see it in addons plugins or extensions, but I see gametap there with only the enable option I did a search on how to root them out with no luck. I do not want yummy player or game tap at all if you know of a way to get them out I'd do it in a heart beat. I would rather uninstall it but I will settle for making it run properly I suppose.

I really have no clue what Python is. I would not mind completely wiping firefox, it seems to be in a pretty sorry state. I have only changed a few things in its settings throughout the 3 years iv had this rig, mainly to increase security or block ads. For example adbrite was blasting me with underlined ads, I googled how to get rid of it and followed some instructions. That was a while ago I do not remember what the instructions were. I have only done minor tampering and it sounds like my firefox is doing some major stuff. I don't even know what a block of modules is, I assume its some sort of custom command or exception list in FF?

I just looked at FF on my uninstall list and see there are 2! I am kinda hoping this is not normal so we know this is the problem.

FF 12.0
FF 4.0.1

Logically I want to uninstall 4.0.1 right now but I will await your instruction.

Edit I just uninstalled gamers first maybe that will help might be associated with yummy.

EDIT2 couldn't wait uninstalled the old FF and it took both off, installed FF again looked on the uninstall list and 4.0.1 is gone.
 
Status
Not open for further replies.

Similar threads

BACKALLEYBUDDY
Windows 11 System Crashing and Corruption issues
Replies
5
Views
1K
BACKALLEYBUDDY
BACKALLEYBUDDY
C
Solved Malware \ProductData + possibly more, on two devices
Replies
4
Views
7K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni

Latest posts

Back