Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Running Slow - No Virus Found With Kasper

Started by Andre Silva , Jul 15 2013 06:44 AM

  • Please log in to reply

#1
Andre Silva
Posted 15 July 2013 - 06:44 AM

Andre Silva

    Member

  • Member
  • PipPipPip
  • 140 posts
Dear Experts,

I would like to request your help, please. My computer has been running slow, browsers often halting, and I am worried about malware. Kasper and MBAM have not found any infections. Could you please have a look at my log?

Thank you in advance!

OTL logfile created on: Jul/15/2013 9:26:28 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izilda\Desktop\Applications
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy

7.48 Gb Total Physical Memory | 4.57 Gb Available Physical Memory | 61.16% Memory free
14.96 Gb Paging File | 11.08 Gb Available in Paging File | 74.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 342.32 Gb Free Space | 59.13% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/12 15:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/07/12 13:24:26 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
PRC - [2013/07/09 23:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Izilda\Desktop\Applications\OTL (1).exe
PRC - [2013/07/04 15:53:48 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/07/02 09:17:20 | 000,064,008 | ---- | M] (Google) -- C:\Users\Izilda\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
PRC - [2013/05/26 01:50:18 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe
PRC - [2013/01/22 11:40:54 | 000,526,888 | ---- | M] (GAS Tecnologia) -- C:\Program Files (x86)\GbPlugin\gbpsv.exe
PRC - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
PRC - [2012/11/27 21:08:28 | 000,739,936 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/02/21 17:53:08 | 000,232,616 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
PRC - [2011/08/23 23:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/08/19 16:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/11 16:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/22 15:42:40 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/03/14 12:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 02:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 02:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 16:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/07/27 15:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET\ouc.exe
PRC - [2007/01/01 19:54:04 | 003,735,552 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
PRC - [2003/05/08 14:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:43 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:52 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 15:48:51 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/07/10 03:47:35 | 000,194,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\c9786062fbb311c543497e28c1e1a0c5\CustomMarshalers.ni.dll
MOD - [2013/07/10 03:21:43 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ea5ee4386d67f4b432a27c40fbff93c\System.Windows.Forms.ni.dll
MOD - [2013/07/10 03:21:37 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a1c174e579c9ad4e5b6eeed8a58a721b\System.Core.ni.dll
MOD - [2013/07/10 03:21:31 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4787bb699ed4291859fb86f15d793add\System.Drawing.ni.dll
MOD - [2013/07/10 03:21:26 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8a6d1c8abeb8eb82f06c7d075130cc67\System.ni.dll
MOD - [2013/07/10 03:12:26 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/04 15:53:48 | 003,285,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/05/26 12:53:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/11/28 13:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 13:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/26 17:11:27 | 000,842,240 | ---- | M] () -- C:\Program Files (x86)\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\js3250.dll
MOD - [2012/09/19 10:17:22 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\SEO PowerSuite\Rank Tracker\libs\ICE_JNIRegistry.dll
MOD - [2012/08/17 21:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/06/22 11:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2009/02/26 13:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 02:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/09/11 02:34:39 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/02/08 00:21:04 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/02/08 00:21:03 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/09/15 20:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/13 20:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/02 03:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 06:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/07/04 15:53:48 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/02 00:07:37 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 04:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/03/08 20:06:41 | 000,102,400 | ---- | M] ( ) [Auto | Running] -- C:\Program Files (x86)\Vono\Vono\Vono Manager.exe -- (Vono_Manager)
SRV - [2013/01/22 11:40:54 | 000,526,888 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Program Files (x86)\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012/11/27 21:12:44 | 000,479,840 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012/09/27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/05 09:08:16 | 000,032,672 | ---- | M] (Orolix Desenvolvimento de Software LTDA.) [Auto | Running] -- C:\Program Files (x86)\TIM Communicator\module\devicemon.exe -- (OrolixDeviceMonitor)
SRV - [2011/07/11 16:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 13:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/14 12:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2011/03/07 21:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/18 02:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010/11/26 11:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 14:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/06/25 14:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2012/10/25 15:51:44 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2012/08/23 11:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 11:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 11:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/08/02 15:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2012/06/19 17:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2012/03/26 13:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/08 00:21:04 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/02 13:23:22 | 000,223,744 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV:64bit: - [2011/10/14 05:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/15 20:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/15 19:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/09 10:51:02 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV:64bit: - [2011/09/09 10:51:00 | 000,098,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2011/09/09 10:51:00 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/08/29 21:58:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/29 21:58:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/22 13:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/19 12:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/07/12 18:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 20:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 20:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/04/15 18:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/15 18:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/24 21:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/18 02:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/18 02:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2010/12/16 05:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/21 00:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 00:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 13:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/07/27 08:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/06/25 14:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/03/20 11:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2010/02/18 13:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 18:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 18:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 18:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 17:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/10/09 12:29:58 | 000,046,440 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\gbpkm.sys -- (GbpKm)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...searchTerms}&r=
IE - HKCU\..\SearchScopes\{07748CE8-8E46-4C86-8586-D6A1C6C43B46}: "URL" = http://websearch.ask...0-B9D69A85CCD5
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0009439e56d1e06
IE - HKCU\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://websearch.4sh...q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{5D1E3CEC-F39F-465A-8D86-A8981406F57E}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...urceid=ie7&rlz=
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B87F8774F-B485-47E2-A755-A40A8A5E886D%7D:3.2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Izilda\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Izilda\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\gastecnologia.com.br/sf/cef: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll (GAS Tecnologia)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyb[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\[email protected] [2013/07/02 00:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{87F8774F-B485-47E2-A755-A40A8A5E886D}: C:\Users\Izilda\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2013/06/19 15:30:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/19 21:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Extensions
[2013/05/28 01:22:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions
[2013/04/13 06:09:35 | 000,000,000 | ---D | M] (Modulo de Seguranca - Banco do Brasil) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}
[2013/05/28 01:22:44 | 000,000,000 | ---D | M] (Guardiao Itau Unibanco) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
[2013/04/01 01:22:26 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\[email protected]
[2012/11/12 22:01:34 | 000,002,536 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\browsemngr.xml
[2012/11/12 22:01:34 | 000,002,536 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\mngr.xml
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/07/04 15:53:43 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/07/04 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/04 15:53:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/19 15:30:43 | 000,000,000 | ---D | M] (Modulo de Protecao - Caixa Economica Federal) -- C:\USERS\IZILDA\APPDATA\LOCAL\GAS TECNOLOGIA\GBBD\CEF\XPI
[2012/11/24 22:58:13 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Izilda\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Izilda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: Google Docs = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Safe Money = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Content Blocker = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtual Keyboard = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4292_0\
CHR - Extension: GBBD Caixa Economica Federal = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnjbodopomfddehlalfilheomcahbpei\3.2.0_0\
CHR - Extension: Gmail = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Izilda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\

O1 HOSTS File: ([2013/06/19 15:30:32 | 000,001,750 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 2 more lines...
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (4sharedExt) - {95525BD9-6136-4A26-8263-9CEE295D442D} - C:\Program Files (x86)\4shared Toolbar\4sharedExt64.dll File not found
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files (x86)\OpenSubtitlesPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (midicairus Toolbar) - {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O2 - BHO: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (4shared Toolbar) - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - C:\Program Files (x86)\4shared Toolbar\4sharedbar64.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (midicairus Toolbar) - {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (midicairus Toolbar) - {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ALLUpdate] C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Izilda\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [HW_OPENEYE_OUC_VIVO INTERNET] C:\Program Files (x86)\VIVO INTERNET\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Vidalia] "C:\Program Files (x86)\Vidalia Relay Bundle\Vidalia\vidalia.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8:64bit: - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O8 - Extra context menu item: Adicionar ao Antibanner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Advanced Email Extractor - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/page.html File not found
O8 - Extra context menu item: Scan link with AEE - res://C:\Program%20Files%20%28x86%29\Advanced%20Email%20Extractor%20PRO\AeePMsie.dll/link.html File not found
O9:64bit: - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Teclado Virtual - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Verificaçăo de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0211F5D2-0B48-4A83-8097-2D3C20677B0B}: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{894FB0E4-5432-4A2A-B791-AB7238B6F4E2}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DD97968-7B59-48B2-AA1F-E19CF22C8A45}: DhcpNameServer = 200.142.132.32 200.220.227.57
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E66EA923-D0B8-4739-A6C2-1045AE207BFE}: DhcpNameServer = 189.4.64.82 189.4.64.87 201.6.4.116
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/14 21:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{7F376A60-8057-4975-82C9-180BA8408DAA}
[2013/07/13 19:47:46 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\Duvidas Wordpress
[2013/07/13 10:55:48 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\novas
[2013/07/13 10:24:33 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{709002C6-B7E9-4A29-8A0D-2040B4508917}
[2013/07/12 13:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/07/12 13:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/07/11 11:16:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{E9036531-A395-48A3-B556-A01C5105455D}
[2013/07/10 11:09:17 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{DD55C85F-92B9-4220-BD77-13277D5A5792}
[2013/07/09 13:46:02 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B25A8061-FCC9-4919-B44A-070025B01448}
[2013/07/08 22:59:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{53856E5D-9584-47D1-9631-DE0605A13B5E}
[2013/07/07 21:12:27 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B7510D62-D963-4EAF-B157-4783E7A3153A}
[2013/07/06 13:35:55 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\ALL PICS
[2013/07/06 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{4150692B-F6FB-41F4-9145-C5641930319D}
[2013/07/05 14:32:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Desktop\beatriz
[2013/07/05 11:21:49 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{AB2FF86A-C266-47AC-BCBB-EBD57A5D516D}
[2013/07/04 15:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/07/03 09:01:50 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{3B7F2930-D7BD-4C60-9B5F-A050AF7C0C45}
[2013/07/02 01:33:44 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{8D726334-3E79-4320-B0E4-1C9C5EC5FBA5}
[2013/07/02 00:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013/07/01 23:50:48 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013/07/01 23:49:58 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013/07/01 23:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013/07/01 23:49:35 | 000,620,128 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/01 23:49:35 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/01 10:38:19 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{A0CF4E07-E9D0-4993-A759-16D96CB11B34}
[2013/06/29 11:30:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{49C35701-B107-49A4-B352-9E7DF7BBB4D6}
[2013/06/28 10:18:39 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{BC767DF4-05C2-41AF-BF2D-C211199EB61F}
[2013/06/27 18:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecurityXploded
[2013/06/27 18:05:25 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B8B60196-80CC-49A8-B6A0-DDBDBE0E26C4}
[2013/06/26 13:35:45 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{B4E8753A-8D27-4248-8129-6C5F98EDCA27}
[2013/06/25 11:22:07 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{CC2ED4AF-446C-4B8F-B5BD-35B945E06310}
[2013/06/24 22:36:03 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{259D12F7-8180-49B2-BB90-0C304CEB1436}
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/19 15:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen
[2013/06/19 15:48:42 | 000,029,712 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon2.dll
[2013/06/19 15:48:42 | 000,017,936 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui2.dll
[2013/06/19 15:48:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013/06/19 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\GAS Tecnologia
[2013/06/19 15:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\GAS Tecnologia
[2013/06/17 12:00:08 | 000,000,000 | ---D | C] -- C:\Users\Izilda\AppData\Local\{D73F723A-F813-4EC8-9DF9-03D27FD7F101}
[2013/06/15 19:21:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel
[2013/06/15 19:21:03 | 000,000,000 | ---D | C] -- C:\Users\Izilda\Documents\Corel

========== Files - Modified Within 30 Days ==========

[2013/07/15 09:24:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/15 08:53:38 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 08:53:38 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 08:53:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/15 08:49:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 08:48:37 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001UA.job
[2013/07/15 08:48:35 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/14 21:49:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/14 18:33:22 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/07/14 18:33:04 | 1728,237,567 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/13 19:31:06 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/13 19:31:06 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/13 19:31:06 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/13 15:53:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3190529940-644357419-2377663512-1001Core.job
[2013/07/13 11:04:26 | 000,001,456 | ---- | M] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/07/13 10:53:34 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/11 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2013/07/11 21:01:25 | 000,000,132 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2013/07/11 16:26:41 | 000,014,108 | ---- | M] () -- C:\Users\Izilda\Desktop\jponline.jpg
[2013/07/11 10:02:26 | 005,000,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/11 09:58:23 | 000,246,207 | ---- | M] () -- C:\Users\Izilda\.ranktracker.properties
[2013/07/04 18:40:13 | 000,374,934 | ---- | M] () -- C:\Users\Izilda\Desktop\circle_3.jpg
[2013/07/04 18:32:16 | 000,360,800 | ---- | M] () -- C:\Users\Izilda\Desktop\circle_2.jpg
[2013/07/04 18:29:57 | 000,417,946 | ---- | M] () -- C:\Users\Izilda\Desktop\circle_1.jpg
[2013/07/04 17:17:07 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIZILDA-HP$.job
[2013/07/03 11:48:42 | 000,004,096 | -H-- | M] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2013/07/03 11:20:00 | 000,181,747 | R--- | M] () -- C:\Users\Izilda\Desktop\LORENZZO.jpg
[2013/07/03 00:30:53 | 000,033,761 | ---- | M] () -- C:\Users\Izilda\Desktop\Como-fazer-Drenagem-Linfática-no-Rosto-1.jpg
[2013/07/02 01:44:43 | 000,001,292 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013/07/02 01:41:53 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013/07/02 00:43:20 | 000,002,277 | ---- | M] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:35:29 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2013/07/02 00:35:28 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2013/07/02 00:35:28 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys
[2013/07/02 00:35:27 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2013/07/02 00:08:55 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/07/01 23:50:49 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/07/01 10:18:36 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIzilda.job
[2013/06/25 02:11:26 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/19 15:48:40 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:30:45 | 000,012,679 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/06/19 15:30:42 | 000,720,594 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/19 15:30:32 | 000,001,750 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/06/17 15:01:52 | 000,183,185 | ---- | M] () -- C:\Users\Izilda\.spyglass.properties

========== Files Created - No Company Name ==========

[2013/07/11 16:26:39 | 000,014,108 | ---- | C] () -- C:\Users\Izilda\Desktop\jponline.jpg
[2013/07/04 18:40:05 | 000,374,934 | ---- | C] () -- C:\Users\Izilda\Desktop\circle_3.jpg
[2013/07/04 18:32:08 | 000,360,800 | ---- | C] () -- C:\Users\Izilda\Desktop\circle_2.jpg
[2013/07/04 18:29:48 | 000,417,946 | ---- | C] () -- C:\Users\Izilda\Desktop\circle_1.jpg
[2013/07/03 11:20:00 | 000,181,747 | R--- | C] () -- C:\Users\Izilda\Desktop\LORENZZO.jpg
[2013/07/03 00:30:52 | 000,033,761 | ---- | C] () -- C:\Users\Izilda\Desktop\Como-fazer-Drenagem-Linfática-no-Rosto-1.jpg
[2013/07/02 00:43:20 | 000,002,277 | ---- | C] () -- C:\Users\Izilda\Desktop\Banca Segura.lnk
[2013/07/02 00:42:08 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013/06/19 15:48:40 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/06/19 15:48:39 | 000,002,499 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk
[2013/06/19 15:30:43 | 000,720,594 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.exe
[2013/06/19 15:30:43 | 000,012,679 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\unins000.dat
[2013/05/30 22:17:35 | 000,183,185 | ---- | C] () -- C:\Users\Izilda\.spyglass.properties
[2013/05/08 00:04:57 | 000,009,327 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Comma Separated Values (Windows).EML
[2013/03/30 00:41:17 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/03/30 00:41:17 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2013/01/15 21:45:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\CCSETX64.SYS
[2012/12/24 19:41:11 | 000,009,330 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Microsoft Excel 97-2003.EML
[2012/11/17 01:07:04 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012/11/12 22:20:34 | 000,000,892 | ---- | C] () -- C:\Users\Izilda\AppData\Local\recently-used.xbel
[2012/10/15 13:50:32 | 000,004,096 | -H-- | C] () -- C:\Users\Izilda\AppData\Local\keyfile3.drm
[2012/09/26 16:32:48 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/09/24 00:32:08 | 000,001,456 | ---- | C] () -- C:\Users\Izilda\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/09/22 01:29:31 | 000,000,132 | ---- | C] () -- C:\Users\Izilda\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/09/20 03:19:56 | 000,246,207 | ---- | C] () -- C:\Users\Izilda\.ranktracker.properties
[2012/04/28 23:18:27 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/03/19 20:10:17 | 000,014,012 | ---- | C] () -- C:\Windows\hplj1010.ini
[2012/02/18 21:17:24 | 000,000,074 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/02/05 22:37:15 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/01/23 21:10:15 | 000,000,556 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012/01/14 19:37:01 | 000,000,477 | ---- | C] () -- C:\Users\Izilda\Desktop.lnk
[2011/10/06 14:22:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/10/06 14:14:52 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/10/06 14:02:42 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/08/29 22:40:04 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat

========== ZeroAccess Check ==========

[2009/07/14 01:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 02:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 01:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 22:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 22:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/05 23:59:11 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Ashampoo
[2013/01/15 21:52:42 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\AVG2013
[2012/04/08 00:20:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Babylon
[2012/01/15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Blio
[2012/12/16 22:50:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/06/19 15:36:34 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Downloaded Installations
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileOpen
[2013/06/14 02:05:55 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\FileZilla
[2013/03/15 17:16:39 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\MP3SkypeRecorder
[2013/06/19 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro
[2013/07/11 14:27:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Nitro PDF
[2012/04/10 20:28:33 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\OpenCandy
[2013/05/06 17:14:57 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Oracle
[2013/06/28 15:58:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\PrimoPDF
[2012/01/23 21:10:22 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\ScanSoft
[2013/01/07 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/15 00:38:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Stellarium
[2012/01/14 19:39:13 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Synaptics
[2013/03/06 10:38:30 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TeamViewer
[2012/09/19 02:18:29 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Thunderbird
[2013/01/15 21:45:05 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\TuneUp Software
[2013/07/02 00:03:46 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\uTorrent
[2012/12/15 10:30:12 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\VIVO INTERNET
[2013/03/08 20:13:09 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Vono
[2012/09/20 02:19:18 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\WildTangent
[2012/02/11 23:45:01 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
CompCav
Posted 15 July 2013 - 09:40 AM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
I am sorry but you have an illegal copy of Adobe products on your computer. This is a violation of our Terms of Use.

Go here to read Geekstogo Terms of Use and note in particular article 4 the items Illegal and Infringing of intellectual property rights (such as copyright and trademark rights).

The use of keygens means you have obtained your software illegally, and we will not help you. If you want help with installing any legal versions of software, we'd be happy to help you, but not with illegal copies. I will also warn you that the use of cracks/keygens is a very good way to infect your computer with malware, leading you to need our services in the malware forum.

Please remove all illegally obtained software from your computer if you want help from us.
  • 0

#3
Andre Silva
Posted 15 July 2013 - 11:01 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Dear CompCav,

Thank you for your reply. Could you please inform me what Adobe product is not legit on my computer? It is a shared computer, and I don't use nor do I need any Adobe softwares, or any illegal software for that matter. I will gladly uninstall if you are willing to assist me.

I appreciate your kind assistance and understanding.

Best regards,

André
  • 0

#4
CompCav
Posted 15 July 2013 - 11:07 AM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
The Adobe paid products. If you send me the Extras.txt file that came with your run of OTL I will list them out for you.


Regards,

CompCav
  • 0

#5
Andre Silva
Posted 15 July 2013 - 11:47 AM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Pardon my ignorance, CompCav, but I don't know how to find the Extras.txt file you have mentioned. Could you please elaborate? I will gladly send it to you as I want to make sure my computer is clean of any unwanted/illegal software.

Thank you again,

André

Edited by Andre Silva, 15 July 2013 - 11:50 AM.

  • 0

#6
CompCav
Posted 15 July 2013 - 01:05 PM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
It should be in the Applications folder on your desktop.


C:\Users\Izilda\Desktop\Applications



Regards,

CompCav
  • 0

#7
Andre Silva
Posted 15 July 2013 - 03:19 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Dear CompCav,

Here is the list of folders in my "Applications" root:

Adobe CS5
Antivirus
BC Webcam
como.criar.uma.loja.virtual
Corel X6 NEW
FTP
Rank Check
Rank Tracker

Please let me know what I need to uninstall in order to be in agreement with all your terms. Once again, I thank you for your time and consideration. This computer is shared with a young sibling and I don't want to have anything that is not legal installed.

Thank you,

André
  • 0

#8
CompCav
Posted 15 July 2013 - 03:27 PM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
I need the whole extras.txt file so please put OTL on your desktop.


Then re-open OTL

  • Vista /7 users right click and click Run as Administrator. Make sure all other windows are closed .
  • You will see a console like the one below:

Posted Image

  • At the top of the console click the greyed out None button.<---Very Important
  • Make sure the Output box at the top is set to Standard Output.
  • In the Extra Registry section, click the Use Safelist button.<---Very Important
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted. The scan won't take long.
  • When the scan completes, it will open a notepad window, Extras.Txt. It is saved in the same location as OTL.


Post the entire log in your next reply.
  • 0

#9
Andre Silva
Posted 16 July 2013 - 12:00 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Dear CompCav,

Here is the Extras.txt log as requested. Waiting for your next reply and instructions on how to proceed.

Thank you.

OTL Extras logfile created on: Jul/16/2013 2:56:29 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Izilda\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MMM/d/yyyy

7.48 Gb Total Physical Memory | 4.11 Gb Available Physical Memory | 54.96% Memory free
14.96 Gb Paging File | 10.11 Gb Available in Paging File | 67.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.92 Gb Total Space | 340.23 Gb Free Space | 58.77% Space Free | Partition Type: NTFS
Drive D: | 16.96 Gb Total Space | 1.86 Gb Free Space | 10.95% Space Free | Partition Type: NTFS
Drive E: | 3.42 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: IZILDA-HP | User Name: Izilda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047DAC6B-DD59-4A6F-AA97-E2C44C3941B7}" = lport=139 | protocol=6 | dir=in | app=system |
"{081FB466-6D11-40DB-9D51-B1ED1A22A7DF}" = lport=445 | protocol=6 | dir=in | app=system |
"{0882D903-2602-4A9A-BF52-B8C720B5C42D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0DE04776-E1A2-42F3-9911-49E9A6673213}" = lport=138 | protocol=17 | dir=in | app=system |
"{10B612F9-4F01-4F5F-9C9B-728AF2102EE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{190FF045-F90F-4606-A0F5-7FA725A1E773}" = rport=138 | protocol=17 | dir=out | app=system |
"{195F1AB1-A6FE-44B1-9D27-0F11985267C1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{24B9FA7C-BB8A-4711-9E69-5A06BD033340}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2C1BF910-CFD9-4A73-AC45-8F0EC021F8B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31D921CA-FFB4-4409-AD53-CA83AEB3684D}" = lport=137 | protocol=17 | dir=in | app=system |
"{4D48B4FB-FC56-480F-A15F-08279EA209DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{664F4ADD-1F44-4BDE-BF43-17A912DB37A8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{73EDDA0C-446D-4109-B9BD-A07E95FFE450}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{84C949BA-ED37-4A3B-A450-66F66E41F84F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{885F4752-954A-4446-B0FB-DC0027122D67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9432900-FE55-48CA-AF62-E643B617A2CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9AF81E3-F811-4440-9569-2B6C9B82B72A}" = rport=137 | protocol=17 | dir=out | app=system |
"{BADB4D96-6331-433C-B34C-709CB447BDBF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C27EA718-79C0-4281-A6A1-48EE8A20829E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4B9B12B-F77F-4D88-8D27-E1B8D918FD5F}" = rport=139 | protocol=6 | dir=out | app=system |
"{C4E5B854-AFA0-487A-9007-39D179DFB865}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{C6F5852B-0EAC-4FA1-8A26-BB77EB76B35F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CCC799B3-C592-4952-8D2A-3E56623FD58B}" = rport=445 | protocol=6 | dir=out | app=system |
"{D08DCC11-D2E8-4577-8111-7E0D8C0829CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5B4E25C-AAEC-4DF6-803C-5551F8B23EAC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F01B11A3-F0DD-4B8A-AD71-2BEC654D9309}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{F117D627-B9D2-45DE-8D1D-E4D70544FBA9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FF23FA-C03F-41F6-B672-A1158C053358}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0744E39B-86B3-416A-9C45-7EBD613B6203}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{0832F537-B5DE-4BA7-B186-41EC8A9824C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08973A45-3B92-4242-878A-955222FF61F7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{14186D9D-8EC5-40DE-8623-53F2206CA127}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1BE2C065-43CD-482A-8A92-B1BD569245E6}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{20E612F3-411F-42DB-A07C-9A197F17FCB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22C06670-346E-4E35-A9F2-8B34834EDEA9}" = protocol=1 | dir=in | [email protected],-28543 |
"{2470AE16-97FA-4A69-8FA8-7894489A4927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{27199C01-4CD9-42ED-A90C-59C0D76E185D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C2B16D8-D58B-40FA-A10E-78369D778C63}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{2C2F152A-4331-4A2E-BC2F-B541409BA08F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2D82F084-CA4E-4BB9-8BC6-47237D2B0077}" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"{32986BDF-CA71-49C3-92AE-78DA43E5F8AF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{32DE1494-A10D-4CF1-82DB-A92EBC8045F2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{393DBC08-7B97-4EA8-AA87-DA6812742653}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{41C0F111-8573-40E2-951C-9858B129C2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{4549B367-09C1-4D9B-B30D-BBBFD84F5F53}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{46BB3EBE-9F13-4A65-9D80-34BBBFF606CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47768F4A-36F0-4F72-9B36-58A8BEC9A50E}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{48A1A8C6-B484-413B-BB30-3CCEBD626CDE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{499DC023-98F4-4B2D-BD16-8F51F96B0EE1}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{49B7A486-67BE-4E17-9AE0-C534D6151D8A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{54209224-6486-423F-BDB0-F2C45A8338E0}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3bcb\hpdiagnosticcoreui.exe |
"{61046B67-7694-403D-A4C1-03A50B3E77B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{61FB4DDD-E966-4DBC-8192-A88A7C801EEA}" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"{63408D47-6BF4-486E-B25A-C559C573A235}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{650C1EAF-6645-4C3A-B90F-BC10567E39B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6A0D444A-DBAD-413C-B341-A97828CB2483}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6BC24416-D0F9-43A6-991D-20067DC59B89}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{6E58916B-DFE0-4084-9688-2A14405ABF7E}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{75B60678-3F70-442A-A465-F1300CE55F9A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76DEAA23-05BD-4C77-BDEA-272CAB548797}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{78633346-747B-48D9-AF66-1D90B6AEB755}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3ff4\hpdiagnosticcoreui.exe |
"{7A9C1DBA-BEA9-418A-86D8-92F86E4499BC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{7F49C17A-969E-4D4C-815D-2C8E5DA5B723}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{841064A0-DD32-425E-BC26-38AA4ED88090}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86A1D3B3-C426-4AB9-8B94-5B5514DE8A7A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{86A68234-BDE7-4E8A-AFC9-CB44BF0C1B23}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs49ef\hpdiagnosticcoreui.exe |
"{86DA8AA0-5D9B-47C6-AF67-BCFFBBE1B5CD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8BC4627F-4ECC-4378-BD81-B2816F0DB921}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8C747E2F-1D76-4E4A-B216-ABFD9EBE39DB}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs485a\hpdiagnosticcoreui.exe |
"{94A39B87-F510-4FFB-97E2-B0CCE678F059}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A707C84A-D1E0-4733-A1F4-AF6BC6CF44C0}" = protocol=58 | dir=in | [email protected],-28545 |
"{A8D4FAD6-7A67-4A71-8F1C-48490820AF86}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{AA22F5D6-E1ED-478E-8DA0-9B244E263DCC}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{AFAFF6A5-D3ED-4CBA-BCAE-732E1CB1D2E7}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs485a\hpdiagnosticcoreui.exe |
"{B2A4F6D9-8369-4D6A-AC17-B188DEC22635}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3bcb\hpdiagnosticcoreui.exe |
"{B2F21455-CDE6-4519-8997-8DAD81F738B5}" = protocol=17 | dir=in | app=c:\program files (x86)\searchresults\dtuser.exe |
"{BCF46097-2EDB-4ADA-B576-7442714B4FBD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C225BBC8-0D89-4AF5-8083-5CAAB5273696}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{C27207AC-B657-4E51-B683-478E4A7812E1}" = dir=in | app=c:\users\izilda\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C2C44D80-846C-42E2-9E8B-3E9FDE0D36EE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C2F2DEEF-BFCF-4FA3-BDDD-EA3AF27A0478}" = protocol=6 | dir=out | app=system |
"{CD7C22F4-F4C9-428D-970E-D352CA9AF695}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
"{D0718773-F0AA-4D44-8985-FB25ABB7C338}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{D1E5B989-E070-4343-9846-ADDBFD7B7EB4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB13E1D9-2537-46EF-9C7E-B255F6A45E15}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB45E44B-A2B0-4D54-BFD6-1D4913D03E04}" = protocol=58 | dir=out | [email protected],-28546 |
"{E44A6FD6-BD52-4B5C-9D38-5E634DD7BE9D}" = protocol=1 | dir=out | [email protected],-28544 |
"{E48E7E5E-590C-471D-8C6B-255DE95632BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E535F2FB-1F7F-41BF-93E1-AFC052848B7D}" = protocol=6 | dir=in | app=c:\program files (x86)\searchresults\dtuser.exe |
"{E7806723-D13D-478B-8824-135ACABE4283}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E9132731-9CB3-4DD9-A65C-63BBF1FD2010}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EC6AA108-6172-474D-B55E-BD4801EC788A}" = protocol=6 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs3ff4\hpdiagnosticcoreui.exe |
"{F0914BBC-DC13-4797-8810-163E54F4FA79}" = protocol=17 | dir=in | app=c:\users\izilda\appdata\local\temp\7zs49ef\hpdiagnosticcoreui.exe |
"{F89D8123-9C57-4D1F-80CB-A45F09C0518C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{FA36F8F7-6579-4DE8-BA01-A77CD7CD88FB}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"TCP Query User{066F045E-BA38-462E-99F7-4E313F8F4AD5}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe |
"TCP Query User{116B434C-876A-47B0-9137-C705480B62C6}C:\program files (x86)\vidalia relay bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia relay bundle\tor\tor.exe |
"TCP Query User{270748A8-36BB-4A3F-BD35-1A037D1958F1}C:\program files (x86)\cain\cain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"TCP Query User{44EE40A1-1014-4814-8140-06DAF593DE92}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{83DE9CF2-05D4-4E15-B7C8-4F063839E228}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"TCP Query User{93757994-E8F3-48BD-BE9F-058E764336DE}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{9894D36B-CEFA-4F80-84AF-8E55BC7428CC}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=6 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"TCP Query User{9F1A7D8E-A265-4246-B026-6F69D5495520}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"TCP Query User{B45E1660-5987-44CB-8269-95B8C415CFD3}C:\program files (x86)\vono\vono\vono.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"TCP Query User{B9C407F4-5253-4726-9BAB-0E1C3E8CEAA4}C:\program files (x86)\vono\vono\vono.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"UDP Query User{285FAAA9-BF6C-4EC4-87D1-AB17A867B156}C:\program files (x86)\vono\vono\vono.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |
"UDP Query User{2F7CA29A-C461-4BEE-8FA2-A15FC19A858C}C:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mp3 skype recorder\mp3 skype recorder.exe |
"UDP Query User{4BAAD0B2-4158-4A3B-8FF6-FD8E8C31D60A}C:\program files (x86)\vidalia relay bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia relay bundle\tor\tor.exe |
"UDP Query User{8B98068F-D309-48A4-8212-11F4FBED4265}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"UDP Query User{B5182445-81B6-4863-8F6E-4DB409F208A2}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{CE2FB06C-EAEA-401C-B8F6-0C719C597ACD}C:\program files (x86)\voip recorder\voiprecorder.exe" = protocol=17 | dir=in | app=c:\program files (x86)\voip recorder\voiprecorder.exe |
"UDP Query User{D3AADE08-6F72-4DD4-BA1A-C908F69CFC02}C:\program files (x86)\cain\cain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"UDP Query User{DDF691BF-0E0A-4D1B-B727-3DFA4BFD338F}C:\program files (x86)\vidalia bridge bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bridge bundle\tor\tor.exe |
"UDP Query User{EA79CD8E-6132-48C5-B8C5-F7506064272D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{EFCD6E70-3783-4078-B583-4098DBBA5AFE}C:\program files (x86)\vono\vono\vono.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vono\vono\vono.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java™ 6 Update 24 (64-bit)
"{26AF7BC7-DB35-B7C5-3169-29BC62835C48}" = AMD Fuel
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}" = Nitro Reader 3
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5601F151-A69F-4E30-8C60-37928124CD07}" = HP 3D DriveGuard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{71F13BA8-96D0-F281-6473-196A5842C6CF}" = ccc-utility64
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{942836D4-5395-652B-F1E8-A7C5B039910C}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CB1A2FE6-2BDF-DECC-C91B-4E5FFD59C5D6}" = WMV9/VC-1 Video Playback
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PDF Creator" = PDF Creator
"Stellarium_is1" = Stellarium 0.12.0
"SynTPDeinstKey" = Synaptics TouchPad Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
".IAP{0000.0000.0005.0001}" = Vono
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C262D84-FFA4-4621-8ED7-41F8287369F5}" = Google Apps Migration For Microsoft Outlook® 2.3.12.34
"{0D1B9D71-7EB6-70DA-DB23-E14F59A14E1D}" = AMD VISION Engine Control Center
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DC33570-D9E6-9189-7143-612F34DC317B}" = CCC Help Danish
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F69006A-CD2F-4C12-A786-C659C8F98423}" = Catalyst Control Center - Branding
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15822027-43D3-C69F-40EF-2AF83AA781AA}" = CCC Help English
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1D04A14D-6C97-19C1-CA9D-FDDE5EAE1026}" = CCC Help Chinese Standard
"{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}" = HP Quick Launch
"{28FE073B-1230-4BF6-830C-7434FD0C0069}" = HP Software Framework
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B37E43D-10AB-9D24-7234-31929A3A7D11}" = CCC Help German
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33530062-0419-71CE-3BD3-13D7D5E4C7DE}" = CCC Help French
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1" = Módulo de Segurança - Banco do Brasil
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{388A15E4-7507-CD40-4DBA-F78B4BBEB56E}" = CCC Help Japanese
"{442D8477-F1A6-4C62-8F89-D5BCDF81A298}" = bcWebCam
"{448B78CF-4A52-191D-1436-54D039B382DB}" = CCC Help Spanish
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{521FA973-C4C9-249D-5CF6-0A6F7B18F7DC}" = CCC Help Greek
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Anti-Virus 2013
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1" = Módulo Adicional de Segurança CAIXA
"{5ED3BAF3-DA06-038D-F21E-AB35404626D4}" = CCC Help Dutch
"{60C44315-A107-D3F6-B868-52AC0481ED6B}" = CCC Help Finnish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6522241B-09FE-B16D-0E23-9485424507EB}" = CCC Help Korean
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68EAD428-8B16-4CE3-832B-6E63B11852C0}" = VOIP Recorder
"{6A061262-C2B2-78E2-9BF8-32D3BDD68C43}" = Catalyst Control Center InstallProxy
"{6B075E9F-4D23-0883-F66C-C698E949CD90}" = Catalyst Control Center Graphics Previews Common
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{794A3AB9-DB12-1115-33B2-29C5DDD1DCD4}" = CCC Help Chinese Traditional
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager
"{803E2C5C-E39B-BEBA-4046-6C0CF7695DA4}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9325A80A-C2B4-141E-952E-30589770A79B}" = CCC Help Turkish
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EAAB95B-17B6-43CF-B4E9-4A90937C83FD}" = Blio
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7393DB5-6CAB-70A7-4A5E-C96AF518858A}" = Catalyst Control Center Localization All
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C3579810-5AC8-545D-089D-6735792490B5}" = CCC Help Thai
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C79312BD-3E76-4474-A10C-1435D1856A4B}" = Adobe Dreamweaver CS5
"{C915103C-F9E5-8989-233C-367DCFB07652}" = CCC Help Italian
"{CB606F47-7D0E-40DF-95BB-0E5413A1295F}" = MP3 Skype Recorder
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE8EF688-BD0E-29E2-3472-E23CC6AB0C98}" = CCC Help Polish
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D811186E-06BC-F7D3-E10B-4C7450F88611}" = CCC Help Swedish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E44578C7-4667-4124-8BC2-1161BCA54978}" = HP Power Manager
"{E45832B8-C3E6-C26B-A038-4599DCAC1F17}" = CCC Help Norwegian
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F023440E-6D03-1AB2-1414-27A62074556C}" = CCC Help Portuguese
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F7A9EFFB-F905-FA4D-A431-06B1E0A5EE5A}" = CCC Help Czech
"{F92679BF-CA1F-4DD3-8269-A40A9AD873B1}" = Google Apps Sync™ for Microsoft Outlook® 3.2.353.947
"{FD8966E8-8227-9180-51D2-F1C75D3222B8}" = CCC Help Russian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced Email Extractor PRO" = Advanced Email Extractor PRO
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"Ashampoo Burning Studio 12_is1" = Ashampoo Burning Studio 12 v.12.0.1
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ColorMania_is1" = ColorMania 3.2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"EasyBits Magic Desktop" = Magic Desktop
"ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5" = Receitanet
"Files Opened" = Files Opened
"FileZilla Client" = FileZilla Client 3.7.0.2
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IRPF2012" = IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"midicairus Toolbar" = midicairus Toolbar
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenSubtitlesPlayer_is1" = OpenSubtitlesPlayer V4.X
"OrolixCommunicator" = TIM Communicator
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PROPLUS" = Microsoft Office Professional Plus 2007
"searchresults" = Search Results Toolbar
"seopowersuite" = SEO SpyGlass
"TeamViewer 8" = TeamViewer 8
"uTorrent" = µTorrent
"VIVO INTERNET" = VIVO INTERNET
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - Jan/23/2013 6:49:40 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/24/2013 8:29:44 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/24/2013 9:05:37 AM | Computer Name = Izilda-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - Jan/24/2013 10:05:34 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 7:29:38 AM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 1:14:25 PM | Computer Name = Izilda-HP | Source = Application Hang | ID = 1002
Description = The program Dreamweaver.exe version 11.0.0.4909 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1c64 Start
Time: 01cdfb1f588caf51 Termination Time: 24 Application Path: C:\Program Files (x86)\Adobe\Adobe
Dreamweaver CS5\Dreamweaver.exe Report Id: 9d90840f-6712-11e2-8254-101f741bcc01

Error - Jan/25/2013 1:36:01 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 8:36:58 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

Error - Jan/25/2013 10:31:12 PM | Computer Name = Izilda-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - Jan/26/2013 4:47:50 PM | Computer Name = Izilda-HP | Source = WinMgmt | ID = 10
Description =

[ Hewlett-Packard Events ]
Error - Jun/4/2012 11:42:03 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 4000
Description =

Error - Sep/2/2012 4:11:22 PM | Computer Name = Izilda-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/14cdefc7_b061_4539_971f_3b07cf761139/mdx9qbih4mrkm2ps38st2ds5_5.rem' has
been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 7658 Ram Utilization: TargetSite: Void UpdateDetail(System.String)

Error - Sep/10/2012 10:07:32 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 4000
Description =

Error - Nov/19/2012 8:59:37 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 8:59:51 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 10:13:50 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 11:14:26 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/19/2012 11:40:35 AM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 7658
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - Nov/25/2012 3:45:57 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
7658 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

Error - Nov/25/2012 3:45:57 PM | Computer Name = Izilda-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
7658 Ram Utilization: TargetSite: Void loadActiveCheckResult(Boolean)

[ HP Connection Manager Events ]
Error - Jul/9/2013 12:50:26 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/09 01:50:26.871|000019F4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/10/2013 2:39:01 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/10 03:39:01.157|0000149C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/11/2013 8:59:57 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/11 09:59:57.661|000018D0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/12/2013 11:46:15 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 00:46:15.698|00001850|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 3:38:29 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 16:38:29.938|00001BB4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 3:38:36 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 16:38:36.619|00001BB4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 5:49:55 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 18:49:55.564|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/13/2013 5:49:56 PM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/13 18:49:56.687|0000109C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 9:55:36 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 10:55:36.089|0000124C|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

Error - Jul/16/2013 10:03:59 AM | Computer Name = Izilda-HP | Source = hpCMSrv | ID = 5
Description = 2013/07/16 11:03:59.667|00000E24|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]

[ HP Software Framework Events ]
Error - Nov/12/2012 7:46:35 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/12 09:46:35.940|0000158C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/12/2012 1:16:09 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/12 15:16:09.228|00001548|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/13/2012 9:30:33 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/13 11:30:33.228|000011DC|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/15/2012 10:46:46 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/15 12:46:46.715|000012B4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/16/2012 9:31:13 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/16 11:31:13.981|0000148C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/16/2012 8:45:03 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/16 22:45:03.283|000011C0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/17/2012 10:10:46 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/17 12:10:46.525|00001290|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/18/2012 3:49:42 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/18 17:49:42.724|00000F58|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/18/2012 7:23:35 PM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/18 21:23:35.522|000011A8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - Nov/19/2012 7:46:09 AM | Computer Name = Izilda-HP | Source = CaslWmi | ID = 5
Description = 2012/11/19 09:46:09.273|000013B8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

[ OSession Events ]
Error - Jun/27/2013 1:06:20 PM | Computer Name = Izilda-HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 65563
seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - Jul/8/2013 2:08:28 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/8/2013 4:01:58 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/8/2013 8:40:02 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/8/2013 10:12:45 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/10/2013 2:19:12 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - Jul/10/2013 2:56:52 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:41 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:42 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/10/2013 3:27:43 PM | Computer Name = Izilda-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - Jul/12/2013 1:09:09 PM | Computer Name = Izilda-HP | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.


< End of report >

Edited by Andre Silva, 16 July 2013 - 12:00 PM.

  • 0

#10
CompCav
Posted 16 July 2013 - 03:41 PM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
Step 1

Please uninstall the following programs, they are not legal or are causing errors:

Adobe AIR
Adobe Dreamweaver CS5
Adobe Community Help
Adobe Media Player
Adobe Photoshop CS5
PDF Settings CS5


Please uninstall these they are out of date or adware related:

Google Toolbar for Internet Explorer
Java™ 6 Update 24 (64-bit)
Java Auto Updater
Ask Toolbar
Search Results Toolbar



Step 2


P2P Warning!:

IMPORTANT I have noticed that there are signs of uTorrent P2P (Peer to Peer) File Sharing Program on your computer.

As long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.

Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
infoworld

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove this program, you can do so via Start > Control Panel > Add/Remove Programs.

If you wish to keep them, please do not use either of them until your computer is cleaned.




Step 3

  • Please reopen Posted Image on your desktop by right clicking and selecting Run as administrator.
  • Copy and Paste the following code into the Posted Image textbox.

    :Commands
[createrestorepoint]


:OTL
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\URLSearchHook: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{07748CE8-8E46-4C86-8586-D6A1C6C43B46}: "URL" = http://websearch.ask...0-B9D69A85CCD5
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0009439e56d1e06
IE - HKCU\..\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}: "URL" = http://websearch.4sh...q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = http://www.ask.com/w...q={searchTerms}
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
[2013/04/01 01:22:26 | 000,010,043 | ---- | M] () (No name found) -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\[email protected]
[2012/11/12 22:01:34 | 000,002,536 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\browsemngr.xml
[2012/11/12 22:01:34 | 000,002,536 | ---- | M] () -- C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\mngr.xml
[2012/11/24 22:58:13 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (midicairus Toolbar) - {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O2 - BHO: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (4shared Toolbar) - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - C:\Program Files (x86)\4shared Toolbar\4sharedbar64.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (midicairus Toolbar) - {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Results Toolbar) - {fa63398e-322b-4833-9af3-15837ad12138} - C:\Program Files (x86)\searchresults\searchresultsDx.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (midicairus Toolbar) - {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - C:\Program Files (x86)\midicairus\prxtbmidi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [RegWork] C:\Program Files (x86)\RegWork\RegWork.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell\AutoRun\command - "" = G:\autorun.exe
O33 - MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\Shell\Option1\Command - "" = G:\autorun.exe
O33 - MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\Shell - "" = AutoRun
O33 - MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
[2012/04/08 00:20:25 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\Babylon
[2012/04/10 20:28:33 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\OpenCandy
[2013/07/02 00:03:46 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\uTorrent


:files
C:\Program Files (x86)\Adobe\Adobe Photoshop CS5
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5
ipconfig /flushdns /c


:reg


:Commands
[purity]
[resethosts]
[emptytemp]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 4

Download CKScanner from here

Important : Save it to your desktop.
  • Right click and select Run as administrator CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Step 5

Please post:

  • OTL fix log
  • CKFiles.txt log



Please confirm you have uninstalled all the above programs.


Finally tell me what issues you are currently experiencing with your computer.
  • 0

Advertisements

#11
Andre Silva
Posted 16 July 2013 - 06:09 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Hello CompCav,

I have uninstalled all programs informed. Below are the logs as requested.

The reason for my contact is I felt my computer was running sluggish. No particular reason other than halting browsers (FireFox) and a few instances where Java requested to be installed again although the latest version was already installed. Since this is a shared computer, I feared malware and decided to contact you.

Thank you again for your valuable time and invaluable assistance.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{efb1e45a-148d-40f9-a3f0-09d5577f9970} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\ deleted successfully.
C:\Program Files (x86)\midicairus\prxtbmidi.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{efb1e45a-148d-40f9-a3f0-09d5577f9970} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\ not found.
File C:\Program Files (x86)\midicairus\prxtbmidi.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{07748CE8-8E46-4C86-8586-D6A1C6C43B46}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07748CE8-8E46-4C86-8586-D6A1C6C43B46}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12995981-2FD6-4BEE-9FB0-B1674E8E5E7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2\ deleted successfully.
C:\Windows\system32\npDeployJava1.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin\ not found.
File C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2\ deleted successfully.
File C:\Windows\SysWOW64\npDeployJava1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2\ deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll moved successfully.
C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\extensions\[email protected] moved successfully.
C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\browsemngr.xml moved successfully.
C:\Users\Izilda\AppData\Roaming\Mozilla\Firefox\Profiles\rpnqexf8.default-1350958851994\searchplugins\mngr.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
File C:\Program Files\Java\jre6\bin\ssv.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\ssv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\ not found.
File C:\Program Files (x86)\midicairus\prxtbmidi.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fa63398e-322b-4833-9af3-15837ad12138}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa63398e-322b-4833-9af3-15837ad12138}\ deleted successfully.
File C:\Program Files (x86)\searchresults\searchresultsDx.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95080B13-AA71-4EE8-B951-7E98221E1ED5} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95080B13-AA71-4EE8-B951-7E98221E1ED5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{efb1e45a-148d-40f9-a3f0-09d5577f9970} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{efb1e45a-148d-40f9-a3f0-09d5577f9970}\ not found.
File C:\Program Files (x86)\midicairus\prxtbmidi.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fa63398e-322b-4833-9af3-15837ad12138} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa63398e-322b-4833-9af3-15837ad12138}\ not found.
File C:\Program Files (x86)\searchresults\searchresultsDx.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EFB1E45A-148D-40F9-A3F0-09D5577F9970} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}\ not found.
File C:\Program Files (x86)\midicairus\prxtbmidi.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager not found.
File C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RegWork deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53c3e151-054b-11e2-a15f-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53c3e151-054b-11e2-a15f-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53c3e151-054b-11e2-a15f-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53c3e151-054b-11e2-a15f-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68ad3b0e-06b3-11e2-8353-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126d1f-3b39-11e2-b88e-101f741bcc01}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126d23-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126d23-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126d23-3b39-11e2-b88e-101f741bcc01}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126e09-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126e09-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126e09-3b39-11e2-b88e-101f741bcc01}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e126e2d-3b39-11e2-b88e-101f741bcc01}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e7dbe418-0b46-11e2-8ff5-101f741bcc01}\ not found.
File G:\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ed7441-2349-11e2-876e-101f741bcc01}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5ed7441-2349-11e2-876e-101f741bcc01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f5ed7441-2349-11e2-876e-101f741bcc01}\ not found.
File G:\LaunchU3.exe -a not found.
C:\Users\Izilda\AppData\Roaming\Babylon folder moved successfully.
C:\Users\Izilda\AppData\Roaming\OpenCandy\OpenCandy_65453D694989460187EDDE791AAA904B folder moved successfully.
C:\Users\Izilda\AppData\Roaming\OpenCandy\65453D694989460187EDDE791AAA904B folder moved successfully.
C:\Users\Izilda\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\Izilda\AppData\Roaming\uTorrent\share folder moved successfully.
C:\Users\Izilda\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\Izilda\AppData\Roaming\uTorrent\Cache folder moved successfully.
C:\Users\Izilda\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\Izilda\AppData\Roaming\uTorrent folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 not found.
File\Folder C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5 not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Izilda\Desktop\cmd.bat deleted successfully.
C:\Users\Izilda\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Izilda
->Temp folder emptied: 267079002 bytes
->Temporary Internet Files folder emptied: 283150943 bytes
->Java cache emptied: 2412774 bytes
->FireFox cache emptied: 82785091 bytes
->Google Chrome cache emptied: 385924021 bytes
->Flash cache emptied: 883 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1083871155 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42303946 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 757 bytes
RecycleBin emptied: 33761 bytes

Total Files Cleaned = 2,048.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07162013_204630

Files\Folders moved on Reboot...
C:\Users\Izilda\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Izilda\AppData\Local\Temp\~DF6ACC3B6CFBCD1272.TMP not found!
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{E3D42FD7-1DF8-4742-83A8-B6F231653E30}.tmp moved successfully.
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{240D38EC-23F2-459C-86B8-8472812A0BA4}.tmp moved successfully.
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{2AFEFCD7-1506-4E4D-9C88-FB8681593B80}.tmp moved successfully.
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{38168FF4-F1F6-4FE2-AA21-5AB20DA87B88}.tmp moved successfully.
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{6AAAE502-80E7-49D6-B8FA-4A7EB07EB499}.tmp moved successfully.
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{721CB9A4-625E-4223-9CDF-FF6A1E6B7724}.tmp not found!
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{B21A2C90-D8C9-404E-B4FF-04AB6BD74B6D}.tmp moved successfully.
File\Folder C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{BB675D76-D9AC-441D-807C-560B9A0C9DCE}.tmp not found!
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{D54847AD-AB7B-4419-9D56-A153D717443C}.tmp moved successfully.
C:\Users\Izilda\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

CKScanner 2.3 - Additional Security Risks - These are not necessarily bad
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
c:\users\izilda\desktop\andre\guitar\17000midis[www.jwejem.com]\cinema\fantasia (the nutcracker) - cinema.mid
c:\users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\readme.txt
c:\users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\mac\mdm.dat
c:\users\izilda\desktop\applications\rosetta\rosetta stone 3.4.5\crack\win\rosettastoneversion3.exe
c:\users\izilda\downloads\keygen_coreldrawx6.rar.exe
c:\users\izilda\downloads\scrapebox v1.15.66 cracked.rar.exe
c:\users\izilda\downloads\[katproxy.com]scrapebox.v1.15.66.cracked.rar.torrent
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\chingliu.notes.nfo
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\how to open nfo files.txt
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\abcpy.ini
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\acropro.msi
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\data1.cab
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\setup.exe
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\setup.ini
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\windowsinstaller-kb893803-v2-x86.exe
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1025.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1028.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1029.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1030.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1031.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1033.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1034.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1035.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1036.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1037.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1038.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1040.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1041.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1042.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1043.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1044.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1045.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1046.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1049.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1051.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1053.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1055.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1058.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\1060.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\2052.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\transforms\6156.mst
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\vc10rt_x64\vc_red.cab
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\adobe acrobat xi\vc10rt_x64\vc_red.msi
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\cracked dll\amtlib.dll
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\berime.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leame.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leesmij.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leggimi.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\leiame.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\liesmich.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\lisezmoi.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\lueminut.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readme.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmecs.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmect.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmecze.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmehun.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmej.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmek.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmemea.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmemeh.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmepol.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmerus.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmesky.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmetur.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\readmeukr.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\vigtigt.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\viktig.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\viktigt.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\gb18030\readme.htm
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]\help files\gb18030\readmecs.htm
c:\_otl\movedfiles\07162013_204630\c_users\izilda\appdata\roaming\utorrent\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu].torrent
c:\_otl\movedfiles\07162013_204630\c_users\izilda\appdata\roaming\utorrent\scrapebox v1.15.66 cracked.rar.torrent
scanner sequence 3.ZZ.11.SOAPNF
----- EOF -----

Edited by Andre Silva, 16 July 2013 - 06:10 PM.

  • 0

#12
CompCav
Posted 16 July 2013 - 06:35 PM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
What did you edit in your previous post?
  • 0

#13
Andre Silva
Posted 16 July 2013 - 06:50 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Just a small typo. If you want, I may post everything again.
  • 0

#14
Andre Silva
Posted 16 July 2013 - 06:51 PM

Andre Silva

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Or I may send you the logs as attachments.
  • 0

#15
CompCav
Posted 16 July 2013 - 07:06 PM

CompCav

    Member 5k

  • Expert
  • 12,453 posts
No I do not want attachments but in the future do not edit a post after it is posted just add a new corrected post.





Step 1

  • Please reopen Posted Image on your desktop by right clicking and selecting Run as administrator.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
[2013/01/15 21:52:42 | 000,000,000 | ---D | M] -- C:\Users\Izilda\AppData\Roaming\AVG2013

:files
C:\Program Files (x86)\Common Files\Adobe
c:\users\izilda\desktop\applications\rosetta
c:\users\izilda\downloads\keygen_coreldrawx6.rar.exe
c:\users\izilda\downloads\scrapebox v1.15.66 cracked.rar.exe
c:\users\izilda\downloads\[katproxy.com]scrapebox.v1.15.66.cracked.rar.torrent
c:\users\izilda\downloads\adobe acrobat xi pro 11.0.0 multilanguage (cracked dll ) [chingliu]
c:\users\izilda\downloads\adobe* /S
ipconfig /flushdns /c


:reg


:Commands
[purity]
[resethosts]
[emptytemp]
[createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.



Step 2

  • Right click and select Run as administrator CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.


Step 3

Please post:

  • OTL fix log
  • CKFiles.txt log



Are your symptoms the same or different?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP