Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SystemWideUserIdle.exe CoinMiner


  • Please log in to reply

#1
javacookies

javacookies

    New Member

  • Member
  • Pip
  • 6 posts
Hello everyone!
I'm not sure when it started but suddenly my PC is infected by some kind of a coin miner virus/malware. It keeps on using my GPU randomly. I know it is a coin miner because I encountered an error about an application called phoenix.exe which apparently based on forums is a coin miner that I'm not familiar with. Every time I boot my PC an Application called Form1 is open and its process is called SystemWideUserIdle.exe. In msconfig, there's an entry in my startup list called CrashHandle. It points to the paths below.

File Path: C:/Users/<user>/AppData/Local/Temp/RarSFX(0-any number)
Registry Path: HKCU/Software/Microsoft/Windows/CurrentVersion/Run/CrashHandle

I deleted them multiple times already but they keep on coming back every time I boot up my computer. My antivirus and few malware removal programs can't even detect them. I hope someone can help me on this. Thanks!
  • 0

Advertisements


#2
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, javacookies and welcome to GeeksToGo!

You can call me Phel and this time I will try to help you with your trouble.

Please, spend some time to read these instructions carefully before we start. They contain very useful information.

  • Please, stay with us until the end. I know, Malware Removal isn't very fast procedure, it usually has multiple steps, but you should stay here till your computer will be absolutely clean from malware. If your main problem is solved, that doesn't mean that another malware isn't left in your computer. Your patience will be rewarded with absolutely clean computer. :)
  • Please, let me know, if you don't understand something. It is really important to understand every instruction. If you are in doubt, how to follow one or another instruction - feel free to ask me, how to do that. I am always glad to help you with that.
  • Please, don't fix anything by yourself. Please, don't run any tools unless they are required. Trying multiple tools in hope that one of them will help can lead to unrecoverable consequences. Sometimes malware removal tools, used without supervision, can harm your computer more than malware itself.
  • Please, feel free to notify me about changes in your PC's behavior. It's really interesting for me to know, how your computer is running after each portion of fixes.
  • Please note, that I'm currently in training. It doesn't mean that my help will be worse than expert help. My posts are carefully checked by experts before they are posted. Please note, that my replies sometimes can come with delays. However, usually it takes less than 24 hours to revise my message by expert and post to you it.
  • Finally, enjoy the fight! ;)
Okay, let's start. First of all, I need to run one program, which will provide me with the basic information about current state of your computer. Please, don't remove this program immediately after scan, we will need to launch it many times during Malware removal procedure. Please, follow these steps:

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#3
javacookies

javacookies

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks for the quick reply...here's the log

OTL logfile created on: 8/17/2013 7:21:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eusebio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.64 Gb Available Physical Memory | 70.96% Memory free
15.90 Gb Paging File | 13.03 Gb Available in Paging File | 81.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 44.79 Gb Free Space | 22.94% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 29.89 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive G: | 212.76 Gb Total Space | 104.36 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: EUSEBIO-PC | User Name: Eusebio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
PRC - [2013/07/25 08:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2012/05/03 08:18:26 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/08 03:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/01/27 01:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/01/04 14:13:24 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/14 17:13:02 | 001,117,312 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/05/25 20:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/15 17:58:51 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d4493b0e5a5c6faf89cfeaa5f2a21034\IAStorUtil.ni.dll
MOD - [2013/08/15 05:07:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:06:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 05:06:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 05:06:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 05:06:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 05:06:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 05:06:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/25 08:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 08:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/25 08:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 08:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 08:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 08:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/07/13 10:11:42 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013/07/12 10:54:19 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/17 00:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/17 00:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/17 00:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/17 00:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/17 00:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012/02/13 09:53:06 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/02/09 17:09:38 | 001,118,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2011/12/29 01:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/09/07 23:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/05/01 03:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/03 10:10:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/06 13:43:51 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/09 16:25:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/24 08:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/07/24 07:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/05 16:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/05 16:12:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/09/05 16:12:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/09/05 16:04:51 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/08/23 22:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/04/23 19:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/02/03 21:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/27 01:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 01:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 01:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/09/15 12:33:32 | 000,141,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSumsc.sys -- (ASUSumsc)
DRV:64bit: - [2011/09/15 12:33:32 | 000,024,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSstpt.sys -- (ASUSstpt)
DRV:64bit: - [2011/08/12 18:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/12/21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/12/21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/12/17 06:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/21 11:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 11:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/18 01:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/23 14:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012/07/05 13:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...&ocid=iehp&tc=0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 52 4A 54 F5 26 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{FB55F9C6-36AC-4727-97B7-60D9124A7DBE}: "URL" = http://search.condui...&ctid=CT2504091
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.5
FF - prefs.js..extensions.enabledAddons: %7Bbb6bc1bb-f824-4702-90cd-35e2fb24f25d%7D:1.5.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Eusebio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/12/22 20:57:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]

[2012/10/28 10:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Extensions
[2013/08/03 09:25:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions
[2013/08/02 00:20:04 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2013/08/02 00:19:55 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2013/08/03 09:25:09 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2013/05/04 00:50:03 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\[email protected]
[2013/06/23 13:45:17 | 000,350,663 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/05/25 23:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/07/06 13:43:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/07/06 13:43:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/17 19:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/08/17 19:06:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: Entanglement = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\2.3.19.11_0\
CHR - Extension: Poppit = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\

O1 HOSTS File: ([2009/06/11 05:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Adobe Auto Updater] C:\Users\Eusebio\AppData\Roaming\Adobe Systems\updater.exe (Adobe Systems)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE54268-808A-4585-A6F3-D0B00E7ACF15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/05 22:24:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{85cb4b4d-317a-11e2-97e3-10bf4882e263}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/17 19:18:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/08/10 11:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/08/10 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/08/10 10:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/08/10 10:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/08/10 10:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/08/10 10:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/08/10 10:55:20 | 000,000,000 | ---D | C] -- C:\AMD
[2013/08/10 10:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/08/10 10:03:17 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013/08/08 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\BeamNG
[2013/07/31 04:42:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/24 08:16:54 | 000,129,536 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 07:41:54 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll

========== Files - Modified Within 30 Days ==========

[2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/17 18:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/17 18:43:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/17 17:03:37 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/17 17:03:37 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/17 17:00:51 | 000,795,870 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/17 17:00:51 | 000,671,268 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/17 17:00:51 | 000,126,290 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/17 16:56:30 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/17 16:56:27 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock
[2013/08/17 16:56:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/17 16:56:16 | 2105,982,975 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/16 08:49:37 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:59:14 | 000,787,992 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/10 10:03:17 | 000,001,090 | ---- | M] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/08/01 08:44:39 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/24 16:11:56 | 008,946,257 | R--- | M] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:19:12 | 000,229,376 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:16:54 | 000,129,536 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 07:41:54 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/07/24 07:25:40 | 003,399,312 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/23 20:29:08 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | M] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== Files Created - No Company Name ==========

[2013/08/17 16:56:27 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock
[2013/08/16 08:49:37 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:03:17 | 000,001,090 | ---- | C] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/07/24 16:15:00 | 008,946,257 | R--- | C] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:19:12 | 000,229,376 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 07:25:40 | 003,399,312 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/23 20:29:08 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/05/12 19:48:08 | 000,033,540 | ---- | C] () -- C:\Windows\SysWow64\CoreFLACDecoder-uninstall.exe
[2013/04/13 22:03:38 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_2202.html
[2013/04/13 00:09:18 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_0009.html
[2013/04/13 00:02:58 | 001,065,984 | ---- | C] () -- C:\Users\Eusebio\AppData\Local\file__0.localstorage
[2013/03/29 10:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/29 10:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/23 21:33:21 | 004,762,752 | ---- | C] () -- C:\Windows\PE_File.dll
[2012/12/30 21:39:58 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012/12/30 21:39:58 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012/12/10 23:46:25 | 000,000,132 | ---- | C] () -- C:\Users\Eusebio\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/12/08 12:55:41 | 000,000,023 | ---- | C] () -- C:\Windows\My Settings.ini
[2012/12/06 19:51:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/11/27 00:01:51 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012/11/27 00:01:44 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012/11/27 00:01:44 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012/11/03 19:55:06 | 004,924,048 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2012/10/28 11:53:04 | 000,794,906 | ---- | C] () -- C:\Windows\unins000.exe
[2012/10/28 11:53:04 | 000,004,031 | ---- | C] () -- C:\Windows\unins000.dat
[2012/10/27 18:37:38 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/10/27 18:37:37 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/10/27 17:37:51 | 000,047,091 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/10/27 17:36:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/27 17:36:04 | 000,034,501 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/10/27 17:25:51 | 000,787,992 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/09/29 03:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/02/02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/13 06:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 13:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 12:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 21:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 21:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 21:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/04 12:28:19 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\2K Sports
[2013/07/05 22:26:02 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Autodesk
[2013/08/13 08:19:12 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Azureus
[2012/11/28 23:41:43 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Blender Foundation
[2013/04/25 21:08:45 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Canon
[2012/10/28 12:50:49 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Chikka Messenger
[2013/08/17 17:18:37 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\DMCache
[2012/10/28 16:20:01 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\ESET
[2013/03/16 00:50:36 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\FreeArc
[2013/08/11 13:09:35 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\IDM
[2013/03/23 15:52:18 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\IObit
[2012/11/25 19:43:59 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\JemiZhuu
[2012/11/27 23:56:39 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Sony
[2013/03/23 23:21:17 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\SystemRequirementsLab
[2013/03/24 20:16:39 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Tomb Raider
[2013/01/05 18:44:05 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\Unity
[2013/08/16 19:31:25 | 000,000,000 | ---D | M] -- C:\Users\Eusebio\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:70B9C530

< End of report >


OTL Extras logfile created on: 8/17/2013 7:21:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eusebio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.64 Gb Available Physical Memory | 70.96% Memory free
15.90 Gb Paging File | 13.03 Gb Available in Paging File | 81.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 44.79 Gb Free Space | 22.94% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 29.89 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive G: | 212.76 Gb Total Space | 104.36 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: EUSEBIO-PC | User Name: Eusebio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0325AA32-A001-4BB7-AD4E-37B3004071CA}" = rport=139 | protocol=6 | dir=out | app=system |
"{0D641C9F-B1C7-4AD6-AEAA-81AA107C2CE0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0DD47E73-DC71-481E-96B6-3351E1F69D7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{108E297C-4B2C-4DB1-A7D6-59CACC97041B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18CF8B59-8B53-4C5F-B71D-3ADD19F411DF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2211E122-0120-43B0-8EB5-9146A55E1C27}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{228BA503-15C1-4894-9EA8-C305ABBDABFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2478B02C-8AA3-477E-A4D0-ABA563AD31A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DB31352-6F47-4A2F-86CE-269F65F2AA1D}" = rport=138 | protocol=17 | dir=out | app=system |
"{31B7F526-6CD0-49E2-8B13-762BB75F2E48}" = lport=138 | protocol=17 | dir=in | app=system |
"{326FDEBC-6FEA-4862-9B84-1B5BA6C59CED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D071ED4-913F-4DD4-AF46-06DFD3786418}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B498BD9-4771-4F9C-9C29-F060E0250A9F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F93FE50-E793-44B9-9FF1-00DA88779E4D}" = rport=137 | protocol=17 | dir=out | app=system |
"{9ECF9CDB-AC9C-43C8-9809-C2157D1495A2}" = lport=50712 | protocol=17 | dir=in | name=vuze udp |
"{A99B0D08-F141-4246-9863-22AF76AB66C8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A9A3D0D9-EC15-43F3-ABC3-1061354B3135}" = lport=137 | protocol=17 | dir=in | app=system |
"{ACAA00AC-F0AE-4B9E-80B1-E93B4C408C0A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B3F1F302-7B1D-4566-B9B7-8FC26B18905A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BD0AEE41-FB47-4C2E-B8D7-ED0294705A26}" = rport=50712 | protocol=6 | dir=out | name=vuze |
"{BF0BB083-F78B-464B-BEA6-1390B88CC307}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BFB14D34-70DA-4ED3-B886-D49F44B4A722}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C69DF4CE-F9A6-4952-BA41-17E61EE3BEE4}" = lport=139 | protocol=6 | dir=in | app=system |
"{D26EA49B-D565-4948-B5E3-CB8B2D2CB0AA}" = rport=50712 | protocol=17 | dir=out | name=vuze udp |
"{E0A3B5D4-6CC4-4858-AB0C-1B256C31412B}" = lport=50712 | protocol=6 | dir=in | name=vuze tcp |
"{FDC52FD2-E29F-4022-B530-C767C2AC08F7}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CFDE7C-C19E-46A7-9F6D-FFBD3802F8F8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{15AB11FC-3863-4815-AE95-335C7C3FF3D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{18ECD4A0-F8AF-4EA0-8224-AC629EFD3D64}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{1D41E8AC-5B3A-4D88-9DC2-B113D1A903FD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1F0CB5D3-5ABE-402F-9310-1DC1599AC4E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FEEDF75-1199-497E-8495-B831B6523683}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{21441B76-4ED6-403B-8938-D1266E279FE5}" = protocol=6 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steam.exe |
"{236E89CA-31B3-4454-8101-D9F38C1CE57A}" = protocol=6 | dir=out | name=torrent tcp |
"{2CA8FF87-CD00-4D59-97CE-651C9BD7A2A8}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{320C84D8-3AC6-4C57-B77B-6580E2DD5245}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{34582ED3-81BB-4F63-9B28-DC5070D37111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{36E1A03C-E2E2-46DE-9D7A-0C35E4A4BA4A}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3C67EB7D-D36A-41D7-92E4-87AC669A5835}" = dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"{3D7162C8-28C8-40E0-955E-F9B7077B2B9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{40B197C0-16CC-444F-BFBF-FB5955CF243C}" = dir=in | app=%programfiles% (x86)\l.a. noire\lanoire.exe |
"{465FECA8-E805-441A-9C08-00029F31C5F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{49D9BE36-50F2-4294-8052-A7DE9EB1E58E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C38F4CD-0865-4BA5-84DB-5D4E68136252}" = protocol=6 | dir=in | name=torrent |
"{4F936020-F6D5-46AC-AC95-26685C685E2B}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{4FD762E1-045C-42FC-8138-27C75140276C}" = dir=out | app=d:\programs\games\assassin's creed revelations\ac revelations\acrsp.exe |
"{58755355-70D8-41E9-B344-CDF28E5F9A2B}" = protocol=1 | dir=in | [email protected],-28543 |
"{5A397AC1-7F03-48C9-872D-4A69FA38356C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5E2C7B0E-0C09-41A5-BBAE-B1FEE117118A}" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii.exe |
"{5F92752C-FF0C-4B6A-9798-982D46A9537D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{61984DB0-5E8D-46DA-9056-4A9B5129727A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{69A10275-CA2E-4013-AF04-AB79FD9D5712}" = dir=in | app=%programfiles% (x86)\rockstar games\social club\renderer.exe |
"{6C349C9D-E489-47CE-A887-5B20534D444C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A56FB53-DC4B-4BD8-92E3-6E1E244F53E4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7CC90994-B5BE-4899-8E83-432FFD916B4A}" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii public test.exe |
"{811D4816-6D56-4F90-B3DF-1C89173FF5E5}" = dir=in | app=d:\programs\games\assassin's creed revelations\ac revelations\acrsp.exe |
"{838CC7A2-58E3-484F-910F-9EFE901D2DF5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8393B6A6-191A-4456-BFB6-363BA9C66F58}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{83B90544-90F6-42A2-8BCB-A5603641FFB2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{877488AE-B099-4480-B5B8-05DF4578A499}" = protocol=17 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steam.exe |
"{8959C473-79DD-46C8-8EF9-C8F6B0EE1792}" = dir=out | app=%programfiles% (x86)\l.a. noire\lanlauncher.exe |
"{8D972AC6-CEB7-404F-A29A-AD8CB4FCA054}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8E5BF528-665E-438D-B4E7-F9FC7F121782}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F0C1C81-33A5-4BCC-B793-403C1DD8C2B2}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{92C48DE3-41F5-450E-BE67-8BDFF141C100}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94D72792-59D8-4887-A0E6-14544A480694}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{96EF129B-F923-4718-ABC2-06DE58CD3A7F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{A85DC25C-E536-40C7-96F0-DA1127D84B32}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AA1206E9-35FA-4CB6-BD7F-3B53A3ED90AB}" = protocol=17 | dir=out | name=torrent udp |
"{AF00F344-7211-4AC9-A764-CD3755033EEB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AFEB2F43-FCE8-4138-B408-B2431633EDE9}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{AFF0D497-4EA7-4A00-A282-5321D6DD840D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0A01B52-3181-49A2-809A-BF6190635E50}" = protocol=17 | dir=in | name=torrentudp |
"{B249BDD4-DC0A-4DBF-A591-1C7E6BE6C035}" = dir=out | app=%programfiles% (x86)\rockstar games\social club\renderer.exe |
"{B70A8AD1-93EC-4B11-B0E4-BD21D0FD7E97}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{B7C2399E-2E57-4C61-9463-47FFDD37154D}" = dir=in | app=%programfiles% (x86)\l.a. noire\lanlauncher.exe |
"{B8B8CAA1-D3EF-4D2A-A379-2D0961FBEA8A}" = dir=out | app=d:\programs\games\max payne 3\playmaxpayne3.exe |
"{BCB16229-2B9A-4639-B8F6-84EEFB70DF1B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C0C80FE6-60D7-4162-95B5-662FEB9EAA64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C55F423F-124E-4E95-9572-35E79DDFAB23}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{C9121E82-BA27-441D-B532-01D11A450FB0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CECC56DD-315F-44C7-B469-A56E2DF43FDA}" = protocol=6 | dir=out | app=system |
"{D15E6B54-232A-442C-970D-6B54A27FC169}" = dir=out | app=d:\programs\games\max payne 3\maxpayne3.exe |
"{D3D9A585-3806-4008-B7A5-AE26C0E11A89}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{D70EA73D-E995-416A-91F8-3A31F6634D1C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{D746E14D-29B8-48ED-8EB0-5562CAD4A85C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DB7E05D3-F44F-4AE5-8E13-49E7AF98C432}" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii public test.exe |
"{DE4C433E-EF17-46CC-B8B2-069784D680E4}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{DE893AB9-8F05-403A-80DD-A258AA5025E6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2B4E63F-A2CF-4FD9-9440-E21EF857B2AB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E4560103-F595-4383-BBEC-47E441D267FC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{E664B048-E89D-413F-A42D-3C4108CB8D3B}" = protocol=58 | dir=out | [email protected],-28546 |
"{E6D49408-D96E-49CA-87D1-4511FAED2FDC}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{E9C7C5C3-65B9-4895-B4E3-96D6179C4F55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F24EED46-5558-40F5-A38C-62BC2036A16D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{F5480A97-73AB-4B2A-B063-69F7CF158159}" = dir=in | app=d:\programs\games\max payne 3\playmaxpayne3.exe |
"{F56A719E-F81F-458C-8691-0C181C12FFF7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F67A444F-C1F5-4074-8C55-0BBB1AAA7FDA}" = dir=out | app=%programfiles% (x86)\l.a. noire\lanoire.exe |
"{F96713BB-CEB5-48E3-89B3-49BCCDD134EB}" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii.exe |
"{FA237F94-A400-4E7E-AA01-96FA00A73658}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{FA5A2A5B-7633-4C6D-BCC9-7B739982C749}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{FB696AE3-E846-4327-9948-B8D1C6C7AF2D}" = protocol=1 | dir=out | [email protected],-28544 |
"{FC166C1E-2D8D-47EB-B34C-7500E89E954A}" = protocol=58 | dir=in | [email protected],-28545 |
"{FCF542FE-763A-48DD-A665-020E4E1BDB1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0361C49E-8A1E-46CF-978A-70C2D5D8F5CD}C:\program files (x86)\games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\games\crysis 2\bin32\crysis2.exe |
"TCP Query User{1F2CA33D-878F-4AA7-ACC8-85F85B4EE37D}C:\program files (x86)\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files (x86)\magictune premium\magictune.exe |
"TCP Query User{204E6A62-35AC-402D-856D-C45444725343}D:\programs\games\nba2k10\nba2k10.exe" = protocol=6 | dir=in | app=d:\programs\games\nba2k10\nba2k10.exe |
"TCP Query User{2E10E0BF-D804-4D1A-9689-5AFFECC22965}D:\programs\games\pba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=d:\programs\games\pba 2k12\nba2k12.exe |
"TCP Query User{3230E037-ED80-463E-B2B5-5E49DC143173}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"TCP Query User{36F934A1-C9F5-4826-B687-C453F27F3D18}D:\programs\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\programs\dmc\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{3E5EA936-15A9-4B41-91C5-231B99FF960C}D:\programs\games\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{40768EF9-2D3D-40BE-ADE7-9238D7D3EA72}D:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe |
"TCP Query User{55E39D95-DDD1-4C0D-A4C2-91F38E01C2F7}C:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe |
"TCP Query User{56A75C34-B8AC-4D38-8EB1-6555A931A1A9}D:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{64C1C539-7A3B-40B4-AA84-2555A2EC8212}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"TCP Query User{6D8DC948-04FB-43A9-90BD-9D20C4CE9152}C:\users\eusebio\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\local\akamai\netsession_win.exe |
"TCP Query User{71B278EC-0DD3-4E27-8A36-21996A7A94EC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{73A1C2FC-CDD8-486D-8E20-B2350C39E7C5}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"TCP Query User{7AA6570A-0551-472C-A90B-6E5B1D9AEE8B}D:\programs\games\dead space 2\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=d:\programs\games\dead space 2\dead space 2\deadspace2.exe |
"TCP Query User{7BF6B363-F402-4653-BB93-40BF420267BF}D:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{8C66DCB7-6DD5-4566-A7E8-DB8B37FF4D36}D:\programs\games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"TCP Query User{9540AFA1-D144-4A7F-917C-FC0778451B1A}D:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{A54578E4-D3D9-494B-BEF1-AC9E998F4BAD}D:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe |
"TCP Query User{B62BEDCF-D78E-4383-BF52-1509403F807D}H:\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=h:\max payne 3\maxpayne3.exe |
"TCP Query User{C052087C-930F-412A-8FCF-2C46314A66D8}D:\programs\games\dota game\war3.exe" = protocol=6 | dir=in | app=d:\programs\games\dota game\war3.exe |
"TCP Query User{CF5B5903-241D-4D6E-BD49-8D7908E4D043}D:\programs\games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\programs\games\crysis 2\bin32\crysis2.exe |
"TCP Query User{D7E8EA3D-7622-4B2F-B676-B284790B8313}D:\programs\games\sierra\half-life\hl.exe" = protocol=6 | dir=in | app=d:\programs\games\sierra\half-life\hl.exe |
"TCP Query User{DC129208-E2A8-4825-A816-2255BF8380C6}D:\programs\games\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E139736E-1A39-4794-BBC8-0CBDFF70CF25}D:\programs\games\nba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=d:\programs\games\nba 2k12\nba2k12.exe |
"TCP Query User{FAF8085C-19E9-402D-91B6-B44794605B5A}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{061DFF55-CF4B-41E8-8FB1-94E405DC572E}D:\programs\games\nba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=d:\programs\games\nba 2k12\nba2k12.exe |
"UDP Query User{0B999057-9AF2-4DB2-B12A-8D6441242DD5}C:\users\eusebio\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\local\akamai\netsession_win.exe |
"UDP Query User{124A0DA4-E99D-4D19-A08A-36EBD8943FC9}C:\program files (x86)\games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\games\crysis 2\bin32\crysis2.exe |
"UDP Query User{19C7CDB6-83B4-4E52-AB92-96C2D1E68E6F}D:\programs\games\sierra\half-life\hl.exe" = protocol=17 | dir=in | app=d:\programs\games\sierra\half-life\hl.exe |
"UDP Query User{1B3F8149-43BC-49C5-B959-0A79C3E0F8D0}D:\programs\games\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{2A2CE279-6CF8-498A-B399-D9C199CF8543}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{2FDB033D-00A8-4A2D-A8C4-9C84A436142D}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"UDP Query User{3B9FBCE7-0921-4736-98BD-C5DCDE779620}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"UDP Query User{3FA34C2B-5BFB-4191-9786-56C9A9C4EE1C}C:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe |
"UDP Query User{69D72C3D-09CB-4CA6-9401-CBF2721F05A7}D:\programs\games\pba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=d:\programs\games\pba 2k12\nba2k12.exe |
"UDP Query User{85478DD1-F7EE-4A02-8FD6-36771BF2C7E6}D:\programs\games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\programs\games\crysis 2\bin32\crysis2.exe |
"UDP Query User{8DD20453-6182-4BB8-B30A-3ED6C0EEFD1A}H:\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=h:\max payne 3\maxpayne3.exe |
"UDP Query User{91E2D004-73A9-4C76-A0CF-AA7C6FB324AE}D:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe |
"UDP Query User{9A99B280-F250-4954-9A8E-6ABCDA835E6F}D:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe |
"UDP Query User{B02AE185-BC1F-427F-B70D-58A1BC6E9F44}D:\programs\games\nba2k10\nba2k10.exe" = protocol=17 | dir=in | app=d:\programs\games\nba2k10\nba2k10.exe |
"UDP Query User{B723C8C2-0B37-41F9-8F38-96B7922D4356}D:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{BC5E0EC8-547A-4E99-8AC4-E35836E1CC96}D:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{BDC99BCF-2588-4EDE-8F78-368B443C9A90}D:\programs\games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"UDP Query User{C7078E82-F387-49A1-86F8-AEF34137786A}D:\programs\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\programs\dmc\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{C7383732-75DC-46E8-990D-027901AD5A29}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"UDP Query User{CC4D8423-1176-4B31-92A0-45580BC6BE2F}D:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{CF8B731D-B118-44B9-869D-FAACCBB750C1}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{D8F29B1D-6D69-45C4-A14A-15B5CE2C5956}D:\programs\games\dead space 2\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=d:\programs\games\dead space 2\dead space 2\deadspace2.exe |
"UDP Query User{EE344FA4-5928-437E-9534-3096DEB3BFBB}D:\programs\games\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{F12539B7-8DA2-4D84-BF56-590C1E785AF7}C:\program files (x86)\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files (x86)\magictune premium\magictune.exe |
"UDP Query User{FA590EA3-2263-4739-B137-82748CF7852C}D:\programs\games\dota game\war3.exe" = protocol=17 | dir=in | app=d:\programs\games\dota game\war3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E510_series" = Canon E510 series MP Drivers
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EB96857-04FC-3A67-6E29-6914FB78CB90}" = AMD Accelerated Video Transcoding
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A39ED00-7650-A60F-F7E3-A1C3F1D4C34E}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-D028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2199A06-89C4-4187-AA4A-3A9676FB799D}" = SlimDX Runtime .NET 4.0 x64 (January 2012)
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C068588D-7275-E9E0-9158-2D57BA13FDFD}" = AMD Wireless Display v3.0
"{C0D93E4E-0866-43C8-A104-BF41A803EA84}" = ESET Smart Security
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E9897E08-46FA-A07E-B332-1515AAB356F4}" = AMD Catalyst Install Manager
"{F2454C2A-0344-5442-3418-CB6C1A3D6A07}" = AMD Drag and Drop Transcoding
"{F60D5FAB-2C7B-A299-F839-05A7F7D9CE2C}" = ccc-utility64
"8461-7759-5462-8226" = Vuze
"Blender" = Blender
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"DWG TrueView 2014" = Autodesk DWG TrueView 2014
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014A2868-BE56-4888-A16C-693989B8F153}" = SlimDX Runtime .NET 2.0 (January 2012)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.114.08260
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A4C46F0-1DCE-B7FF-753E-1BFFD38CAD11}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28E3970E-5D53-A59D-84B6-B2BB7637553A}" = Catalyst Control Center Localization All
"{2B5F894F-A9A9-4416-BD22-435A4675180E}_is1" = L.A. Noire version 1.0
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{31EF3584-9232-F8F4-4BAD-EED7653090D3}" = CCC Help Turkish
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{355E39A9-6C8E-CB2A-1210-F39569A625EC}" = CCC Help Swedish
"{37D591EF-B8C0-435B-B3A5-D8A707B93F2F}_is1" = «Sleeping Dogs»
"{3CF111C7-92E1-AD47-B521-A153921D0FE3}" = CCC Help Dutch
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{408B1AE6-D09B-74DE-A38B-96B74CCECC34}" = CCC Help Hungarian
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}_is1" = Crysis 3 Fix verze 1.0.0.1
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48614A23-EF39-FA3B-BA1C-115F83993B19}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5E57EF20-E146-9911-8AAE-E6665AE0B536}" = AMD Catalyst Control Center
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A59840D-8F35-A994-427B-822314E81AAF}" = CCC Help Chinese Traditional
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{7B228E0D-FFB9-A3D0-42C4-1A90D9286F8E}" = CCC Help Japanese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8D0D61A4-B3DE-CBB6-7425-C2BB4D8D8C1A}" = CCC Help English
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90157C5D-D791-4D36-8C2B-7553DC01D601}" = ASUS VGA Driver
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{96903DF6-228F-4ED6-660B-956DE8D43981}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B798FEC-837B-84BF-D690-D4D5EC1CBD53}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{B4A3B8BE-4953-064E-E1FD-8D3AFCF58A07}" = CCC Help Chinese Standard
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B810D852-DFD6-CRY3-89A5-CC4D47756DAF}_is1" = Crysis 3 version 5.1
"{BA362E17-3164-CFA3-A1D7-A8CECB20D56C}" = Catalyst Control Center Graphics Previews Common
"{BB939DE5-2680-3FE2-5B4F-C40629336C08}" = CCC Help French
"{BE3359DF-E0AF-E1D7-FEBF-63D4D3729CC5}" = CCC Help Polish
"{BFE8FCC5-B9FE-39A2-B062-678A4D98D7CA}" = CCC Help Finnish
"{C14B79C1-2D2F-BCEB-8F25-49D91A6B2324}" = CCC Help German
"{C86A5731-2E91-63FF-14A3-1BB7FEEF9B6F}" = CCC Help Danish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3BEFB-1514-6F68-64B5-03F83735A240}" = CCC Help Korean
"{CE8AA8D6-2186-5551-EC7F-E94919D166A6}" = CCC Help Norwegian
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}" = USB Game Controller
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EC1CBFB4-E22A-D856-31A7-665CFCC2C116}" = CCC Help Greek
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.108
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5460185-E398-6A00-2ABF-3194D03C30EA}" = CCC Help Thai
"{F8360AF1-47D9-2A5C-558A-ED6F01511C71}" = Catalyst Control Center InstallProxy
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB2EEC93-63C4-9734-FA07-D840E0219040}" = CCC Help Czech
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.60
"Canon E510 series On-screen Manual" = Canon E510 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CoreFLAC Audio Decoder+Source Filter" = CoreFLAC Audio Decoder+Source Filter (remove only)
"EasyBCD" = EasyBCD 2.2
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"File Splitter and Joiner_is1" = File Splitter and Joiner (FFSJ v3.3)
"Fraps" = Fraps
"FreeArc" = FreeArc 0.666
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Internet Download Manager" = Internet Download Manager
"IObit Malware Fighter_is1" = IObit Malware Fighter
"L.A Noire_is1" = L.A. Noire Update v1.3.2613
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Rockstar Games Social Club" = Rockstar Games Social Club
"Smart Defrag 2_is1" = Smart Defrag 2
"StarCraft II" = StarCraft II
"Stellar Phoenix Zip Recovery v1.0_is1" = Stellar Phoenix Zip Recovery v1.0
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Tomb Raider_R.G. Mechanics_is1" = Tomb Raider
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"TUGZip_is1" = TUGZip 3.5
"Unigine Valley Benchmark_is1" = Unigine Valley Benchmark version 1.0
"Universal Extractor_is1" = Universal Extractor 1.6.1
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"uTorrentControl_v2 Toolbar" = uTorrentControl_v2 Toolbar
"VirtualCloneDrive" = VirtualCloneDrive
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WavePad" = WavePad Sound Editor
"WinToFlash Suggestor" = WinToFlash Suggestor
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Chikka Messenger" = Chikka Messenger
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/23/2013 7:24:20 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/23/2013 9:46:58 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/23/2013 11:52:14 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 12:02:37 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 3:37:22 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 8:37:06 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 11:14:25 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/25/2013 11:16:18 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/26/2013 4:18:35 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/26/2013 10:32:52 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/27/2013 10:38:16 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/28/2013 7:23:03 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/28/2013 7:43:07 AM | Computer Name = Eusebio-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 7/29/2013 5:15:36 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

[ Media Center Events ]
Error - 12/1/2012 8:32:17 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 8:32:13 PM - Error connecting to the internet. 8:32:13 PM - Unable
to contact server..

Error - 12/12/2012 7:00:16 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 7:00:16 PM - Error connecting to the internet. 7:00:16 PM - Unable
to contact server..

Error - 12/12/2012 7:00:24 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 7:00:21 PM - Error connecting to the internet. 7:00:21 PM - Unable
to contact server..

Error - 12/19/2012 12:02:50 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:02:46 PM - Error connecting to the internet. 12:02:46 PM - Unable
to contact server..

Error - 12/19/2012 1:03:00 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 1:02:57 PM - Error connecting to the internet. 1:02:57 PM - Unable
to contact server..

Error - 12/23/2012 12:52:37 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:52:32 PM - Error connecting to the internet. 12:52:32 PM - Unable
to contact server..

Error - 12/23/2012 1:53:09 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 1:53:08 PM - Error connecting to the internet. 1:53:08 PM - Unable
to contact server..

Error - 12/24/2012 12:06:52 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:06:49 PM - Error connecting to the internet. 12:06:49 PM - Unable
to contact server..

Error - 12/24/2012 9:29:59 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 9:29:58 PM - Error connecting to the internet. 9:29:58 PM - Unable
to contact server..

Error - 12/24/2012 9:30:48 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 9:30:46 PM - Error connecting to the internet. 9:30:46 PM - Unable
to contact server..

[ System Events ]
Error - 8/4/2013 10:42:36 AM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/4/2013 10:42:37 AM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/4/2013 10:42:37 AM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/9/2013 10:31:38 PM | Computer Name = Eusebio-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:29:57 AM on ?8/?10/?2013 was unexpected.

Error - 8/10/2013 8:34:10 AM | Computer Name = Eusebio-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:17:53 PM on ?8/?10/?2013 was unexpected.

Error - 8/12/2013 1:36:56 PM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/12/2013 1:38:02 PM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 8/12/2013 1:38:14 PM | Computer Name = Eusebio-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the CodeMeter.exe service.

Error - 8/12/2013 7:42:14 PM | Computer Name = Eusebio-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/15/2013 8:50:09 PM | Computer Name = Eusebio-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!


< End of report >
  • 0

#4
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
How your computer is running now? Does Bitcoin miner still appear?

I'd like you to run 2 tools - OTL and AdwCleaner. I'd like to investigate your system deeper with OTL and fix some other nasty stuff, which could display ads and hijack your homepage. AdwCleaner will help OTL to clean out this as well.

Let's start.

Step 1. Uninstalling programs.

  • Open Start menu.
  • Click on Control Panel.
  • Click on Programs and Features. New window should appear.
  • Uninstall these programs one by one, selecting each program and clicking Uninstall button.
Programs to uninstall:

  • Vuze Remote Toolbar
  • uTorrentControl_v2 Toolbar
Step 2. OTL fix.

  • Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :OTL
    IE - HKLM\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    IE - HKCU\..\SearchScopes\{FB55F9C6-36AC-4727-97B7-60D9124A7DBE}: "URL" = http://search.condui...&ctid=CT2504091
    [2013/08/02 00:20:04 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
    [2013/08/02 00:19:55 | 000,000,000 | ---D | M] (Vuze Remote) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
    O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
    [2012/10/28 11:53:04 | 000,794,906 | ---- | C] () -- C:\Windows\unins000.exe
    [2012/10/28 11:53:04 | 000,004,031 | ---- | C] () -- C:\Windows\unins000.dat
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:70B9C530
    
    :Files
    C:\Program Files (x86)\Vuze_Remote
    C:\Program Files (x86)\uTorrentControl_v2
    
    :Commands
    [RESETHOSTS]
    [EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
Step 3. AdwCleaner scan.

  • Please, download AdwCleaner from here to your Desktop.
  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.
  • After fix Notepad window with report should appear. Post the contents of the report in your next message.
Step 4. Uninstall Chrome extension.

  • Launch your Google Chrome browser.
  • In the address bar type the following:

    chrome:extensions
  • Extension list will appear.
  • Find there uTorrentControl_v2 extension.
  • Click on the recycle bin icon near it (uninstall it).
  • Restart your browser.
Step 5. OTL scan.

  • Open OTL again.
  • Find in the OTL window Extra Registry section and change radiobutton there to the Use SafeList.
  • Click on Scan All Users checkbox, which is located near Quick Scan button.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    BASESERVICES
  • Click on the Run Scan button.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
So, please, don't forget to post in your next message:

  • OTL.txt
  • Extras.txt
  • AdwCleaner log

  • 0

#5
javacookies

javacookies

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Only the GPU is affected which is usually in games and the bitcoin miner still appears every boot up and sometimes even I kill the process it suddenly reappears. Anyways here's the logs.

AdwCleaner

# AdwCleaner v2.306 - Logfile created 08/18/2013 at 11:51:07
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Eusebio - EUSEBIO-PC
# Boot Mode : Normal
# Running from : C:\Users\Eusebio\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Eusebio\AppData\Local\Conduit
Folder Deleted : C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Eusebio\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4EF9-8EE7-A3C3B7D83BB0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0.1 (en-US)

File : C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\prefs.js

C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\user.js ... Deleted !

Deleted : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2504091.FirstTime", "true");
Deleted : user_pref("CT2504091.FirstTimeFF3", "true");
Deleted : user_pref("CT2504091.UserID", "UN63427635390281533");
Deleted : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2504091.autoDisableScopes", -1);
Deleted : user_pref("CT2504091.cbfirsttime", "U3VuIE5vdiAwNCAyMDEyIDE3OjEzOjI3IEdNVCswODAwIChDaGluYSBTdGFuZGFy[...]
Deleted : user_pref("CT2504091.defaultSearch", "false");
Deleted : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2504091.enableAlerts", "always");
Deleted : user_pref("CT2504091.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2504091.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2504091.fixPageNotFoundError", "true");
Deleted : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2504091.fixUrls", true);
Deleted : user_pref("CT2504091.installId", "conduitinstallerstub.exe");
Deleted : user_pref("CT2504091.installType", "conduitnsisintegration");
Deleted : user_pref("CT2504091.isCheckedStartAsHidden", true);
Deleted : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Deleted : user_pref("CT2504091.migrateAppsAndComponents", true);
Deleted : user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Deleted : user_pref("CT2504091.openThankYouPage", "false");
Deleted : user_pref("CT2504091.openUninstallPage", "false");
Deleted : user_pref("CT2504091.search.searchAppId", "129079840422026594");
Deleted : user_pref("CT2504091.search.searchCount", "0");
Deleted : user_pref("CT2504091.searchInNewTabEnabled", "false");
Deleted : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1352020397524");
Deleted : user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1352020397086");
Deleted : user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1352020401148");
Deleted : user_pref("CT2504091.serviceLayer_services_login_10.13.3.21_lastUpdate", "1352020398602");
Deleted : user_pref("CT2504091.serviceLayer_services_optimizer_lastUpdate", "1352020401107");
Deleted : user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1352020399064");
Deleted : user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1352020398991");
Deleted : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1352020391367");
Deleted : user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1352020398359");
Deleted : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1352020394922");
Deleted : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1352020397387");
Deleted : user_pref("CT2504091.settingsINI", true);
Deleted : user_pref("CT2504091.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2504091.smartbar.CTID", "CT2504091");
Deleted : user_pref("CT2504091.smartbar.Uninstall", "0");
Deleted : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
Deleted : user_pref("CT2504091.startPage", "false");
Deleted : user_pref("CT2504091.toolbarBornServerTime", "4-11-2012");
Deleted : user_pref("CT2504091.toolbarCurrentServerTime", "4-11-2012");
Deleted : user_pref("CT2504091.toolbarDisabled", "true");
Deleted : user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1351401191,\"uuid\":426633974612285,\"seq_id\":1,\"ss[...]
Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3220468.FirstTime", "true");
Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Deleted : user_pref("CT3220468.UserID", "UN03317666289649379");
Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3220468.autoDisableScopes", -1);
Deleted : user_pref("CT3220468.cbcountry_001", "PH");
Deleted : user_pref("CT3220468.cbfirsttime", "Sun Oct 28 2012 12:26:16 GMT+0800 (China Standard Time)");
Deleted : user_pref("CT3220468.defaultSearch", "FALSE");
Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3220468.enableAlerts", "always");
Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3220468.fixUrls", true);
Deleted : user_pref("CT3220468.installId", "fftF940.tmp.exe");
Deleted : user_pref("CT3220468.installType", "XPE");
Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.isNewTabEnabled", true);
Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Deleted : user_pref("CT3220468.openThankYouPage", "true");
Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Deleted : user_pref("CT3220468.search.searchCount", "0");
Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1351398373399");
Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1351398373083");
Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1351398375040");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1351398388817");
Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1351398375089");
Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1351398370889");
Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1351398366941");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1351398378704");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1351398370576");
Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1351398376938");
Deleted : user_pref("CT3220468.settingsINI", true);
Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Deleted : user_pref("CT3220468.toolbarBornServerTime", "28-10-2012");
Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "28-10-2012");
Deleted : user_pref("CT3220468.toolbarDisabled", "true");

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [13112 octets] - [18/08/2013 11:51:07]

########## EOF - C:\AdwCleaner[S1].txt - [13173 octets] ##########



OTL.txt

OTL logfile created on: 8/18/2013 11:56:17 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eusebio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.49% Memory free
15.90 Gb Paging File | 13.56 Gb Available in Paging File | 85.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 48.62 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 29.95 Gb Free Space | 6.13% Space Free | Partition Type: NTFS
Drive G: | 212.76 Gb Total Space | 104.36 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: EUSEBIO-PC | User Name: Eusebio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/18 11:54:56 | 006,385,197 | ---- | M] () -- C:\Users\Eusebio\AppData\Local\Temp\FkJxeGES6S0.exe
PRC - [2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
PRC - [2013/08/17 03:46:46 | 000,012,800 | ---- | M] (My Organization) -- C:\Users\Eusebio\AppData\Local\Temp\RarSFX1\SystemWideUserIdle.exe
PRC - [2013/07/25 08:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2012/05/03 08:18:26 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/08 03:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/01/27 01:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/01/04 14:13:24 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/14 17:13:02 | 001,117,312 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/05/25 20:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/18 11:54:56 | 006,385,197 | ---- | M] () -- C:\Users\Eusebio\AppData\Local\Temp\FkJxeGES6S0.exe
MOD - [2013/08/15 17:58:51 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d4493b0e5a5c6faf89cfeaa5f2a21034\IAStorUtil.ni.dll
MOD - [2013/08/15 05:07:03 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8dc1c182cd1f10cd2abcfecd01fe9eeb\System.Web.ni.dll
MOD - [2013/08/15 05:07:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:06:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 05:06:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 05:06:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 05:06:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 05:06:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 05:06:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/25 08:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 08:49:45 | 013,599,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
MOD - [2013/07/25 08:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 08:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 08:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 08:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/07/13 10:11:42 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013/07/12 10:54:19 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/17 00:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/17 00:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/17 00:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/17 00:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/17 00:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012/02/13 09:53:06 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/02/09 17:09:38 | 001,118,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2011/12/29 01:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/09/07 23:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/05/01 03:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/17 19:06:28 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/03 10:10:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/09 16:25:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/24 08:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/07/24 07:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/05 16:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/05 16:12:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/09/05 16:12:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/09/05 16:04:51 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/08/23 22:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/04/23 19:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/02/03 21:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/27 01:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 01:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 01:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/09/15 12:33:32 | 000,141,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSumsc.sys -- (ASUSumsc)
DRV:64bit: - [2011/09/15 12:33:32 | 000,024,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSstpt.sys -- (ASUSstpt)
DRV:64bit: - [2011/08/12 18:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/12/21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/12/21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/12/17 06:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/21 11:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 11:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/18 01:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/23 14:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012/07/05 13:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...&ocid=iehp&tc=0
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 52 4A 54 F5 26 CE 01 [binary data]
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.5
FF - prefs.js..extensions.enabledAddons: %7Bbb6bc1bb-f824-4702-90cd-35e2fb24f25d%7D:1.5.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Eusebio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/12/22 20:57:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]

[2012/10/28 10:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Extensions
[2013/08/18 11:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions
[2013/08/03 09:25:09 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2013/05/04 00:50:03 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\[email protected]
[2013/06/23 13:45:17 | 000,350,663 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/05/25 23:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/08/17 19:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 19:06:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: Entanglement = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\

O1 HOSTS File: ([2013/08/18 11:44:19 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [Adobe Auto Updater] C:\Users\Eusebio\AppData\Roaming\Adobe Systems\updater.exe (Adobe Systems)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [Akamai NetSession Interface] C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [CrashHandle] C:\Users\Eusebio\AppData\Local\Temp\RarSFX1\SystemWideUserIdle.exe (My Organization)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE54268-808A-4585-A6F3-D0B00E7ACF15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/05 22:24:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{85cb4b4d-317a-11e2-97e3-10bf4882e263}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/18 11:44:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/17 19:18:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/17 19:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/15 00:48:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/15 00:48:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/15 00:48:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/15 00:48:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/15 00:48:42 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/15 00:48:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/15 00:48:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/15 00:48:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/15 00:48:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/15 00:48:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/15 00:48:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/15 00:48:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/15 00:48:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/15 00:48:40 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/15 00:48:40 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/15 00:36:48 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/15 00:36:48 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/15 00:36:47 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/15 00:36:47 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/15 00:36:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/15 00:36:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/15 00:36:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/15 00:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/15 00:36:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/15 00:36:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/15 00:36:32 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/15 00:36:32 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/15 00:36:32 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/15 00:36:30 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/15 00:36:20 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/15 00:36:20 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/08/10 11:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/08/10 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/08/10 10:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/08/10 10:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/08/10 10:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/08/10 10:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/08/10 10:55:20 | 000,000,000 | ---D | C] -- C:\AMD
[2013/08/10 10:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/08/10 10:03:17 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013/08/08 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\BeamNG
[2013/07/31 04:42:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/24 08:39:22 | 000,157,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2013/07/24 08:39:22 | 000,142,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/07/24 08:39:14 | 000,143,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/07/24 08:39:14 | 000,126,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/07/24 08:39:12 | 000,115,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/07/24 08:39:12 | 000,098,496 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/07/24 08:39:10 | 001,251,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/07/24 08:39:08 | 001,043,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/07/24 08:39:04 | 009,066,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/07/24 08:39:00 | 007,918,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/07/24 08:38:56 | 006,475,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/07/24 08:38:50 | 006,532,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/07/24 08:38:44 | 007,093,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/07/24 08:38:42 | 007,607,720 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/07/24 08:36:40 | 012,721,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/07/24 08:18:56 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/07/24 08:18:50 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/07/24 08:18:46 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/07/24 08:18:40 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/07/24 08:18:24 | 028,193,280 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/07/24 08:16:54 | 000,129,536 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:16:14 | 023,761,408 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 08:04:04 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/07/24 08:03:54 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/07/24 08:03:52 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/07/24 08:03:46 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/07/24 08:03:44 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/07/24 08:03:28 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/07/24 08:00:42 | 025,609,728 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/07/24 08:00:08 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/07/24 07:42:04 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/07/24 07:41:54 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:52 | 021,624,832 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/07/24 07:11:24 | 001,091,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/07/24 07:11:12 | 000,824,320 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/07/24 07:10:54 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/07/24 07:10:44 | 000,100,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/07/24 07:10:36 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/07/24 07:10:26 | 000,617,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/07/24 07:08:14 | 000,095,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013/07/24 07:08:10 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013/07/24 07:08:00 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013/07/24 07:07:56 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2013/07/24 07:06:48 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll

========== Files - Modified Within 30 Days ==========

[2013/08/18 11:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/18 11:53:29 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 11:53:25 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock
[2013/08/18 11:53:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/18 11:53:16 | 2105,982,975 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/18 11:52:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 11:52:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 11:50:39 | 000,795,870 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/18 11:50:39 | 000,671,268 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/18 11:50:39 | 000,126,290 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/18 11:48:49 | 000,666,633 | ---- | M] () -- C:\Users\Eusebio\Desktop\adwcleaner.exe
[2013/08/18 11:44:19 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/08/18 11:43:03 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/16 08:49:37 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:59:14 | 000,787,992 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/10 10:03:17 | 000,001,090 | ---- | M] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/08/03 10:10:03 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/03 10:10:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/01 08:44:39 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/26 13:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/26 13:12:27 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/26 13:12:08 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/26 13:12:08 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/26 13:12:04 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/26 13:12:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/26 13:12:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/26 13:12:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/26 11:12:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/26 11:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/26 11:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/26 11:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/26 11:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/26 10:39:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/26 09:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/25 17:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/25 16:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/24 16:11:56 | 008,946,257 | R--- | M] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:39:22 | 000,157,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2013/07/24 08:39:22 | 000,142,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/07/24 08:39:14 | 000,143,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/07/24 08:39:14 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/07/24 08:39:12 | 000,115,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/07/24 08:39:12 | 000,098,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/07/24 08:39:10 | 001,251,120 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/07/24 08:39:08 | 001,043,000 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/07/24 08:39:04 | 009,066,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/07/24 08:39:00 | 007,918,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/07/24 08:38:56 | 006,475,232 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/07/24 08:38:50 | 006,532,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/07/24 08:38:44 | 007,093,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/07/24 08:38:42 | 007,607,720 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/07/24 08:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/07/24 08:19:12 | 000,229,376 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:18:56 | 000,098,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/07/24 08:18:50 | 000,083,456 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/07/24 08:18:46 | 000,086,528 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/07/24 08:18:40 | 000,073,216 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/07/24 08:18:24 | 028,193,280 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/07/24 08:16:54 | 000,129,536 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:16:14 | 023,761,408 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 08:04:04 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/07/24 08:03:54 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/07/24 08:03:52 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/07/24 08:03:46 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/07/24 08:03:44 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/07/24 08:03:28 | 015,716,352 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/07/24 08:00:42 | 025,609,728 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/07/24 08:00:08 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/07/24 07:42:04 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/07/24 07:41:54 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:52 | 021,624,832 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/07/24 07:25:40 | 003,399,312 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/24 07:11:24 | 001,091,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/07/24 07:11:12 | 000,824,320 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/07/24 07:10:54 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/07/24 07:10:44 | 000,100,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/07/24 07:10:36 | 000,096,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/07/24 07:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/07/24 07:08:14 | 000,095,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013/07/24 07:08:10 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013/07/24 07:08:00 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013/07/24 07:07:56 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2013/07/24 07:06:48 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/07/23 20:29:08 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | M] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== Files Created - No Company Name ==========

[2013/08/18 11:53:25 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock
[2013/08/18 11:48:27 | 000,666,633 | ---- | C] () -- C:\Users\Eusebio\Desktop\adwcleaner.exe
[2013/08/16 08:49:37 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:03:17 | 000,001,090 | ---- | C] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/07/24 16:15:00 | 008,946,257 | R--- | C] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:19:12 | 000,229,376 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 07:25:40 | 003,399,312 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/23 20:29:08 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/05/12 19:48:08 | 000,033,540 | ---- | C] () -- C:\Windows\SysWow64\CoreFLACDecoder-uninstall.exe
[2013/04/13 22:03:38 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_2202.html
[2013/04/13 00:09:18 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_0009.html
[2013/04/13 00:02:58 | 001,065,984 | ---- | C] () -- C:\Users\Eusebio\AppData\Local\file__0.localstorage
[2013/03/29 10:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/29 10:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/23 21:33:21 | 004,762,752 | ---- | C] () -- C:\Windows\PE_File.dll
[2012/12/30 21:39:58 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012/12/30 21:39:58 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012/12/10 23:46:25 | 000,000,132 | ---- | C] () -- C:\Users\Eusebio\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/12/08 12:55:41 | 000,000,023 | ---- | C] () -- C:\Windows\My Settings.ini
[2012/12/06 19:51:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/11/27 00:01:51 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012/11/27 00:01:44 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012/11/27 00:01:44 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012/11/03 19:55:06 | 004,924,048 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2012/10/27 18:37:38 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/10/27 18:37:37 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/10/27 17:37:51 | 000,047,091 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/10/27 17:36:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/27 17:36:04 | 000,034,501 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/10/27 17:25:51 | 000,787,992 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/09/29 03:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/02/02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/13 06:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 13:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 12:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 21:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 21:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 21:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/14 09:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 13:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/14 09:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/21 11:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/21 11:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2012/09/05 16:03:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/14 09:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/14 09:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/09/05 16:06:58 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 13:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 12:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/21 11:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/21 11:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/21 11:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/09/05 16:02:09 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/14 09:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/14 09:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/14 09:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/14 09:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/21 11:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/14 09:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/14 09:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/14 09:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/14 09:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/14 09:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/04 01:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/14 09:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/09/05 16:07:46 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/09/05 16:10:38 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2012/09/05 16:03:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/14 09:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/21 11:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/21 11:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/21 11:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2012/09/05 16:03:53 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/14 09:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/21 11:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/21 11:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/21 11:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/21 11:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/21 11:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/21 11:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/14 09:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/09/05 16:11:16 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/21 11:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/21 11:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/21 11:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/21 11:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/21 11:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/21 11:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/21 11:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/21 11:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/21 11:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2012/08/21 21:09:40 | 000,219,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/03 06:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/21 11:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/14 09:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/21 11:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< End of report >


Extras.txt

OTL Extras logfile created on: 8/18/2013 11:56:17 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eusebio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 75.49% Memory free
15.90 Gb Paging File | 13.56 Gb Available in Paging File | 85.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 48.62 Gb Free Space | 24.90% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 29.95 Gb Free Space | 6.13% Space Free | Partition Type: NTFS
Drive G: | 212.76 Gb Total Space | 104.36 Gb Free Space | 49.05% Space Free | Partition Type: NTFS

Computer Name: EUSEBIO-PC | User Name: Eusebio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0325AA32-A001-4BB7-AD4E-37B3004071CA}" = rport=139 | protocol=6 | dir=out | app=system |
"{0D641C9F-B1C7-4AD6-AEAA-81AA107C2CE0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0DD47E73-DC71-481E-96B6-3351E1F69D7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{108E297C-4B2C-4DB1-A7D6-59CACC97041B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{18CF8B59-8B53-4C5F-B71D-3ADD19F411DF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2211E122-0120-43B0-8EB5-9146A55E1C27}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{228BA503-15C1-4894-9EA8-C305ABBDABFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2478B02C-8AA3-477E-A4D0-ABA563AD31A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DB31352-6F47-4A2F-86CE-269F65F2AA1D}" = rport=138 | protocol=17 | dir=out | app=system |
"{31B7F526-6CD0-49E2-8B13-762BB75F2E48}" = lport=138 | protocol=17 | dir=in | app=system |
"{326FDEBC-6FEA-4862-9B84-1B5BA6C59CED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D071ED4-913F-4DD4-AF46-06DFD3786418}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B498BD9-4771-4F9C-9C29-F060E0250A9F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7F93FE50-E793-44B9-9FF1-00DA88779E4D}" = rport=137 | protocol=17 | dir=out | app=system |
"{9ECF9CDB-AC9C-43C8-9809-C2157D1495A2}" = lport=50712 | protocol=17 | dir=in | name=vuze udp |
"{A99B0D08-F141-4246-9863-22AF76AB66C8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A9A3D0D9-EC15-43F3-ABC3-1061354B3135}" = lport=137 | protocol=17 | dir=in | app=system |
"{ACAA00AC-F0AE-4B9E-80B1-E93B4C408C0A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B3F1F302-7B1D-4566-B9B7-8FC26B18905A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BD0AEE41-FB47-4C2E-B8D7-ED0294705A26}" = rport=50712 | protocol=6 | dir=out | name=vuze |
"{BF0BB083-F78B-464B-BEA6-1390B88CC307}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BFB14D34-70DA-4ED3-B886-D49F44B4A722}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C69DF4CE-F9A6-4952-BA41-17E61EE3BEE4}" = lport=139 | protocol=6 | dir=in | app=system |
"{D26EA49B-D565-4948-B5E3-CB8B2D2CB0AA}" = rport=50712 | protocol=17 | dir=out | name=vuze udp |
"{E0A3B5D4-6CC4-4858-AB0C-1B256C31412B}" = lport=50712 | protocol=6 | dir=in | name=vuze tcp |
"{FDC52FD2-E29F-4022-B530-C767C2AC08F7}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CFDE7C-C19E-46A7-9F6D-FFBD3802F8F8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{15AB11FC-3863-4815-AE95-335C7C3FF3D3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{18ECD4A0-F8AF-4EA0-8224-AC629EFD3D64}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{1D41E8AC-5B3A-4D88-9DC2-B113D1A903FD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1F0CB5D3-5ABE-402F-9310-1DC1599AC4E0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1FEEDF75-1199-497E-8495-B831B6523683}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{21441B76-4ED6-403B-8938-D1266E279FE5}" = protocol=6 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steam.exe |
"{236E89CA-31B3-4454-8101-D9F38C1CE57A}" = protocol=6 | dir=out | name=torrent tcp |
"{2CA8FF87-CD00-4D59-97CE-651C9BD7A2A8}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{320C84D8-3AC6-4C57-B77B-6580E2DD5245}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{34582ED3-81BB-4F63-9B28-DC5070D37111}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{36E1A03C-E2E2-46DE-9D7A-0C35E4A4BA4A}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3C67EB7D-D36A-41D7-92E4-87AC669A5835}" = dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"{3D7162C8-28C8-40E0-955E-F9B7077B2B9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{40B197C0-16CC-444F-BFBF-FB5955CF243C}" = dir=in | app=%programfiles% (x86)\l.a. noire\lanoire.exe |
"{465FECA8-E805-441A-9C08-00029F31C5F5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{49D9BE36-50F2-4294-8052-A7DE9EB1E58E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C38F4CD-0865-4BA5-84DB-5D4E68136252}" = protocol=6 | dir=in | name=torrent |
"{4F936020-F6D5-46AC-AC95-26685C685E2B}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{4FD762E1-045C-42FC-8138-27C75140276C}" = dir=out | app=d:\programs\games\assassin's creed revelations\ac revelations\acrsp.exe |
"{58755355-70D8-41E9-B344-CDF28E5F9A2B}" = protocol=1 | dir=in | [email protected],-28543 |
"{5A397AC1-7F03-48C9-872D-4A69FA38356C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{5E2C7B0E-0C09-41A5-BBAE-B1FEE117118A}" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii.exe |
"{5F92752C-FF0C-4B6A-9798-982D46A9537D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{61984DB0-5E8D-46DA-9056-4A9B5129727A}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{69A10275-CA2E-4013-AF04-AB79FD9D5712}" = dir=in | app=%programfiles% (x86)\rockstar games\social club\renderer.exe |
"{6C349C9D-E489-47CE-A887-5B20534D444C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A56FB53-DC4B-4BD8-92E3-6E1E244F53E4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7CC90994-B5BE-4899-8E83-432FFD916B4A}" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii public test.exe |
"{811D4816-6D56-4F90-B3DF-1C89173FF5E5}" = dir=in | app=d:\programs\games\assassin's creed revelations\ac revelations\acrsp.exe |
"{838CC7A2-58E3-484F-910F-9EFE901D2DF5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8393B6A6-191A-4456-BFB6-363BA9C66F58}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{83B90544-90F6-42A2-8BCB-A5603641FFB2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{877488AE-B099-4480-B5B8-05DF4578A499}" = protocol=17 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steam.exe |
"{8959C473-79DD-46C8-8EF9-C8F6B0EE1792}" = dir=out | app=%programfiles% (x86)\l.a. noire\lanlauncher.exe |
"{8D972AC6-CEB7-404F-A29A-AD8CB4FCA054}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8E5BF528-665E-438D-B4E7-F9FC7F121782}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8F0C1C81-33A5-4BCC-B793-403C1DD8C2B2}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{92C48DE3-41F5-450E-BE67-8BDFF141C100}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94D72792-59D8-4887-A0E6-14544A480694}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{96EF129B-F923-4718-ABC2-06DE58CD3A7F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{A85DC25C-E536-40C7-96F0-DA1127D84B32}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{AA1206E9-35FA-4CB6-BD7F-3B53A3ED90AB}" = protocol=17 | dir=out | name=torrent udp |
"{AF00F344-7211-4AC9-A764-CD3755033EEB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AFEB2F43-FCE8-4138-B408-B2431633EDE9}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{AFF0D497-4EA7-4A00-A282-5321D6DD840D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0A01B52-3181-49A2-809A-BF6190635E50}" = protocol=17 | dir=in | name=torrentudp |
"{B249BDD4-DC0A-4DBF-A591-1C7E6BE6C035}" = dir=out | app=%programfiles% (x86)\rockstar games\social club\renderer.exe |
"{B70A8AD1-93EC-4B11-B0E4-BD21D0FD7E97}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{B7C2399E-2E57-4C61-9463-47FFDD37154D}" = dir=in | app=%programfiles% (x86)\l.a. noire\lanlauncher.exe |
"{B8B8CAA1-D3EF-4D2A-A379-2D0961FBEA8A}" = dir=out | app=d:\programs\games\max payne 3\playmaxpayne3.exe |
"{BCB16229-2B9A-4639-B8F6-84EEFB70DF1B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{C0C80FE6-60D7-4162-95B5-662FEB9EAA64}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C55F423F-124E-4E95-9572-35E79DDFAB23}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{C9121E82-BA27-441D-B532-01D11A450FB0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CECC56DD-315F-44C7-B469-A56E2DF43FDA}" = protocol=6 | dir=out | app=system |
"{D15E6B54-232A-442C-970D-6B54A27FC169}" = dir=out | app=d:\programs\games\max payne 3\maxpayne3.exe |
"{D3D9A585-3806-4008-B7A5-AE26C0E11A89}" = protocol=17 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{D70EA73D-E995-416A-91F8-3A31F6634D1C}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{D746E14D-29B8-48ED-8EB0-5562CAD4A85C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{DB7E05D3-F44F-4AE5-8E13-49E7AF98C432}" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii public test.exe |
"{DE4C433E-EF17-46CC-B8B2-069784D680E4}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{DE893AB9-8F05-403A-80DD-A258AA5025E6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2B4E63F-A2CF-4FD9-9440-E21EF857B2AB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E4560103-F595-4383-BBEC-47E441D267FC}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{E664B048-E89D-413F-A42D-3C4108CB8D3B}" = protocol=58 | dir=out | [email protected],-28546 |
"{E6D49408-D96E-49CA-87D1-4511FAED2FDC}" = protocol=6 | dir=in | app=c:\program files (x86)\codemeter\runtime\bin\codemeter.exe |
"{E9C7C5C3-65B9-4895-B4E3-96D6179C4F55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F24EED46-5558-40F5-A38C-62BC2036A16D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{F5480A97-73AB-4B2A-B063-69F7CF158159}" = dir=in | app=d:\programs\games\max payne 3\playmaxpayne3.exe |
"{F56A719E-F81F-458C-8691-0C181C12FFF7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F67A444F-C1F5-4074-8C55-0BBB1AAA7FDA}" = dir=out | app=%programfiles% (x86)\l.a. noire\lanoire.exe |
"{F96713BB-CEB5-48E3-89B3-49BCCDD134EB}" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\starcraft ii.exe |
"{FA237F94-A400-4E7E-AA01-96FA00A73658}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{FA5A2A5B-7633-4C6D-BCC9-7B739982C749}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{FB696AE3-E846-4327-9948-B8D1C6C7AF2D}" = protocol=1 | dir=out | [email protected],-28544 |
"{FC166C1E-2D8D-47EB-B34C-7500E89E954A}" = protocol=58 | dir=in | [email protected],-28545 |
"{FCF542FE-763A-48DD-A665-020E4E1BDB1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0361C49E-8A1E-46CF-978A-70C2D5D8F5CD}C:\program files (x86)\games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\games\crysis 2\bin32\crysis2.exe |
"TCP Query User{1F2CA33D-878F-4AA7-ACC8-85F85B4EE37D}C:\program files (x86)\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files (x86)\magictune premium\magictune.exe |
"TCP Query User{204E6A62-35AC-402D-856D-C45444725343}D:\programs\games\nba2k10\nba2k10.exe" = protocol=6 | dir=in | app=d:\programs\games\nba2k10\nba2k10.exe |
"TCP Query User{2E10E0BF-D804-4D1A-9689-5AFFECC22965}D:\programs\games\pba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=d:\programs\games\pba 2k12\nba2k12.exe |
"TCP Query User{3230E037-ED80-463E-B2B5-5E49DC143173}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"TCP Query User{36F934A1-C9F5-4826-B687-C453F27F3D18}D:\programs\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\programs\dmc\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{3E5EA936-15A9-4B41-91C5-231B99FF960C}D:\programs\games\starcraft ii\versions\base23260\sc2.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\versions\base23260\sc2.exe |
"TCP Query User{40768EF9-2D3D-40BE-ADE7-9238D7D3EA72}D:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe |
"TCP Query User{55E39D95-DDD1-4C0D-A4C2-91F38E01C2F7}C:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe |
"TCP Query User{56A75C34-B8AC-4D38-8EB1-6555A931A1A9}D:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"TCP Query User{64C1C539-7A3B-40B4-AA84-2555A2EC8212}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"TCP Query User{6D8DC948-04FB-43A9-90BD-9D20C4CE9152}C:\users\eusebio\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\eusebio\appdata\local\akamai\netsession_win.exe |
"TCP Query User{71B278EC-0DD3-4E27-8A36-21996A7A94EC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{73A1C2FC-CDD8-486D-8E20-B2350C39E7C5}C:\program files\magictune premium\magictune.exe" = protocol=6 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"TCP Query User{7AA6570A-0551-472C-A90B-6E5B1D9AEE8B}D:\programs\games\dead space 2\dead space 2\deadspace2.exe" = protocol=6 | dir=in | app=d:\programs\games\dead space 2\dead space 2\deadspace2.exe |
"TCP Query User{7BF6B363-F402-4653-BB93-40BF420267BF}D:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe" = protocol=6 | dir=in | app=d:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe |
"TCP Query User{8C66DCB7-6DD5-4566-A7E8-DB8B37FF4D36}D:\programs\games\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"TCP Query User{9540AFA1-D144-4A7F-917C-FC0778451B1A}D:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=6 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"TCP Query User{A54578E4-D3D9-494B-BEF1-AC9E998F4BAD}D:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe |
"TCP Query User{B62BEDCF-D78E-4383-BF52-1509403F807D}H:\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=h:\max payne 3\maxpayne3.exe |
"TCP Query User{C052087C-930F-412A-8FCF-2C46314A66D8}D:\programs\games\dota game\war3.exe" = protocol=6 | dir=in | app=d:\programs\games\dota game\war3.exe |
"TCP Query User{CF5B5903-241D-4D6E-BD49-8D7908E4D043}D:\programs\games\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=d:\programs\games\crysis 2\bin32\crysis2.exe |
"TCP Query User{D7E8EA3D-7622-4B2F-B676-B284790B8313}D:\programs\games\sierra\half-life\hl.exe" = protocol=6 | dir=in | app=d:\programs\games\sierra\half-life\hl.exe |
"TCP Query User{DC129208-E2A8-4825-A816-2255BF8380C6}D:\programs\games\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=d:\programs\games\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{E139736E-1A39-4794-BBC8-0CBDFF70CF25}D:\programs\games\nba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=d:\programs\games\nba 2k12\nba2k12.exe |
"TCP Query User{FAF8085C-19E9-402D-91B6-B44794605B5A}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{061DFF55-CF4B-41E8-8FB1-94E405DC572E}D:\programs\games\nba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=d:\programs\games\nba 2k12\nba2k12.exe |
"UDP Query User{0B999057-9AF2-4DB2-B12A-8D6441242DD5}C:\users\eusebio\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\local\akamai\netsession_win.exe |
"UDP Query User{124A0DA4-E99D-4D19-A08A-36EBD8943FC9}C:\program files (x86)\games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\games\crysis 2\bin32\crysis2.exe |
"UDP Query User{19C7CDB6-83B4-4E52-AB92-96C2D1E68E6F}D:\programs\games\sierra\half-life\hl.exe" = protocol=17 | dir=in | app=d:\programs\games\sierra\half-life\hl.exe |
"UDP Query User{1B3F8149-43BC-49C5-B959-0A79C3E0F8D0}D:\programs\games\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\support\blizzarddownloader.exe |
"UDP Query User{2A2CE279-6CF8-498A-B399-D9C199CF8543}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{2FDB033D-00A8-4A2D-A8C4-9C84A436142D}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"UDP Query User{3B9FBCE7-0921-4736-98BD-C5DCDE779620}C:\program files\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files\magictune premium\magictune.exe |
"UDP Query User{3FA34C2B-5BFB-4191-9786-56C9A9C4EE1C}C:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\games\left4dead2\left4dead 2\left4dead2.exe |
"UDP Query User{69D72C3D-09CB-4CA6-9401-CBF2721F05A7}D:\programs\games\pba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=d:\programs\games\pba 2k12\nba2k12.exe |
"UDP Query User{85478DD1-F7EE-4A02-8FD6-36771BF2C7E6}D:\programs\games\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=d:\programs\games\crysis 2\bin32\crysis2.exe |
"UDP Query User{8DD20453-6182-4BB8-B30A-3ED6C0EEFD1A}H:\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=h:\max payne 3\maxpayne3.exe |
"UDP Query User{91E2D004-73A9-4C76-A0CF-AA7C6FB324AE}D:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\programs\games\the.witcher.2.assassins.of.kings.enhanced.editon-kaos\bin\witcher2.exe |
"UDP Query User{9A99B280-F250-4954-9A8E-6ABCDA835E6F}D:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\programs\games\the witcher 2 assassins of kings\bin\witcher2.exe |
"UDP Query User{B02AE185-BC1F-427F-B70D-58A1BC6E9F44}D:\programs\games\nba2k10\nba2k10.exe" = protocol=17 | dir=in | app=d:\programs\games\nba2k10\nba2k10.exe |
"UDP Query User{B723C8C2-0B37-41F9-8F38-96B7922D4356}D:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{BC5E0EC8-547A-4E99-8AC4-E35836E1CC96}D:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\programs\games\dmc.devil.may.cry-kaos\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{BDC99BCF-2588-4EDE-8F78-368B443C9A90}D:\programs\games\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=d:\programs\games\max payne 3\maxpayne3.exe |
"UDP Query User{C7078E82-F387-49A1-86F8-AEF34137786A}D:\programs\dmc\binaries\win32\dmc-devilmaycry.exe" = protocol=17 | dir=in | app=d:\programs\dmc\binaries\win32\dmc-devilmaycry.exe |
"UDP Query User{C7383732-75DC-46E8-990D-027901AD5A29}C:\users\eusebio\appdata\roaming\adobe systems\updater.exe" = protocol=17 | dir=in | app=c:\users\eusebio\appdata\roaming\adobe systems\updater.exe |
"UDP Query User{CC4D8423-1176-4B31-92A0-45580BC6BE2F}D:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe" = protocol=17 | dir=in | app=d:\programs\games\counter-strike_global_offensive_(csgo)_no-steam\4games - csgo\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"UDP Query User{CF8B731D-B118-44B9-869D-FAACCBB750C1}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{D8F29B1D-6D69-45C4-A14A-15B5CE2C5956}D:\programs\games\dead space 2\dead space 2\deadspace2.exe" = protocol=17 | dir=in | app=d:\programs\games\dead space 2\dead space 2\deadspace2.exe |
"UDP Query User{EE344FA4-5928-437E-9534-3096DEB3BFBB}D:\programs\games\starcraft ii\versions\base23260\sc2.exe" = protocol=17 | dir=in | app=d:\programs\games\starcraft ii\versions\base23260\sc2.exe |
"UDP Query User{F12539B7-8DA2-4D84-BF56-590C1E785AF7}C:\program files (x86)\magictune premium\magictune.exe" = protocol=17 | dir=in | app=c:\program files (x86)\magictune premium\magictune.exe |
"UDP Query User{FA590EA3-2263-4739-B137-82748CF7852C}D:\programs\games\dota game\war3.exe" = protocol=17 | dir=in | app=d:\programs\games\dota game\war3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_E510_series" = Canon E510 series MP Drivers
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EB96857-04FC-3A67-6E29-6914FB78CB90}" = AMD Accelerated Video Transcoding
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A39ED00-7650-A60F-F7E3-A1C3F1D4C34E}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-D028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2014
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7FCDABCC-1A1E-4D61-909D-BA9495172774}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A2199A06-89C4-4187-AA4A-3A9676FB799D}" = SlimDX Runtime .NET 4.0 x64 (January 2012)
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C068588D-7275-E9E0-9158-2D57BA13FDFD}" = AMD Wireless Display v3.0
"{C0D93E4E-0866-43C8-A104-BF41A803EA84}" = ESET Smart Security
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E9897E08-46FA-A07E-B332-1515AAB356F4}" = AMD Catalyst Install Manager
"{F2454C2A-0344-5442-3418-CB6C1A3D6A07}" = AMD Drag and Drop Transcoding
"{F60D5FAB-2C7B-A299-F839-05A7F7D9CE2C}" = ccc-utility64
"8461-7759-5462-8226" = Vuze
"Blender" = Blender
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.21
"DWG TrueView 2014" = Autodesk DWG TrueView 2014
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014A2868-BE56-4888-A16C-693989B8F153}" = SlimDX Runtime .NET 2.0 (January 2012)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.114.08260
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A4C46F0-1DCE-B7FF-753E-1BFFD38CAD11}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28E3970E-5D53-A59D-84B6-B2BB7637553A}" = Catalyst Control Center Localization All
"{2B5F894F-A9A9-4416-BD22-435A4675180E}_is1" = L.A. Noire version 1.0
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{31EF3584-9232-F8F4-4BAD-EED7653090D3}" = CCC Help Turkish
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{355E39A9-6C8E-CB2A-1210-F39569A625EC}" = CCC Help Swedish
"{37D591EF-B8C0-435B-B3A5-D8A707B93F2F}_is1" = «Sleeping Dogs»
"{3CF111C7-92E1-AD47-B521-A153921D0FE3}" = CCC Help Dutch
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{408B1AE6-D09B-74DE-A38B-96B74CCECC34}" = CCC Help Hungarian
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}_is1" = Crysis 3 Fix verze 1.0.0.1
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48614A23-EF39-FA3B-BA1C-115F83993B19}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}" = NVIDIA Photoshop Plug-ins 64 bit
"{5E57EF20-E146-9911-8AAE-E6665AE0B536}" = AMD Catalyst Control Center
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A59840D-8F35-A994-427B-822314E81AAF}" = CCC Help Chinese Traditional
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{7B228E0D-FFB9-A3D0-42C4-1A90D9286F8E}" = CCC Help Japanese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8D0D61A4-B3DE-CBB6-7425-C2BB4D8D8C1A}" = CCC Help English
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90157C5D-D791-4D36-8C2B-7553DC01D601}" = ASUS VGA Driver
"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92F39985-0DA5-4CC4-869F-2A3048C182E6}" = System Requirements Lab
"{96903DF6-228F-4ED6-660B-956DE8D43981}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B798FEC-837B-84BF-D690-D4D5EC1CBD53}" = CCC Help Italian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{B4A3B8BE-4953-064E-E1FD-8D3AFCF58A07}" = CCC Help Chinese Standard
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B810D852-DFD6-CRY3-89A5-CC4D47756DAF}_is1" = Crysis 3 version 5.1
"{BA362E17-3164-CFA3-A1D7-A8CECB20D56C}" = Catalyst Control Center Graphics Previews Common
"{BB939DE5-2680-3FE2-5B4F-C40629336C08}" = CCC Help French
"{BE3359DF-E0AF-E1D7-FEBF-63D4D3729CC5}" = CCC Help Polish
"{BFE8FCC5-B9FE-39A2-B062-678A4D98D7CA}" = CCC Help Finnish
"{C14B79C1-2D2F-BCEB-8F25-49D91A6B2324}" = CCC Help German
"{C86A5731-2E91-63FF-14A3-1BB7FEEF9B6F}" = CCC Help Danish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3BEFB-1514-6F68-64B5-03F83735A240}" = CCC Help Korean
"{CE8AA8D6-2186-5551-EC7F-E94919D166A6}" = CCC Help Norwegian
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3DF3D05-DE2A-476A-A384-08FCD58D9FE7}" = USB Game Controller
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EC1CBFB4-E22A-D856-31A7-665CFCC2C116}" = CCC Help Greek
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.108
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5460185-E398-6A00-2ABF-3194D03C30EA}" = CCC Help Thai
"{F8360AF1-47D9-2A5C-558A-ED6F01511C71}" = Catalyst Control Center InstallProxy
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB2EEC93-63C4-9734-FA07-D840E0219040}" = CCC Help Czech
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Afterburner" = MSI Afterburner 2.3.1
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.60
"Canon E510 series On-screen Manual" = Canon E510 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CoreFLAC Audio Decoder+Source Filter" = CoreFLAC Audio Decoder+Source Filter (remove only)
"EasyBCD" = EasyBCD 2.2
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"File Splitter and Joiner_is1" = File Splitter and Joiner (FFSJ v3.3)
"Fraps" = Fraps
"FreeArc" = FreeArc 0.666
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Internet Download Manager" = Internet Download Manager
"IObit Malware Fighter_is1" = IObit Malware Fighter
"L.A Noire_is1" = L.A. Noire Update v1.3.2613
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"Rockstar Games Social Club" = Rockstar Games Social Club
"Smart Defrag 2_is1" = Smart Defrag 2
"StarCraft II" = StarCraft II
"Stellar Phoenix Zip Recovery v1.0_is1" = Stellar Phoenix Zip Recovery v1.0
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Tomb Raider_R.G. Mechanics_is1" = Tomb Raider
"Total Video Converter 3.71_is1" = Total Video Converter 3.71 100812
"TUGZip_is1" = TUGZip 3.5
"Unigine Valley Benchmark_is1" = Unigine Valley Benchmark version 1.0
"Universal Extractor_is1" = Universal Extractor 1.6.1
"Update Engine" = Sony Ericsson Update Engine
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"WavePad" = WavePad Sound Editor
"WinToFlash Suggestor" = WinToFlash Suggestor
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Chikka Messenger" = Chikka Messenger
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/23/2013 9:46:58 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/23/2013 11:52:14 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 12:02:37 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 3:37:22 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 8:37:06 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/24/2013 11:14:25 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/25/2013 11:16:18 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/26/2013 4:18:35 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/26/2013 10:32:52 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/27/2013 10:38:16 PM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/28/2013 7:23:03 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/28/2013 7:43:07 AM | Computer Name = Eusebio-PC | Source = MsiInstaller | ID = 1013
Description =

Error - 7/29/2013 5:15:36 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

Error - 7/29/2013 11:52:24 AM | Computer Name = Eusebio-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Event filter with query "SELECT * FROM __InstanceModificationEvent
WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
> 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003.
Events cannot be delivered through this filter until the problem is corrected.

[ Media Center Events ]
Error - 12/1/2012 8:32:17 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 8:32:13 PM - Error connecting to the internet. 8:32:13 PM - Unable
to contact server..

Error - 12/12/2012 7:00:16 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 7:00:16 PM - Error connecting to the internet. 7:00:16 PM - Unable
to contact server..

Error - 12/12/2012 7:00:24 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 7:00:21 PM - Error connecting to the internet. 7:00:21 PM - Unable
to contact server..

Error - 12/19/2012 12:02:50 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:02:46 PM - Error connecting to the internet. 12:02:46 PM - Unable
to contact server..

Error - 12/19/2012 1:03:00 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 1:02:57 PM - Error connecting to the internet. 1:02:57 PM - Unable
to contact server..

Error - 12/23/2012 12:52:37 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:52:32 PM - Error connecting to the internet. 12:52:32 PM - Unable
to contact server..

Error - 12/23/2012 1:53:09 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 1:53:08 PM - Error connecting to the internet. 1:53:08 PM - Unable
to contact server..

Error - 12/24/2012 12:06:52 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 12:06:49 PM - Error connecting to the internet. 12:06:49 PM - Unable
to contact server..

Error - 12/24/2012 9:29:59 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 9:29:58 PM - Error connecting to the internet. 9:29:58 PM - Unable
to contact server..

Error - 12/24/2012 9:30:48 AM | Computer Name = Eusebio-PC | Source = MCUpdate | ID = 0
Description = 9:30:46 PM - Error connecting to the internet. 9:30:46 PM - Unable
to contact server..

[ System Events ]
Error - 8/4/2013 10:42:37 AM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/9/2013 10:31:38 PM | Computer Name = Eusebio-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:29:57 AM on ?8/?10/?2013 was unexpected.

Error - 8/10/2013 8:34:10 AM | Computer Name = Eusebio-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:17:53 PM on ?8/?10/?2013 was unexpected.

Error - 8/12/2013 1:36:56 PM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/12/2013 1:38:02 PM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 8/12/2013 1:38:14 PM | Computer Name = Eusebio-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the CodeMeter.exe service.

Error - 8/12/2013 7:42:14 PM | Computer Name = Eusebio-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/15/2013 8:50:09 PM | Computer Name = Eusebio-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 8/17/2013 12:19:12 PM | Computer Name = Eusebio-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.

Error - 8/17/2013 11:44:14 PM | Computer Name = Eusebio-PC | Source = Service Control Manager | ID = 7034
Description = The Advanced SystemCare Service 6 service terminated unexpectedly.
It has done this 1 time(s).


< End of report >
  • 0

#6
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Please, follow these steps:

Step 1. OTL fix.

  • Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [Adobe Auto Updater] C:\Users\Eusebio\AppData\Roaming\Adobe Systems\updater.exe (Adobe Systems)
    O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [CrashHandle] C:\Users\Eusebio\AppData\Local\Temp\RarSFX1\SystemWideUserIdle.exe (My Organization)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    
    :Files
    C:\Users\Eusebio\AppData\Roaming\Adobe Systems
    C:\Users\Eusebio\AppData\Local\Temp\RarSFX1
    
    :Commands
    [EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
Step 2. AdwCleaner scan.

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on the Delete button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.
After reboot:

  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • AdwCleaner window should appear.
  • Click on the Search button.
  • After scan Notepad window with report should appear. Post the contents of the report in your next message.
Step 3. OTL scan.

  • Run OTL.
  • Click on Scan All Users checkbox, which is located near Quick Scan button.
  • Then click the Run Scan button at the top.
  • Let the program run unhindered.
  • When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post them in your topic.
So, please, don't forget to post in your next message:

  • AdwCleaner log
  • OTL.txt

  • 0

#7
javacookies

javacookies

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
AdwCleaner.log

# AdwCleaner v2.306 - Logfile created 08/18/2013 at 22:33:29
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Eusebio - EUSEBIO-PC
# Boot Mode : Normal
# Running from : C:\Users\Eusebio\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0.1 (en-US)

File : C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [817 octets] - [18/08/2013 22:33:29]
AdwCleaner[S1].txt - [13239 octets] - [18/08/2013 11:51:07]
AdwCleaner[S2].txt - [1005 octets] - [18/08/2013 22:28:49]

########## EOF - C:\AdwCleaner[R1].txt - [997 octets] ##########


OTL.txt

OTL logfile created on: 8/18/2013 10:34:51 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Eusebio\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.36 Gb Available Physical Memory | 67.42% Memory free
15.90 Gb Paging File | 13.03 Gb Available in Paging File | 81.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195.21 Gb Total Space | 50.95 Gb Free Space | 26.10% Space Free | Partition Type: NTFS
Drive D: | 488.28 Gb Total Space | 45.03 Gb Free Space | 9.22% Space Free | Partition Type: NTFS
Drive G: | 212.76 Gb Total Space | 118.64 Gb Free Space | 55.76% Space Free | Partition Type: NTFS

Computer Name: EUSEBIO-PC | User Name: Eusebio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
PRC - [2013/07/25 08:49:49 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/05 01:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
PRC - [2012/05/03 08:18:26 | 003,487,128 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/02/08 03:10:34 | 001,111,680 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/01/27 01:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2012/01/04 14:13:24 | 001,256,576 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 20:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/11/14 17:13:02 | 001,117,312 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011/10/31 09:57:48 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/11/26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010/05/25 20:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/15 17:58:51 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d4493b0e5a5c6faf89cfeaa5f2a21034\IAStorUtil.ni.dll
MOD - [2013/08/15 05:07:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e06dbdafb38c38517aef61ac41e2fd9d\System.Runtime.Remoting.ni.dll
MOD - [2013/08/15 05:06:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/15 05:06:46 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 05:06:44 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 05:06:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/15 05:06:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1f6f220f9efe936d1158c79b9d4b451f\WindowsBase.ni.dll
MOD - [2013/08/15 05:06:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/25 08:49:46 | 000,396,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppgooglenaclpluginchrome.dll
MOD - [2013/07/25 08:49:44 | 004,052,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
MOD - [2013/07/25 08:48:54 | 000,601,552 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libglesv2.dll
MOD - [2013/07/25 08:48:53 | 000,123,344 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\libegl.dll
MOD - [2013/07/25 08:48:51 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ffmpegsumo.dll
MOD - [2013/07/13 10:11:42 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013/07/12 10:54:19 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/23 14:12:40 | 000,425,016 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2013/01/17 00:01:08 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2013/01/17 00:01:06 | 000,348,160 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2013/01/17 00:01:00 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2013/01/17 00:00:58 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2013/01/17 00:00:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012/02/13 09:53:06 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/02/10 11:29:44 | 001,047,040 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2012/02/09 17:09:38 | 001,118,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
MOD - [2011/12/29 20:45:12 | 001,296,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2011/12/29 01:13:20 | 000,043,520 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 19:36:24 | 000,869,376 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/20 18:11:28 | 000,985,600 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/09/07 23:23:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/05/01 03:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/23 10:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 13:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/02 22:29:52 | 000,628,448 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/01/12 16:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/07/14 09:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/08/17 19:06:28 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/03 10:10:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2012/11/09 16:25:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/07/19 15:18:38 | 002,568,120 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/28 20:49:11 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2012/02/17 14:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/02/07 17:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/02/07 17:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/02/07 17:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/02/02 17:56:35 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/01/18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/01/13 12:44:01 | 001,478,272 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.00.21\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/10/29 09:59:26 | 000,918,448 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/27 11:07:36 | 000,160,768 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/07/24 08:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/07/24 07:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/07/05 16:40:38 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/09/05 16:12:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/09/05 16:12:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/09/05 16:04:51 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/08/23 22:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/04/23 19:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/02/03 21:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/27 01:39:34 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/27 01:39:34 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/27 01:39:34 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/16 15:12:58 | 000,032,360 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan620.sys -- (RTVLANPT)
DRV:64bit: - [2011/09/15 12:33:32 | 000,141,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSumsc.sys -- (ASUSumsc)
DRV:64bit: - [2011/09/15 12:33:32 | 000,024,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASUSstpt.sys -- (ASUSstpt)
DRV:64bit: - [2011/08/12 18:13:36 | 000,032,360 | R--- | M] (NT Kernel Resources) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ndisrd.sys -- (ndisrd)
DRV:64bit: - [2011/06/15 21:11:20 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2011/06/15 21:11:20 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2011/01/16 00:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/12/21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/12/21 13:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/12/21 13:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/12/21 13:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/12/17 06:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/21 11:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 11:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 11:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/18 01:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/23 14:12:38 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012/07/05 13:53:22 | 000,021,904 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:53:18 | 000,033,224 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...&ocid=iehp&tc=0
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 52 4A 54 F5 26 CE 01 [binary data]
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.5
FF - prefs.js..extensions.enabledAddons: %7Bbb6bc1bb-f824-4702-90cd-35e2fb24f25d%7D:1.5.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Eusebio\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/12/22 20:57:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Eusebio\AppData\Roaming\IDM\idmmzcc5 [2012/10/27 19:59:55 | 000,000,000 | ---D | M]

[2012/10/28 10:02:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Extensions
[2013/08/18 11:44:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions
[2013/08/03 09:25:09 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2013/05/04 00:50:03 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\[email protected]
[2013/06/23 13:45:17 | 000,350,663 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012/05/25 23:38:16 | 000,031,267 | ---- | M] () (No name found) -- C:\Users\Eusebio\AppData\Roaming\Mozilla\Firefox\Profiles\8hhda77g.default\extensions\{285ACFBB-8E53-4feb-90E6-F02A128927F3}.xpi
[2013/08/17 19:06:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 19:06:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - Extension: Entanglement = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Eusebio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\

O1 HOSTS File: ([2013/08/18 11:44:19 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WinToFlash Suggestor) - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [Akamai NetSession Interface] C:\Users\Eusebio\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKU\S-1-5-21-4071200241-1935167737-2081240648-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: WinToFlash Suggestor - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O9 - Extra 'Tools' menuitem : WinToFlash Suggestor options - {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll (Novicorp LLC)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DE54268-808A-4585-A6F3-D0B00E7ACF15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/05 22:24:14 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{85cb4b4d-317a-11e2-97e3-10bf4882e263}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f0af7751-2094-11e2-9ab8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/18 19:45:54 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\FLT
[2013/08/18 17:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
[2013/08/18 11:44:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/17 19:18:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/17 19:06:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/15 00:48:43 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/08/15 00:48:43 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/08/15 00:48:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/08/15 00:48:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/08/15 00:48:42 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/08/15 00:48:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/08/15 00:48:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/08/15 00:48:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/08/15 00:48:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/08/15 00:48:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/08/15 00:48:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/08/15 00:48:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/08/15 00:48:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/08/15 00:48:40 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/08/15 00:48:40 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/08/15 00:36:48 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/08/15 00:36:48 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/08/15 00:36:47 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/08/15 00:36:47 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/08/15 00:36:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/08/15 00:36:47 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/08/15 00:36:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/08/15 00:36:46 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/08/15 00:36:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/08/15 00:36:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/08/15 00:36:32 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/08/15 00:36:32 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/08/15 00:36:32 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/08/15 00:36:30 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013/08/15 00:36:20 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/08/15 00:36:20 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\ATI
[2013/08/10 11:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/08/10 11:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013/08/10 11:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/08/10 11:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2013/08/10 10:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/08/10 10:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2013/08/10 10:56:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/08/10 10:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/08/10 10:55:20 | 000,000,000 | ---D | C] -- C:\AMD
[2013/08/10 10:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/08/10 10:03:17 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2013/08/08 23:43:27 | 000,000,000 | ---D | C] -- C:\Users\Eusebio\AppData\Local\BeamNG
[2013/07/31 04:42:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/24 08:39:22 | 000,157,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2013/07/24 08:39:22 | 000,142,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/07/24 08:39:14 | 000,143,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/07/24 08:39:14 | 000,126,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/07/24 08:39:12 | 000,115,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/07/24 08:39:12 | 000,098,496 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/07/24 08:39:10 | 001,251,120 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/07/24 08:39:08 | 001,043,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/07/24 08:39:04 | 009,066,784 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/07/24 08:39:00 | 007,918,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/07/24 08:38:56 | 006,475,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/07/24 08:38:50 | 006,532,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/07/24 08:38:44 | 007,093,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/07/24 08:38:42 | 007,607,720 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/07/24 08:36:40 | 012,721,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/07/24 08:18:56 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/07/24 08:18:50 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/07/24 08:18:46 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/07/24 08:18:40 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/07/24 08:18:24 | 028,193,280 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/07/24 08:16:54 | 000,129,536 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:16:14 | 023,761,408 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 08:04:04 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/07/24 08:03:54 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/07/24 08:03:52 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/07/24 08:03:46 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/07/24 08:03:44 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/07/24 08:03:28 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/07/24 08:00:42 | 025,609,728 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/07/24 08:00:08 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/07/24 07:42:04 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/07/24 07:41:54 | 000,026,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:52 | 021,624,832 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/07/24 07:11:24 | 001,091,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/07/24 07:11:12 | 000,824,320 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/07/24 07:10:54 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/07/24 07:10:44 | 000,100,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/07/24 07:10:36 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/07/24 07:10:26 | 000,617,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/07/24 07:08:14 | 000,095,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013/07/24 07:08:10 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013/07/24 07:08:00 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013/07/24 07:07:56 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2013/07/24 07:06:48 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll

========== Files - Modified Within 30 Days ==========

[2013/08/18 22:31:41 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/18 22:31:38 | 000,000,000 | -H-- | M] () -- C:\ProgramData\cm-lock
[2013/08/18 22:31:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/18 22:31:29 | 2105,982,975 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/18 22:30:56 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 22:30:56 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/18 22:30:10 | 000,795,870 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/18 22:30:10 | 000,671,268 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/18 22:30:10 | 000,126,290 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/18 21:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/18 21:43:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/18 17:39:45 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\BioShock Infinite.lnk
[2013/08/18 11:48:49 | 000,666,633 | ---- | M] () -- C:\Users\Eusebio\Desktop\adwcleaner.exe
[2013/08/18 11:44:19 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/08/17 19:18:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Eusebio\Desktop\OTL.exe
[2013/08/16 08:49:37 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:59:14 | 000,787,992 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/10 10:03:17 | 000,001,090 | ---- | M] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/08/03 10:10:03 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/08/03 10:10:03 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/08/01 08:44:39 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/26 13:13:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/26 13:12:27 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/26 13:12:08 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/26 13:12:08 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/26 13:12:04 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/26 13:12:04 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/26 13:12:03 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/26 13:12:03 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/26 11:12:04 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/26 11:12:00 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/26 11:12:00 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/26 11:12:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/26 11:11:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/26 10:39:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/26 09:59:38 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/25 17:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/25 16:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/24 16:11:56 | 008,946,257 | R--- | M] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:39:22 | 000,157,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2013/07/24 08:39:22 | 000,142,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2013/07/24 08:39:20 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2013/07/24 08:39:20 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2013/07/24 08:39:14 | 000,143,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2013/07/24 08:39:14 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2013/07/24 08:39:12 | 000,115,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2013/07/24 08:39:12 | 000,098,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2013/07/24 08:39:10 | 001,251,120 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2013/07/24 08:39:08 | 001,043,000 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2013/07/24 08:39:04 | 009,066,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2013/07/24 08:39:00 | 007,918,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2013/07/24 08:38:56 | 006,475,232 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2013/07/24 08:38:50 | 006,532,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2013/07/24 08:38:44 | 007,093,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2013/07/24 08:38:42 | 007,607,720 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2013/07/24 08:36:40 | 012,721,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2013/07/24 08:19:12 | 000,229,376 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:18:56 | 000,098,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2013/07/24 08:18:50 | 000,083,456 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2013/07/24 08:18:46 | 000,086,528 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013/07/24 08:18:40 | 000,073,216 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2013/07/24 08:18:24 | 028,193,280 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2013/07/24 08:16:54 | 000,129,536 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_13.20.dll
[2013/07/24 08:16:14 | 023,761,408 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2013/07/24 08:14:24 | 000,063,488 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/07/24 08:14:20 | 000,057,344 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 08:04:04 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2013/07/24 08:03:54 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2013/07/24 08:03:52 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2013/07/24 08:03:46 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2013/07/24 08:03:44 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2013/07/24 08:03:28 | 015,716,352 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2013/07/24 08:00:42 | 025,609,728 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2013/07/24 08:00:08 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2013/07/24 07:42:04 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2013/07/24 07:41:54 | 000,026,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/07/24 07:41:52 | 021,624,832 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2013/07/24 07:41:46 | 000,574,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/07/24 07:40:52 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/07/24 07:39:20 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/07/24 07:25:40 | 003,399,312 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/24 07:11:24 | 001,091,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2013/07/24 07:11:12 | 000,824,320 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2013/07/24 07:10:54 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2013/07/24 07:10:50 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2013/07/24 07:10:44 | 000,100,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2013/07/24 07:10:36 | 000,096,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2013/07/24 07:10:26 | 000,617,472 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2013/07/24 07:08:14 | 000,095,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2013/07/24 07:08:10 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2013/07/24 07:08:00 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2013/07/24 07:07:56 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2013/07/24 07:06:48 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2013/07/23 20:29:08 | 000,051,200 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | M] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== Files Created - No Company Name ==========

[2013/08/18 22:31:38 | 000,000,000 | -H-- | C] () -- C:\ProgramData\cm-lock
[2013/08/18 17:39:45 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\BioShock Infinite.lnk
[2013/08/18 11:48:27 | 000,666,633 | ---- | C] () -- C:\Users\Eusebio\Desktop\adwcleaner.exe
[2013/08/16 08:49:37 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/08/10 11:05:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/08/10 10:03:17 | 000,001,090 | ---- | C] () -- C:\Users\Eusebio\Desktop\MSI Afterburner.lnk
[2013/07/24 16:15:00 | 008,946,257 | R--- | C] () -- C:\Users\Eusebio\Desktop\SMART OLONGAPO PROJECT.rar
[2013/07/24 08:19:12 | 000,229,376 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/07/24 08:06:30 | 000,548,824 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/07/24 07:25:40 | 003,399,312 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/07/24 07:22:44 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/07/24 07:22:44 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/07/24 07:16:12 | 003,433,360 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/07/23 20:29:08 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\kdbsdk64.dll
[2013/07/23 20:24:36 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2013/05/12 19:48:08 | 000,033,540 | ---- | C] () -- C:\Windows\SysWow64\CoreFLACDecoder-uninstall.exe
[2013/04/13 22:03:38 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_2202.html
[2013/04/13 00:09:18 | 000,002,672 | ---- | C] () -- C:\Users\Eusebio\Unigine_Valley_Benchmark_1.0_20130413_0009.html
[2013/04/13 00:02:58 | 001,065,984 | ---- | C] () -- C:\Users\Eusebio\AppData\Local\file__0.localstorage
[2013/03/29 10:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/29 10:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/23 21:33:21 | 004,762,752 | ---- | C] () -- C:\Windows\PE_File.dll
[2012/12/30 21:39:58 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012/12/30 21:39:58 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012/12/10 23:46:25 | 000,000,132 | ---- | C] () -- C:\Users\Eusebio\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/12/08 12:55:41 | 000,000,023 | ---- | C] () -- C:\Windows\My Settings.ini
[2012/12/06 19:51:20 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/11/27 00:01:51 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012/11/27 00:01:44 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012/11/27 00:01:44 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012/11/03 19:55:06 | 004,924,048 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2012/10/27 18:37:38 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/10/27 18:37:37 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/10/27 17:37:51 | 000,047,091 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/10/27 17:36:10 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/10/27 17:36:04 | 000,034,501 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/10/27 17:25:51 | 000,787,992 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/10/10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/09/29 03:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012/02/02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011/09/13 06:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 13:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 12:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 21:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 21:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 21:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

#8
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
How your computer is running now?
  • 0

#9
javacookies

javacookies

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
As of now, it seems gone. I'll just report back if ever it comes back.
May I know which one removed it? Is it the OTL or the Adwcleaner? or combination of both and some sort of specific things that you know that I won't understand easily? :lol: I'm just curious.
Anyway thank you very much for helping me :)
  • 0

#10
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts

some sort of specific things that you know that I won't understand easily?

Seems that this variant. :lol: Feel free to come again when you'll have a trouble (hope, that you will never have such). But our fight is not over. I need to make sure that something incative isn't hiding in your system. Please, follow these steps:

Step 1. MBAM scan.

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2. Kaspersky Virus Removal Tool scan.

  • Download the program distributive.
  • run the downloaded file setup_<build_number>_<date>_<time>.exe (example setup_9.0.0.722_22.01.2010_10-04.exe)
  • Wait till the program unpacks temporary files.
  • In the lower part of the welcome window select the required language to use during the installation.
  • Read the license agreement and check the I accept the license agreement option.
  • Click the Start button, to launch the application.
  • Go to the Settings tab marked with an asterisk image.
  • Select the Scan scope section.
  • Pick a tick near all the locations, excluding floppy and CD-ROM drives.

    Posted Image
  • Go to the Automatic Scan tab.
  • Click the Start scanning button.
  • Wait until the scan is over.
  • After that go to the Reports tab with the image of a list Posted Image
  • Select Detected threats section.
  • Click Save button.
  • Window with choice of location should pop up. Save the log on your Desktop under name log.txt. You should post contents of this file in your next message.
  • Now click Disinfect all button. Computer will be rebooted automatically.
So, please, don't forget to post in your next message:

  • Kaspersky Virus Removal Tool log
  • MBAM log

  • 0

#11
javacookies

javacookies

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hi, for the MBAM scan, I wasn't able to get a log file maybe because it said no malwares were detected. As for the Kaspersky Virus Removal Tool scan, it looks like it will take a long time to scan since I have 1 TB of HDD which is almost full. I have no time for it this weekdays maybe I'll get back on this on weekend. Thanks. :)
  • 0

#12
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Okay. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP