Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Symptoms worse, overheating, supposive error on startup [Solved]


  • This topic is locked This topic is locked

#1
Destiny000

Destiny000

    Member

  • Member
  • PipPipPip
  • 130 posts
My computer just went from having annoying problems to affecting my laptop on general. I believe it to be malware related. I have an asus N53S laptop Windows 7 Intel inside core 17. Most recent symptoms are it is overheating for no particular reason, it sounds over worked yet I have no more that regular programs running in background, nothing new installed to cause this. I was printing a paper and my printer stopped halfway and I could not delete the current printing job to reset it. I have to reset my computer and printer, after I restarted it said an error had occurred during startup and I've let it try to fix problems but it does not work. Currently my computer is being even more ridiculous with the fan and heat. Increasing steadily.

And any click I do on anything on my computer is slow. Previously my Internet was slow (as in not my connection), and no matter what browser I used I would quite often get an error saying it could not load that site, even google, (if i remember correctly it the error would SOMETIMES be called error 503) it never mattered, and I could not refresh it, I would either have to restart my computer or wait around 15 minutes for it to I guess reset itself so it would load. Also previously the computer would turn off randomly in the night, and it would show in the morning it was turned off unexpectedly. Also I believe I somehow have registry errors, I was also told not to use programs online for that as they can apparently make things even worse. I have no idea why this registry errors would have occurred.

P.S. Also I don't know if this has anything to do with current or earlier problems described above, however I do not have a battery inserted in this laptop, it crapped out for the second time. Constant battery problems, the company is sending me a new one again. And they don't know what keeps causing the issues.

Here is my ODL results:

OTL logfile created on: 10/11/2013 9:48:15 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

11.91 Gb Total Physical Memory | 7.41 Gb Available Physical Memory | 62.26% Memory free
23.81 Gb Paging File | 19.03 Gb Available in Paging File | 79.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 16.19 Gb Free Space | 2.32% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS

Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Downloads\OTL (1).exe
PRC - [2013/11/10 14:42:23 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2013/11/10 14:42:23 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
PRC - [2013/11/10 14:42:23 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
PRC - [2013/11/01 16:54:00 | 000,906,024 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
PRC - [2013/11/01 16:51:00 | 001,795,880 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
PRC - [2013/11/01 16:50:18 | 000,555,304 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2013/11/01 16:49:42 | 000,926,504 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe
PRC - [2013/11/01 16:49:42 | 000,343,848 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
PRC - [2013/11/01 16:49:04 | 000,549,672 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe
PRC - [2013/11/01 15:50:58 | 000,598,312 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe
PRC - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
PRC - [2013/10/20 23:41:58 | 042,239,328 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\17.0.1241.53\opera.exe
PRC - [2013/09/30 11:48:34 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/09/20 19:03:26 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/07/03 14:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/03 14:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011/10/28 11:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/10 14:42:25 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
MOD - [2013/11/10 14:42:25 | 000,142,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
MOD - [2013/11/10 14:42:23 | 002,420,248 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2013/11/01 16:48:52 | 000,903,464 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
MOD - [2013/10/20 23:42:01 | 000,881,504 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libGLESv2.dll
MOD - [2013/10/20 23:42:00 | 000,109,408 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libEGL.dll
MOD - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
MOD - [2013/10/20 23:41:59 | 000,868,704 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\ffmpegsumo.dll
MOD - [2013/10/08 22:14:21 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/04/04 00:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/12/03 08:47:14 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/11/10 14:42:23 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
SRV - [2013/11/01 16:54:00 | 000,906,024 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe -- (hshld)
SRV - [2013/11/01 16:50:18 | 000,555,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2013/11/01 16:35:40 | 000,078,512 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe -- (HssTrayService)
SRV - [2013/10/30 14:17:34 | 002,473,296 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/10/08 22:14:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/20 19:03:26 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/13 09:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/01/17 22:28:28 | 000,024,576 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/18 03:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/11/18 03:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/10 14:42:25 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/10/10 02:00:58 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2013/06/21 05:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/06/20 18:09:46 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/08 01:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 01:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/09/10 09:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/09/04 13:17:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/30 23:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/25 09:26:34 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2011/12/06 03:23:10 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/16 10:24:57 | 000,032,848 | ---- | M] (ip-shield.net LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipshtap.sys -- (ipshtap)
DRV:64bit: - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/13 09:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 09:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 09:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 09:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 09:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 13:23:56 | 000,106,752 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys -- (swiwdmbus)
DRV:64bit: - [2010/11/16 13:12:10 | 000,211,072 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swumxa3.sys -- (SWUMXA3)
DRV:64bit: - [2010/11/16 13:11:50 | 000,245,760 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/08 18:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2009/11/20 14:26:50 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/12 05:16:06 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/02/05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013/07/02 12:55:03 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/12/09 21:57:03 | 000,089,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\EdenEternal\avital\ussjcs64.sys -- (usj)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope = {61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 F2 F5 45 AA 84 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {F202FF1A-F565-4654-86AC-67C007E26395}
IE - HKCU\..\SearchScopes\{5F281AB8-905F-4816-9E73-6F3ABBDFB60F}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}: "URL" = http://search.condui...1613114364&UM=2
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7AURU_enCA499
IE - HKCU\..\SearchScopes\{F202FF1A-F565-4654-86AC-67C007E26395}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2013/07/02 19:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2013/07/24 10:59:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:23 | 000,000,000 | ---D | M]

[2013/10/31 20:35:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2013/10/31 20:35:23 | 000,000,000 | ---D | M] (SeeSimilar02) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/10/31 20:35:11 | 000,000,000 | ---D | M] (Speed Test (4354)) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SkyDrive] C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\RunOnce: [Uninstall C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.5.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25DFF212-CB9A-4D9C-897E-F37041D30E72}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3656380A-593C-446E-A327-14031E4898E7}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BF6E015-86D4-4B85-A85D-DDC5AAC54796}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F2496C-A4AE-4BC8-A53C-4350286FBA7C}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\Shell - "" = AutoRun
O33 - MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O33 - MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\Shell - "" = AutoRun
O33 - MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/08 15:02:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995_files
[2013/11/08 14:29:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota_files
[2013/11/04 12:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2013/11/04 12:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/11/04 12:03:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\:spam: Studio
[2013/11/04 12:03:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\:spam: Studio
[2013/11/04 12:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\:spam:
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\:spam: Studio
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\:spam: Studio
[2013/11/01 12:55:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/10/31 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
[2013/10/31 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2013/10/31 20:35:48 | 000,019,456 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2013/10/31 20:35:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PerformerSoft
[2013/10/31 20:35:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SeeSimilar02
[2013/10/31 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\speedtest4354
[2013/10/25 18:57:43 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2013/10/16 17:43:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\walkthrough's
[2013/10/16 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Ayurvedic course
[2013/10/16 17:35:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Intrnet xplornet bills
[2013/10/16 17:25:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Indigo Chapters documents
[2013/10/12 13:28:36 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Vocabulary_files
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/10 21:37:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/10 21:37:27 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/10 21:36:09 | 001,321,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/10 21:36:09 | 000,660,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/10 21:36:09 | 000,420,586 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/10 21:36:09 | 000,124,796 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/10 21:36:09 | 000,123,028 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/10 21:22:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/10 21:21:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/10 21:20:28 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/11/10 21:19:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/10 21:19:42 | 999,092,222 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/10 18:57:51 | 000,402,986 | ---- | M] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/10 18:12:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/10 14:42:25 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/11/08 15:02:01 | 000,076,979 | ---- | M] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:57 | 000,090,811 | ---- | M] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/05 13:00:52 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/11/04 23:41:10 | 005,297,551 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:41:04 | 149,670,408 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:35:31 | 136,817,561 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:29:54 | 159,378,722 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:23:52 | 143,395,492 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:17:58 | 133,504,883 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:12:21 | 159,323,910 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:06:19 | 159,463,195 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 23:00:22 | 159,384,225 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:54:11 | 140,460,381 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:48:40 | 159,371,360 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:42:14 | 153,779,427 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:36:26 | 152,018,493 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | M] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/04 11:39:40 | 023,469,696 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp3
[2013/11/01 12:55:17 | 000,002,565 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | M] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | M] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | M] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | M] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | M] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:47 | 000,035,893 | ---- | M] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:34 | 000,067,955 | ---- | M] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:34:45 | 009,727,677 | ---- | M] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:23 | 004,750,301 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:33:12 | 009,345,141 | ---- | M] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:56 | 002,904,727 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:54 | 007,133,170 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:48 | 009,610,083 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:42 | 007,099,679 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:36 | 007,276,524 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:30 | 007,054,920 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:24 | 006,627,675 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 13:14:25 | 000,300,686 | ---- | M] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/17 20:41:31 | 000,189,826 | ---- | M] () -- C:\Windows\hpoins46.dat
[2013/10/16 12:05:57 | 000,231,582 | ---- | M] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:31:32 | 020,947,072 | ---- | M] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/16 02:02:12 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/10/12 13:28:36 | 000,009,427 | ---- | M] () -- C:\Users\Administrator\Desktop\Vocabulary.htm
[2013/10/12 10:19:02 | 000,003,043 | ---- | M] () -- C:\Users\Administrator\Documents\ATT00002
[2013/10/12 10:19:02 | 000,000,402 | ---- | M] () -- C:\Users\Administrator\Documents\ATT00001
[2013/10/12 09:46:43 | 008,858,851 | ---- | M] () -- C:\Users\Administrator\Documents\Healing_Herbs_eBook.pdf
[2013/10/12 09:46:31 | 002,079,749 | ---- | M] () -- C:\Users\Administrator\Documents\Wild-foods-cookbook.pdf
[2013/10/12 09:35:57 | 000,569,669 | ---- | M] () -- C:\Users\Administrator\Documents\Pear-Spiced-Bitters-Recipe.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/10 18:57:50 | 000,402,986 | ---- | C] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:01:53 | 000,076,979 | ---- | C] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:47 | 000,090,811 | ---- | C] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/04 23:41:04 | 005,297,551 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:35:32 | 149,670,408 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:29:54 | 136,817,561 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:23:52 | 159,378,722 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:17:58 | 143,395,492 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:12:21 | 133,504,883 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:06:19 | 159,323,910 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:00:22 | 159,463,195 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 22:54:11 | 159,384,225 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:48:40 | 140,460,381 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:42:15 | 159,371,360 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:28:10 | 153,779,427 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:22:09 | 152,018,493 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | C] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/04 11:39:27 | 023,469,696 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp3
[2013/11/04 11:37:16 | 268,100,293 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mkv
[2013/11/01 12:55:17 | 000,002,565 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | C] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/25 18:57:22 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | C] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | C] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | C] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | C] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:46 | 000,035,893 | ---- | C] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:30 | 000,067,955 | ---- | C] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:33:25 | 009,727,677 | ---- | C] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:14 | 004,750,301 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:32:58 | 009,345,141 | ---- | C] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:54 | 002,904,727 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:48 | 007,133,170 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:42 | 009,610,083 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:36 | 007,099,679 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:30 | 007,276,524 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:25 | 007,054,920 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:19 | 006,627,675 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 16:43:01 | 000,003,043 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00002
[2013/10/19 16:43:01 | 000,000,402 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00001
[2013/10/19 13:14:22 | 000,300,686 | ---- | C] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/16 12:05:57 | 000,231,582 | ---- | C] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:30:44 | 020,947,072 | ---- | C] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/12 13:28:36 | 000,009,427 | ---- | C] () -- C:\Users\Administrator\Desktop\Vocabulary.htm
[2013/10/12 09:46:29 | 002,079,749 | ---- | C] () -- C:\Users\Administrator\Documents\Wild-foods-cookbook.pdf
[2013/10/12 09:46:15 | 008,858,851 | ---- | C] () -- C:\Users\Administrator\Documents\Healing_Herbs_eBook.pdf
[2013/10/12 09:35:56 | 000,569,669 | ---- | C] () -- C:\Users\Administrator\Documents\Pear-Spiced-Bitters-Recipe.pdf
[2013/10/01 22:30:51 | 000,000,145 | ---- | C] () -- C:\Windows\game.INI
[2013/09/27 16:22:37 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/09/25 15:58:15 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013/08/27 13:27:06 | 000,000,218 | ---- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2013/07/18 09:57:17 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2013/07/08 00:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/07/02 19:33:09 | 000,207,031 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2013/07/02 19:33:09 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2013/07/02 12:49:56 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2013/05/07 08:14:48 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/02/08 12:54:42 | 000,703,117 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\technic-launcher.jar
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/29 09:28:33 | 000,007,600 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/10/03 10:35:24 | 000,001,456 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/09/22 19:50:41 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/09/22 10:03:34 | 000,000,054 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/09/17 13:23:37 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/09/06 15:11:14 | 001,313,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/03 17:36:35 | 000,000,132 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/28 16:07:17 | 000,000,454 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/28 15:59:53 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/08/28 11:33:12 | 000,189,826 | ---- | C] () -- C:\Windows\hpoins46.dat
[2012/08/28 11:33:12 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2012/08/27 17:43:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/08/27 17:43:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:31:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2013/03/21 15:41:26 | 000,002,048 | -HS- | M] () -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\@
[2013/03/21 15:41:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\L
[2013/03/27 09:21:40 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\U
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/27 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.anomos
[2013/02/08 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.techniclauncher
[2013/09/27 17:13:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2013/03/30 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2013/04/23 16:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CDisplayEx
[2012/10/18 19:20:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/25 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/09/03 19:24:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2013/09/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2013/04/22 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Doblon
[2013/10/08 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Eipix
[2013/09/24 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EQATEC Analytics
[2013/06/18 11:46:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2013/02/04 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EuroTalk
[2013/09/11 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GlarySoft
[2013/10/09 11:26:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gogii Games
[2013/08/27 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2013/07/11 11:31:26 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Hotspot Shield
[2013/09/27 16:19:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2012/12/29 22:33:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IonFx
[2012/12/29 16:14:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kalypso Media
[2013/02/08 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\logs
[2013/10/07 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mad Head Games
[2013/09/25 15:34:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MotioninJoy
[2013/10/01 22:48:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera Software
[2013/09/24 19:28:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2012/09/13 09:16:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OverPlay.net, LP
[2012/09/17 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PACE Anti-Piracy
[2013/10/31 20:36:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PerformerSoft
[2013/10/17 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/09/24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2013/06/18 09:12:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\S.A.D
[2013/07/09 15:13:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Search Protection
[2013/10/31 20:35:23 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SeeSimilar02
[2013/07/16 09:36:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Wireless
[2013/10/31 20:35:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\speedtest4354
[2012/08/27 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/26 12:39:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\sylteditor
[2013/01/03 09:22:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SystemRequirementsLab
[2013/10/25 13:40:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\The Longest Journey
[2013/10/09 16:34:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheBookofLegends_Saves
[2013/07/12 14:14:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheSage
[2013/11/10 22:24:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/09/15 14:21:00 | 000,002,009 | ---- | M] ()(C:\Users\Public\Desktop\?1?e?IS.lnk) -- C:\Users\Public\Desktop\̉S.lnk
[2013/09/15 14:21:00 | 000,002,009 | ---- | C] ()(C:\Users\Public\Desktop\?1?e?IS.lnk) -- C:\Users\Public\Desktop\̉S.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
@Alternate Data Stream - 1149 bytes -> C:\Users\Administrator\AppData\Local\UmdVZQXmJupxDrZ:20TLFXUMm7A1l0Mssm40H
@Alternate Data Stream - 1109 bytes -> C:\ProgramData\Microsoft:ylVZq1BO6UMxCugapzaF
@Alternate Data Stream - 1091 bytes -> C:\ProgramData\Microsoft:KXGEKU1OWNJSz76so7lJm

< End of report >

Thank you for your help in advance.
  • 0

Advertisements


#2
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Welcome to GeeksToGo, Destiny000

My name is Machiavelli and I'll try to fix your PC problems. If you are in SafeMode then print my instructions! Removing Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do, just ask me! Please stay in contact with me until the problem is fixed.

Posted Image

Posted Image

!NOTE! Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts. :)

 

I see some things where we have to work on. But please do this before: Move the OTL.exe, which is currentliy located under your Downloadsfolder(C:\Users\Administrator\Downloads) to your Desktop please.

Then,

  • Open Posted Image on the desktop. To do that:
    • XP users: Double click on the OTL icon.
    • Vista / 7 Users: Right click on the icon and click Run as Administrator)
  • Make sure all other windows are closed.
    • Please click on the "None" Button
    • Under the option Extra Registry please select Use Safe List
    • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
    • Let the scan run uninterrupted.
    • When the scan completes, it will open Extras.Txt on the desktop
    • Please copy the contents of this file and paste it into your reply. To do that:
    • On the Extras.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
    • Right click inside the forum post window then click Paste. This will paste the contents of the Extras.txt file in the in the post window.
[/list]
 

Things I need to see in your next post:

  • Extras.txt

  • 0

#3
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Thank you for your fast reply. :) And I shall be around and will be patient. Thank you. Tomorrow I won't be around most of the day so it will be probably late evening I will check up here.

Here is the extras text:

OTL Extras logfile created on: 10/11/2013 11:06:08 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

11.91 Gb Total Physical Memory | 6.86 Gb Available Physical Memory | 57.61% Memory free
23.81 Gb Paging File | 18.62 Gb Available in Paging File | 78.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 18.65 Gb Free Space | 2.67% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS

Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E15B26-829F-4CAC-8BBB-B7B8DAE77262}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{030F0992-2FBE-4250-BAA2-987E3CFC75D0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{0478E5D8-CA17-41D1-90C9-1CF1FCB96921}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A098DE1-223D-46AB-A093-4181DE5B1E1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{153E3F92-56DD-4831-8F6F-CD666E1C030E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{17A36959-CC0E-4693-86C9-F1F8C5789DB5}" = lport=443 | protocol=6 | dir=out | app=system |
"{1EBDCCC2-1D17-4443-AA66-D4AC317C50BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2012EB90-A233-4FE3-9B33-D8E3903C0EF3}" = rport=445 | protocol=6 | dir=out | app=system |
"{24F25C6E-BF8F-4685-899D-331C24B383C4}" = rport=443 | protocol=6 | dir=out | app=system |
"{27B8528C-6280-48E8-B8D3-D42D9DE1A7F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A8FA3C2-EB3B-4590-9696-ED7E84814925}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B102B30-07EA-4079-AA49-2B4EEB076AAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B85F947-73AB-4ECE-8410-54B12AC3FA6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D907B9A-2478-42E1-B8BC-8876F39A034C}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{300F632B-8359-447E-A7E5-6741C81C5BF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31E49EDD-E1A3-4FF2-8F74-7EB214588D44}" = lport=443 | protocol=6 | dir=in | app=system |
"{339DE419-0BAD-454F-9A54-DF133A260E6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4176C38D-1ADC-4C72-8FD1-077BD0E25EA9}" = lport=80 | protocol=6 | dir=in | app=system |
"{50BEA5F3-811F-45E9-A247-BAA493AFAF34}" = lport=445 | protocol=6 | dir=in | app=system |
"{521D912D-8A4A-4DC8-98F9-88FB54B01B19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{52F81EF8-FEF8-42DE-B83A-F18187A83695}" = lport=10243 | protocol=6 | dir=in | app=system |
"{55EABC07-4F97-422A-A09E-E99268E5CD64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5863031B-C8A8-4DA6-80D7-42483121B0C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C12A466-7870-4A4A-95C4-47607791D42B}" = lport=139 | protocol=6 | dir=in | app=system |
"{769D12F4-8A6E-4135-B820-068A6BA454E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85DFB84D-B34B-40C4-A425-0D061B7A31AA}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{89E3C5D4-99D6-45FA-B095-73472E0D8E93}" = lport=137 | protocol=17 | dir=in | app=system |
"{8B205925-2D97-47A6-BCB6-9018EFD71B18}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{950EAD67-453B-4A13-87FA-DDBA176D5CAB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{995F05BB-A80D-4FBC-81A4-B7DA78117F75}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9E96074C-CF89-43FB-B061-F06CB67CD15E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3B1978D-0A7A-491B-8390-F1D62328B4B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3F9A14B-5B0D-4C34-9182-CAE8404F7957}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ABFA310D-5C3C-40C3-A768-865AE4FEFE78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BBCD6DBD-A901-458A-B895-5E3DEE2E515E}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{C36C4670-FA63-4F17-9623-A54C706D64F6}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{C8A8DF6D-588A-4738-8F7B-F2171EA63248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C932430D-E725-407D-B152-4F3A6EE3D2FC}" = rport=80 | protocol=6 | dir=out | app=system |
"{D93C1066-13BD-4C58-9B05-BC3A7916B1E7}" = lport=138 | protocol=17 | dir=in | app=system |
"{E09AC44B-422E-4E5B-8E14-13BAE78A3B9B}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E9B9FE10-19E3-437B-BD59-5603FE68A3C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EAF6BB38-0CC2-47F5-95D2-7DE0983CF02E}" = rport=139 | protocol=6 | dir=out | app=system |
"{ECA8D882-C494-45ED-92EE-EBCA1B15A0E2}" = lport=49231 | protocol=6 | dir=in | name=akamai netsession interface |
"{EF294970-894F-4B77-818E-B290D7BEE529}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F14A9A1A-6637-4457-9AA1-739B314B7937}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051E4BFA-BF20-4985-B4D6-ED2B17C703C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{06535A34-429E-4193-85DE-7E626741E2E0}" = protocol=58 | dir=out | [email protected],-28546 |
"{0AAFA0B1-96BC-4CAF-B036-4AC3652BF6F3}" = protocol=58 | dir=in | [email protected],-28545 |
"{11A10CD8-B6D3-4107-9EBD-2BF43B243232}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{184BE7D6-4265-4EF7-9B5E-0BCE3E9C738A}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp software update\hpwucli.exe |
"{19193540-F1AB-480C-9853-BF8307FA9E4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1977583F-FD9F-4928-928B-5FB4CD0B9F41}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{19D11154-9764-4815-955C-24F46368B397}" = protocol=1 | dir=in | [email protected],-28543 |
"{1CB5C300-2822-42FC-8B17-3A14A98173A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{1DF13C72-E947-4173-8AE9-0811F469696D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{1E46D2D7-533D-4986-9AD8-7FA36A1AA913}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{1EAC9928-1DF7-49BF-AFB9-CDF4B50EC45F}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{1EEF6913-F30D-41D7-91B1-2EC49A27B5C6}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{210C8BD4-AD26-4A4C-9FDB-EBE6EF9B31EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{217A83DF-794B-449F-8D4B-97A62BF62EFC}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{243C8566-31EB-44C0-B992-AAC878C2D923}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{2604B37C-D55D-48E4-A96B-7DF040924A5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{290C0690-01FF-4FCC-91DD-1C192735E93F}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{29560FC7-C755-4E15-A529-E4DF2E5892C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29946260-D911-44D6-8770-09AF7E25249B}" = protocol=6 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{29C16454-4759-42B9-A84E-C4C83C867DE5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{2A59A2AA-B20B-401E-A831-5C1F27EFDA9F}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{2A5F8401-E64E-4678-84D5-B4DFAA738C55}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{2B96C257-9F77-4D4A-BF47-83D7A50F69D9}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{2C94FE83-AC48-4FC0-95DC-97F632892D6F}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{2D1C5691-B583-45DE-85A2-713914810C65}" = protocol=6 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{2D484360-FD85-4995-BE0C-412D26EA06C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30930023-29C5-4888-B822-44C417ECBA6D}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{31671978-F898-4A6C-BEF5-0B1D61533FDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{32281D25-6934-4723-8E9A-DE9C1125911B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{33894534-52E2-4440-95D4-94789B295869}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{3F19B784-2EDC-4813-A09D-41DEC3612632}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{46698A8B-D70B-43E3-8676-BB98591957EB}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{4B7F506E-33B7-439C-98D0-E9DBBC1ABD90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{4C7FE828-994C-4C0A-B92F-91E5D31332A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{4F31DB86-02EC-44BB-B431-8837DD28D3A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{4FD53F65-BBFC-4099-85E8-2180C8CCB8CE}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{55D73536-1B23-4FF9-B045-02B0D4E707B2}" = protocol=6 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{56885DA3-21A0-4CF0-94E1-A801DCBDAE30}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{58DDD669-8218-442C-A555-C3B7029C353E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{58F4C153-F135-43A7-9B7A-3BD0B85126C4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{5A25C831-0AFE-4FDA-B50A-25910B8C7E69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60156D96-7238-4F55-9A1A-3C348C738AB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63632DAD-EA2D-4D97-8F7F-92EA501E3AEE}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{655485ED-C58B-4470-A646-273DE69F1D90}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673A8979-E1DD-4F7B-9345-E5B35C4AE308}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{67CF80DA-7B6D-46E9-84DA-03183DD687DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{67F3EF30-ECEA-4621-B1B1-B52303DE42E3}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{69DBF0F5-7A73-4223-8721-48A7CF2CB110}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6E43E14D-338E-4197-860C-DA58EE96AC2B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{71C6D2C5-A78A-469F-809E-BC4A5E35F5DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{738D8F3A-3FD4-4A2D-B70A-19F085A5DEB4}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{73BCEEB5-6401-4399-A398-FBFAD2B9DD22}" = protocol=17 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{759A6E52-5700-4D91-81B1-0003AAFB5F14}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{793DC66B-60F8-49B2-B6FA-25E5316A61BD}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{7A70252A-083B-4D8D-83EC-F05AFBA08194}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7D1F3695-2DA5-40A4-B65F-A8002D0A6132}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{7E283BF2-CF67-42EB-AD2F-1F8B3512EF1C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{83180475-7C43-4324-95E6-F1EA92DB07BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{8483453B-5C20-4EAA-AEDF-5BE2952277F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{885721FC-D755-416C-9EE7-4DB6DB6024CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B412A21-4205-4BE1-A177-05F583BDAEB0}" = protocol=1 | dir=out | [email protected],-28544 |
"{8B78619B-1CBB-447A-926D-BEF32BAEAAB7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{8DA63663-6AF4-4FAD-A51F-AAB2F5E6D091}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0554BE-05B8-4060-B436-62D3FB780330}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F6480D7-D9D9-48C4-B200-31A89AEAEBF6}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{902DB0E2-9101-4F02-9AED-3909DA30F46A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92DFE177-AC19-4F23-B7C9-B395B5370923}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{936EFFF6-8126-4C4F-84E7-E52ABA9199D2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9650481C-E7BD-474B-B9A1-DA6AA8DE6C9C}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9716E5EE-35D4-4114-9A7A-4B3DEF3BC82D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{973C198A-7ABF-47C0-87D3-A3EFACA55908}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{981C1C14-B978-4BA4-8B11-EF3FCCECAB30}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9D91449B-0B8B-4D9B-8724-F859CDF0A242}" = protocol=17 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{9E43CB0C-A640-42F0-9D6D-E6AD81F463A0}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{9F399563-9ED4-4804-9D1A-6E39040EC1F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9F87E700-2B7D-4506-AD39-0BB9BFF58237}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{A0B18D54-3F6E-4C8A-AF18-50CD2B007CF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{A2C2FD2F-0AF8-4AD8-8501-41A11CC1E937}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2ED5474-72BF-4864-A5DB-095FF83594D0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A50E7C0C-5496-4243-AD13-982CB0955238}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A669F69F-DC73-4AE7-BB9A-1B2AB556B85C}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{ABD68459-CA76-464E-9840-057641D79C50}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1D29C7D-6EFF-43DA-8E1B-BA4BF0FE916E}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{B2A368F2-4051-4170-B98A-C4CACA84EBA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B399DC8F-DBC7-4026-B760-3B6878EACAAE}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{B714E75B-F163-4BB2-9C68-FF0A7BD24ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{B7C69025-A9A7-4841-86A9-2DCFA8BA206C}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{BA7272E2-41A9-4669-AD34-0DFD9D3A8EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{BAE6832B-736E-4735-84E5-A50A0C53EC30}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{BEB5AA26-A4B9-44B1-9225-3B8BCEED3FED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BF1D2A27-118D-43A5-87A0-93FE98D2B164}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{C09BBDEF-6DD2-42A0-A77D-BE63C06CF998}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{C6A7C2D9-A134-4655-B26F-D274D0CA795E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{C6F950E6-D2B8-485C-B6BC-7EC05DD79F6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{CF4C13CE-FFFE-4BD6-B30F-FF84080CE88E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{D1447317-2419-4B59-9FF0-9C8C8AC46B72}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{D50F9FB3-AE1C-49B0-BF92-B2E47BE0A854}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5884768-1FDF-43E5-AF7D-A1D57BE6DD0F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{DA5F2F53-4D33-4818-9A83-372BA95792AA}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{DF7404D0-F725-46D8-BBD7-E0F79DADC3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{E03638D1-5DEE-41D8-9BB1-5AAD3C074E90}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E2A170CC-A193-4B07-9A29-64471B2E4BBB}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{E333E86E-A2B7-4A69-A266-58C4CA26F26A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{E36F5E63-6EEB-4BF0-92EC-5A1CE437CBAB}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{E6C44D40-349B-4867-8D40-ABFFAD9E1F91}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{E6F78EB8-884C-4285-88BC-AFDDDE317418}" = protocol=17 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{E8C67A06-B622-40B2-A72A-A5BA26CE8DDC}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{E9EFA5B0-AE7E-425E-8EA3-200977AB186B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{EBD94467-C2D6-4C34-87C4-E0C8B2F07EDB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EC6784D2-8429-45E2-855E-16F6924E7E36}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{F18E12AC-0ECF-4084-A791-48CC642284A8}" = protocol=6 | dir=out | app=system |
"{F1B1957C-14BB-427A-B3B3-59422D1CA3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{F43C0577-75B2-43A8-A0CB-AB005410667A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{F441F534-3F59-4220-968C-77536FBD483D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F655BBE6-A231-4B59-BA62-D503567C700E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F71168F4-8643-47B9-8F02-3F1B201B3FB7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F7182550-1FB1-4F1F-9C94-6035052ECA87}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hposid01.exe |
"{FC235545-AB02-4F9E-A227-1D689E806FFA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"TCP Query User{05FDC4DD-3425-453A-A80A-D8089438B041}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{16C4CF22-E135-4DFA-B32B-5A744A2F7CB6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{1AF00278-2F27-45CC-A546-B793F9397C31}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{2020AE43-45C7-4022-AA59-FAE546959D26}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{5D84D83B-7556-442C-93E3-4D07EBC4767C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B97D3921-B60C-4807-8BB3-E81C072464FC}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E20BAFF7-BE5F-4636-ABBD-5F37FEDBFAEF}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{0E190494-6998-44B4-9AC7-D3C9F38CDD3F}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{1DFA14E9-7880-4F19-BB0A-2964E20281BA}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{4260A3C8-4C30-4191-87F5-F9C5F90D908F}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{9305EB60-E5FF-41DE-92E0-6CF208B83F97}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A7BF1588-6E3D-4B04-ADFD-9C9F1653758D}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DC2BB93D-2154-4A97-BD58-408E7152CFCA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{FA46A657-0732-48E1-A405-450039301A4F}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14BC6853-A74E-4874-B50D-679889D1544D}" = HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B9F1BB4-4C06-41E8-877D-B458742B0D0A}" = Fresco Logic USB3.0 Host Controller
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6CA934E5-416C-4E33-95E0-F0E629F5804A}" = calibre 64bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"TheSage" = TheSage
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN ツールバー
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}" = Nero Prerequisite Installer 2.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1" = :spam: Walkman Video Converter 6.1.50
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype 5.10
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1EE9D482-3C07-4EE1-8968-6B364238FFE4}_is1" = "Tomb Raider"
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
"{58F2F72A-B8C9-4CCC-B253-4F1509193EC3}" = ASUS RT-N12 Wireless Router Utilities
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}" = Nero Express
"{61174B54-26FC-48F3-AF5C-7C9B9A9E9A8C}" = Human Japanese 2.0
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}" = QuickBooks Premier: Retail Edition 2010
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F9B5855-7850-41E3-AAAE-DADD09B68B12}" = IObit Apps Toolbar v7.9
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{82D040D1-F95B-4C96-AF5C-B6A1E138EC6E}" = ̉S
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}" = Nero Burning ROM
"{D4B26DED-9DE0-4DA9-AA4A-4AF44FC3B41B}" = Aeria Ignite
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E2B53C96-C9FC-4FC3-8324-1BCE50DEA7E7}" = QuickBooks
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F4A43B47-0518-4a39-B377-15DC62076AC0}_is1" = :spam: Video Converter Platinum 6.2.16
"{F929096B-54A0-4C5C-B125-1E7EB1917412}" = MySQL Connector/ODBC 3.51
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AccelerateTab_is1" = AccelerateTab
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite 1.11.2111" = Aeria Ignite
"AnyDVD" = AnyDVD
"AVG Secure Search" = AVG Security Toolbar
"Book of Legends 1.00" = Book of Legends 1.00
"CDisplayEx_is1" = CDisplayEx 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"Declan's Japanese Dictionary_is1" = Declan's Japanese Dictionary v1.0
"Eden Eternal" = Eden Eternal
"Google Chrome" = Google Chrome
"HotspotShield" = Hotspot Shield 3.19
"HP Photo Creations" = HP Photo Creations
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit)
"Opera 17.0.1241.53" = Opera Stable 17.0.1241.53
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"ReadWrite Katakana_is1" = ReadWrite Katakana version 1.0
"Steam App 108100" = Adam's Venture Episode 1: The Search For The Lost Garden
"Steam App 11610" = Dragon Nest
"Steam App 210390" = Adam's Venture Episode 2: Solomon's Secret
"Steam App 212200" = Mabinogi
"Steam App 214310" = Adam's Venture Episode 3: Revelations
"Steam App 215120" = ROSE Online
"Steam App 217690" = Anna
"Steam App 223510" = Miasmata
"Tagaini Jisho" = Tagaini Jisho
"The Book of Legends1.0" = The Book of Legends
"The Longest Journey" = The Longest Journey
"TheSage" = TheSage
"Veoh Web Player Beta" = Veoh Web Player
"Vittalia" = Vittalia Installer
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"Xuse 永遠のアセリア - この大地の果てで -" = Xuse 永遠のアセリア - この大地の果てで - (Remove Only)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Search Protection" = Search Protection
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = Torrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 03/11/2013 12:14:41 AM | Computer Name = OWNERPC-P0SPPR1 | Source = MsiInstaller | ID = 11714
Description =

Error - 03/11/2013 10:00:01 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Windows Backup | ID = 4103
Description =

Error - 04/11/2013 12:09:43 AM | Computer Name = OWNERPC-P0SPPR1 | Source = MsiInstaller | ID = 11714
Description =

Error - 05/11/2013 4:52:38 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Error | ID = 1000
Description = Faulting application name: ToolbarUpdater.exe, version: 17.0.1.12,
time stamp: 0x521c91ff Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0xbc0 Faulting application start time: 0x01ceda6148ff3f58 Faulting application path:
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
Faulting
module path: unknown Report Id: 3412c010-465c-11e3-96ba-14dae9ce8f5d

Error - 07/11/2013 7:32:54 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 304 Start
Time: 01cedb7f6ea20669 Termination Time: 0 Application Path: C:\Windows\Explorer.EXE

Report
Id: 7193de2b-4804-11e3-8954-14dae9ce8f5d

Error - 10/11/2013 2:07:35 AM | Computer Name = OWNERPC-P0SPPR1 | Source = MsiInstaller | ID = 11714
Description =

Error - 10/11/2013 11:43:01 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Error | ID = 1000
Description = Faulting application name: VeohWebPlayer.exe, version: 1.4.9.0, time
stamp: 0x51fe9e75 Faulting module name: ole32.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x0002d225 Faulting process
id: 0x864 Faulting application start time: 0x01cedca0f39bfd16 Faulting application
path: C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe Faulting
module path: C:\Windows\syswow64\ole32.dll Report Id: c735bc3f-4a1e-11e3-9185-14dae9ce8f5d

Error - 10/11/2013 11:55:55 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Error | ID = 1000
Description = Faulting application name: ApplicationUpdater.exe, version: 7.9.0.2,
time stamp: 0x523c7fda Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process id:
0x3ec Faulting application start time: 0x01cedca0b95a05ad Faulting application path:
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe Faulting module
path: unknown Report Id: 946c9b25-4a20-11e3-9185-14dae9ce8f5d

Error - 10/11/2013 12:48:49 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 482
Description = wuaueng.dll (564) SUS20ClientDataStore: An attempt to write to the
file "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 786432
(0x00000000000c0000) for 393216 (0x00060000) bytes failed after 0 seconds with
system error 112 (0x00000070): "There is not enough space on the disk. ". The write
operation will fail with error -1808 (0xfffff8f0). If this error persists then
the file may be damaged and may need to be restored from a previous backup.

Error - 11/11/2013 12:31:04 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Windows Backup | ID = 4103
Description =

[ System Events ]
Error - 10/11/2013 8:40:22 PM | Computer Name = OWNERPC-P0SPPR1 | Source = bowser | ID = 8003
Description =

Error - 10/11/2013 9:57:44 PM | Computer Name = OWNERPC-P0SPPR1 | Source = DCOM | ID = 10010
Description =

Error - 10/11/2013 9:57:46 PM | Computer Name = OWNERPC-P0SPPR1 | Source = DCOM | ID = 10010
Description =

Error - 11/11/2013 12:20:53 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
due to the following error: %%2

Error - 11/11/2013 12:22:41 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 11/11/2013 12:22:41 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS

Error - 11/11/2013 12:26:31 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
2 time(s).

Error - 11/11/2013 12:28:11 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 11/11/2013 12:34:29 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 11/11/2013 12:34:50 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The Nero Update service terminated unexpectedly. It has done this
1 time(s).


< End of report >
  • 0

#4
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Hello Destiny!

 

Part1: Warnings :popcorn:



 

- FIRST -

In your logs I see a Backdoor. That means that your machine is infected with some nasty files which can steal some information. It is difficult to tell whether or not any data has been stolen and finding out which is true instead of doing countermeasures is unproductive. In this light, for your safety, assume that your log-in details and other information have been accessed by another source.
Below are the steps that you should administer:
  • Please disconnect from the Internet! Also don't use it while we are cleaning the infected machine. This is especially true when you are using the computer in question for online banking and other sites that require sensitive and personal information.
  • It is strongly advised that you change your passwords on a clean PC and notify the bank immediately to watch out for suspicious transactions.
I can try to clean the infection but I have to say your computer is very likely compromised and that there is no way to be sure your computer can ever again be trusted.Experts in the security community believe that a reformat and re-installation of the operating system is the best solution. Please peruse the following if you would like to know more:
Now - you decide if you want to reformat the PC or to cleaning the PC. Think of it and choose the best solution for you! Let me know of your decision. If you decide to go through the proceed, please proceed with the following steps.

- NEXT -

IMPORTANT I see, you have one or more P2P (Person to Person) programs installed.

1.) You have following P2P program installed: uTorrent
2.) If you download files from non-documented sources per a P2P File sharing Program, you can expect a infection of malware. That isn't good for your PC. A long time ago File-sharing with P2P programs like UTorrent was fairly safe. But at this time it isn't true any more. Of course you can use P2P programs at your own risk, but that is maybe your source of your infection. It would be nice if you read this here. So after reading the text you will recognize why you shouldn't have them.
3.) Please read this reports about the danger of P2P Programs:
4.) I would recommend that you uninstall the above. That would be nice. If you like to uninstall the P2P Program, you can do it via Start >> Control Panel >> Add or Remove Programs
5.) If you want to keep the program on your computer , don't use it while we are fixing your computer!

- NEXT -

I noticed that you used illegal Software like Cracks, keygens etc. We don't support illegal software!!! After the fix session the illegal software will be deleted. If you don't want to delete the illegal software please stop here - in this situation I won't support you anymore! So - please procceed with the following steps if you agree with the deletion of the illegal software!

- NEXT -

I see you have only less than 15% free space on your PC. That is another reason for the slowness of your computer. Because of that I recommend uninstalling software which you don't use at all.

 

Part2: Uninstalls :popcorn:



 

I want you to uninstall following programs (XP: Start > Control Panel > Add/Remove Programs | Vista / Win7 / Win8: Start > Control Panel > uninstall a program):

  • IObit Apps Toolbar v7.9
  • AVG Security Toolbar

Also, I recommend you to uninstall this software:

  • JDownloader 2
  • Search Protection

Tell me please which one you have uninstalled.

 

Part3: Action! :popcorn:



 

- FIRST -

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [CreateRestorePoint]

    :OTL
    SRV - [2013/11/10 14:42:23 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
    SRV - [2013/10/30 14:17:34 | 002,473,296 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
    SRV - [2013/09/20 19:03:26 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    IE - HKLM\..\SearchScopes,DefaultScope = {61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}
    IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
    IE - HKCU\..\SearchScopes,DefaultScope = {F202FF1A-F565-4654-86AC-67C007E26395}
    IE - HKCU\..\SearchScopes\{5F281AB8-905F-4816-9E73-6F3ABBDFB60F}: "URL" = http://search.yahoo....p={searchTerms}
    IE - HKCU\..\SearchScopes\{61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}: "URL" = http://search.condui...1613114364&UM=2
    IE - HKCU\..\SearchScopes\{F202FF1A-F565-4654-86AC-67C007E26395}: "URL" = http://search.yahoo....p={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:11 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:23 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:11 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/10/31 20:35:23 | 000,000,000 | ---D | M]
    [2013/10/31 20:35:23 | 000,000,000 | ---D | M] (SeeSimilar02) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
    [2013/10/31 20:35:11 | 000,000,000 | ---D | M] (Speed Test (4354)) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]
    O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
    O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
    O33 - MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\Shell - "" = AutoRun
    O33 - MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
    O33 - MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\Shell - "" = AutoRun
    O33 - MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
    [2013/10/31 20:35:48 | 000,019,456 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
    [2013/10/31 20:35:48 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PerformerSoft
    [2013/10/31 20:35:23 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SeeSimilar02
    [2013/10/31 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\speedtest4354
    [2013/11/10 21:20:28 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
    [2013/07/18 09:57:17 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
    [2013/03/21 15:41:26 | 000,002,048 | -HS- | M] () -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\@
    [2013/03/21 15:41:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\L
    [2013/03/27 09:21:40 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\U
    @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
    @Alternate Data Stream - 1149 bytes -> C:\Users\Administrator\AppData\Local\UmdVZQXmJupxDrZ:20TLFXUMm7A1l0Mssm40H
    @Alternate Data Stream - 1109 bytes -> C:\ProgramData\Microsoft:ylVZq1BO6UMxCugapzaF
    @Alternate Data Stream - 1091 bytes -> C:\ProgramData\Microsoft:KXGEKU1OWNJSz76so7lJm

    :Files
    C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a
    C:\Program Files (x86)\Common Files\AVG Secure Search
    C:\Program Files (x86)\Secure Speed Dial
    C:\Program Files (x86)\Application Updater
    C:\Program Files (x86)\IObit Apps Toolbar
    C:\Program Files (x86)\Common Files\Spigot

    :Commands
    [Emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix. Post that into your next reply!

- NEXT -

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder. as AdwCleaner[S0].txt

- NEXT -

  • Right click the OTL icon and select Run as Administrator.
  • Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
    • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      qmgr.dll
      winsock.*
      /md5stop
      dir "%systemdrive%\*" /S /A:L /C
      CREATERESTOREPOINT

  • Make sure all other windows are closed.
    • You will see a console like the one below:

      Posted Image

    • Click the box beside Scan All Users at the top of the console
    • IF you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
    • Make sure the Output box at the top is set to Standard Output.
    • Check the boxes beside LOP Checkand Purity Check.
    • Under the option Extra Registry please select Use Safe List
      Place the mouse pointer inside the Posted Image box, right click and click Paste. This will put the above script inside OTL
    • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
    • Let the scan run uninterrupted.
    • When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the taskbar. These files is also saved in the same location as OTL (it should be on your desktop).
    • Please copy the contents of these files and paste it into your reply. To do that:
    • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
    • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
[/list]Repeat for the Extras.txtfile.

 

Please do not forget to include these LogFiles in your next post:

  • OTL Fix Log
  • AdwareCleaner Log
  • OTL.txt
  • Extras.txt

  • 0

#5
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Before I do all of your recommendations I would like to ask how or what can I use to check if a file downloaded contains malware? P2P will continue used, my computer is shared with our household under my account but even though we will be using it, I would like to be as safe as possible. Or if you recommend something else that's similar somehow, then that would be great as well.

Also do you know what programs on here are cracked, kegens? I'm not sure but if you let me know I will remove them.

And if I do a clean reinstall with a backup, with doing that what do I lose? Also I don't have any cd's because my computer was bought pre installed at memory express so how would I reinstall?

Also I couldn't uninstall IObit Apps Toolbar v7.9 it said something about the file's being on another network and could not be connected or something like that.

Thanks!

Edited by Destiny000, 11 November 2013 - 09:02 PM.

  • 0

#6
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Hey Destiny. :)

If you like you can call me Gerrit. :)

Before I do all of your recommendations I would like to ask how or what can I use to check if a file downloaded contains malware?

Yo're Mallwarescanner could warn you about it. Here's the way how I would download a file:

  • Make sure the reference was a good site (you should always download from a good site)
  • If you downloaded the file don't execute it
  • Before you execute it you can scan it with Malwarebytes for example or Microsofoft Essentials etc.
  • If the Scanner say no and you are still in doubt you can upload it to virustotal to scan with more than 1 scanner

Also do you know what programs on here are cracked, kegens? I'm not sure but if you let me know I will remove them.


These files:

[2013/11/10 21:20:28 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013/07/18 09:57:17 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe


are related to a cracked Office. References are hereand here. :) So removing office would be very nice. :)

And if I do a clean reinstall with a backup, with doing that what do I lose? Also I don't have any cd's because my computer was bought pre installed at memory express so how would I reinstall?

BackUp is difficult, you should only backup file like pictures, music, etc. , but no Executable File (.exe files). You will loose everything when you do a clean reinstall, but when you back up some things only a little amount of things will be saved. Or when you had already made a backup sime time ago you must be sure that the backup isn't infected and then you can use the backup if you like.
To make a reinstallation without a disk please follow this tutorial here. :)

Also I couldn't uninstall IObit Apps Toolbar v7.9 it said something about the file's being on another network and could not be connected or something like that.

No problem, please ignore that step and go through the other steps for now.

Thanks Destiny,
Gerrit
  • 0

#7
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Here is the first OTL scan/fix:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named vToolbarUpdater17.1.2 was found to stop!
Service\Driver key vToolbarUpdater17.1.2 not found.
File C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe not found.
Service SecureUpdateSvc stopped successfully!
Service SecureUpdateSvc deleted successfully!
C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe moved successfully.
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ deleted successfully.
C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F281AB8-905F-4816-9E73-6F3ABBDFB60F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F281AB8-905F-4816-9E73-6F3ABBDFB60F}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61B33DD6-57A1-46AA-A6E1-D57994ED3E8D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F202FF1A-F565-4654-86AC-67C007E26395}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F202FF1A-F565-4654-86AC-67C007E26395}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\mz folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\skin folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\mz folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome folder moved successfully.
C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] folder moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
File C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
File C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected] not found.
Folder C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\ not found.
Folder C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\[email protected]\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}\ deleted successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\SpeedDial.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9\iobitappsToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
File C:\Program Files (x86)\AVG Secure Search\vprot.exe not found.
File C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ not found.
File C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17215d82-eb3b-11e2-af2c-742f68a108e8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17215d82-eb3b-11e2-af2c-742f68a108e8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17215d82-eb3b-11e2-af2c-742f68a108e8}\ not found.
File E:\WIN\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2201b59c-92b1-11e2-b69f-14dae9ce8f5d}\ not found.
File E:\WIN\setup.exe not found.
C:\Windows\SysNative\roboot64.exe moved successfully.
C:\Users\Administrator\AppData\Roaming\PerformerSoft folder moved successfully.
C:\Users\Administrator\AppData\Roaming\SeeSimilar02 folder moved successfully.
C:\Users\Administrator\AppData\Roaming\speedtest4354 folder moved successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\KMSEmulator.exe moved successfully.
C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\@ moved successfully.
C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\L folder moved successfully.
C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a\U folder moved successfully.
ADS C:\ProgramData\TEMP:56E2E879 deleted successfully.
ADS C:\Users\Administrator\AppData\Local\UmdVZQXmJupxDrZ:20TLFXUMm7A1l0Mssm40H deleted successfully.
ADS C:\ProgramData\Microsoft:ylVZq1BO6UMxCugapzaF deleted successfully.
ADS C:\ProgramData\Microsoft:KXGEKU1OWNJSz76so7lJm deleted successfully.
========== FILES ==========
C:\$Recycle.Bin\S-1-5-18\$d142afc5c15f2a8841f5d30c1303081a folder moved successfully.
File\Folder C:\Program Files (x86)\Common Files\AVG Secure Search not found.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\vi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\uk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\tr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\th folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\te folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ta folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sw folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\sk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ru folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ro folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_PT folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pt_BR folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\pl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\no folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\nl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ms folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\mr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\lt folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ko folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\kn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ja folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\it folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\id folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\hi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\he folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\gu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fil folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\fa folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\et folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es - 419 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\es folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-US folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en-GB folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\en folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\el folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\de folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\da folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\cs folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ca folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale\ar folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\locale folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\images folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox\[email protected] folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Firefox folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome\glmfgahfleepmdfffonfckpmkondpdkg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source\Chrome folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Source folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\update\NewTabsinstair folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\update folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\update folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE\db folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\IE folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\lib folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\chrome\content\subscriptions folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\chrome\content\scripts folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\chrome\content\images folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\chrome\content folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\chrome folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected]\bin folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox\[email protected] folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Firefox folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\js folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\img folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\filtering folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\dll folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\db folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome\ojkdcodhlkmiakbangobnmdhieapagic folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock\Chrome folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE\ADBlock folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\IE folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\vi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\uk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\tr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\th folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\te folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ta folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sw folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\sk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ru folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ro folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_PT folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pt_BR folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\pl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\no folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\nl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ms folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\mr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\lt folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ko folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\kn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ja folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\it folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\id folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\hi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\he folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\gu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fil folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\fa folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\et folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es - 419 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\es folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-US folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en-GB folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\en folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\el folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\de folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\da folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\cs folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ca folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale\ar folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\locale folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\images folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\defaults\preferences folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected]\defaults folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox\[email protected] folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Firefox folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_TW folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\zh_CN folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\vi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\uk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\tr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\th folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\te folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ta folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sw folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\sk folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ru folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ro folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_PT folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pt_BR folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\pl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\no folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\nl folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ms folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lv folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\lt folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ko folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\kn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ja folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\it folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\id folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\hi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\he folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\gu folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fr folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fil folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fi folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\fa folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\et folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es_419 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\es folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en_GB folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en-US folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\en folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\el folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\de folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\da folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\cs folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ca folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bn folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales\ar folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\_locales folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\js folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images\bg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\images folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\dll folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\css folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\background folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0 folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome\glmfgahfleepmdfffonfckpmkondpdkg folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial\Chrome folder moved successfully.
C:\Program Files (x86)\Secure Speed Dial folder moved successfully.
C:\Program Files (x86)\Application Updater folder moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar\Res\Lang folder moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar\Res folder moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar\IE\7.9 folder moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar\IE folder moved successfully.
C:\Program Files (x86)\IObit Apps Toolbar folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\GC folder moved successfully.
Folder move failed. C:\Program Files (x86)\Common Files\Spigot scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 6561619445 bytes
->Temporary Internet Files folder emptied: 119197200 bytes
->Java cache emptied: 424601 bytes
->Google Chrome cache emptied: 8142082 bytes
->Flash cache emptied: 114857 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: fbwuser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Flash cache emptied: 56475 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 242192265 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 163786100 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 6,767.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11122013_205027

Files\Folders moved on Reboot...
C:\Program Files (x86)\Common Files\Spigot folder moved successfully.
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\CR_CF645.tmp\SETUP_PATCH.PACKED.7Z scheduled to be moved on reboot.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.8.1.min.js moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp_step2.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\CPOL license.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\Encoding_decoding_base64.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\hmac.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\LICENSE-bsdiff.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\LICENSE-bzip.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\LICENSE-sparsehash.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\Log4CPlus.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Licenses\PassthruApp.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\EnableHelperRes\Images\box_ie.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\EnableHelperRes\EEImageHandler.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\all.css moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\btn-ok2.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\downBtn.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\DSPDlg_IE.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\logo2.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\DSPDlg_IE\upBtn.png moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\ChromeRes\AVG Secure Search\nt28_2.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\ChromeRes\AVG SafeGuard toolbar\nt28_2.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\ChromeRes\AVG Nation toolbar\nt28_2.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\ChromeRes\nt.html moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\ChromeRes\nt28_2.js moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_close.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_expand.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tracking.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\bull4x4.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\divider.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Chrome\content\icons\loader.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\about.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\active-threats18.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\AVG Secure Search moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\avgMozXPCOM.js moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\calc.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\CleanHistory.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\configuration.xml moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\current.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\currently-safe18.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\data.zip moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\EULA.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Eula.txt moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\favicon.ico moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\feedback.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\FireFoxSearchXml.tmp moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\help.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\icon18.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\labs.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\lip.exe moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\note.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\PostInstall.exe moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\PostInstaller.ini moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\privacy.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\remote_configuration.xml moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\search.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\setup.bmp moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\surf-with-caution18.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\Uninstall.exe moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\uninstall.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\updating18.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\vprot.exe moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\weather.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgFiles\AVG Secure Search\windows.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\about.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\active-threats18.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\ajax-loader.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\calc.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\CleanHistory.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\close.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\current.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\currently-safe18.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\dnt.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\EULA.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\Facebook.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\feedback.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\feedicon.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\help.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\icon18.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\icon_search.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\information-24.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\labs.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\loader.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\note.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\privacy.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\questionmarkIcon.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\search.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\surf-with-caution18.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\uninstall.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\updating18.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\weather.gif moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\window-close.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\skin\windows.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-tw\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-tw\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-cn\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\zh-cn\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\tr\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\tr\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\th\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\th\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sv\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sv\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sr\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sr\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sk\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\sk\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ru\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ru\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ro\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ro\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt-br\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt-br\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pt\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pl\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\pl\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nl\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nl\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nb\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\nb\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ms\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ms\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ko\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ko\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ja\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\ja\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\it\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\it\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\id\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\id\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hu\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hu\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hi\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\hi\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fr\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fr\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fi\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\fi\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es-es\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es-es\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\es\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\en\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\en\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\el\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\el\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\de\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\de\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\da\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\da\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\cs\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\cs\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\af\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\locale\af\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg-dnt-adapter.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg.xml moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avg.xul moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\avgJsm.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\Bindings.xml moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\configuration.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\configuration_0.css moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\HistoryCleaner.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\IOJsm.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\passwordbox.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\Preferences.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\modules\propertiesJsm.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\locale\en-US\global.dtd moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\locale\en-US\global.properties moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\avg-dnt-policy.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\nci.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\components\toolbarhomeApi.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\chrome\avg.jar moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\chrome.manifest moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\icon.png moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\FireFoxExt\17.1.2.1\install.rdf moved successfully.
C:\Windows\temp\avg_a05108\ProgData\AVG Secure Search\ChromeExt\17.1.2.1\avg.crx moved successfully.
C:\Windows\temp\avg_a05108\ProgData\avgMozXPCOM.js moved successfully.
C:\Windows\temp\avg_a05108\ProgData\binarylines.manifest moved successfully.
C:\Windows\temp\avg_a05108\ProgData\FireFoxSearchXml.tmp moved successfully.
C:\Windows\temp\avg_a05108\ConfigFiles\avguidx.dll moved successfully.
C:\Windows\temp\avg_a05108\ConfigFiles\installer_cfg.ini moved successfully.
C:\Windows\temp\avg_a05108\ConfigFiles\MachineIdCreator.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\avgdttbx.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\AVGRewardsWorker.cfg moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\AVGRewardsWorker.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\avgtpx64.sys moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\avgtpx86.sys moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\CommonCfg.ini moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\DriverInstaller.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\DriverInstaller_64.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\helper.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\log4cplusU.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\loggingserver.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\npsitesafety.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\ScriptHelper.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\SiteSafety.dll moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\ToolBand.tlb moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\ToolbarUpdater.exe moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\UpdaterConfig.ini moved successfully.
C:\Windows\temp\avg_a05108\CommonFiles\AVG Secure Search\ViProtocol.dll moved successfully.
File\Folder C:\Windows\temp\avg_a05108\avg-secure-search-installer.exe not found!
File\Folder C:\Windows\temp\avg_a05108\Installer.7z not found!
File\Folder C:\Windows\temp\avg_a05108\{95B7759C-8C7F-4BF1-B163-73684A933233} not found!
File\Folder C:\Windows\temp\TMP00000001008EE2D782677187 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



I will edit this post to add the rest later.
  • 0

#8
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Hello Gerrit,

I had to get someone else's laptop to access this forum. And it would not let me edit my previous post for additional info.

Also I cannot connect to the internet at all on my laptop, I've been doing so only to connect to this forum and unplugging it all other times, I connect directly and do not use wireless it is disabled. It's not so much my internet connection as it shows that I am connected, but my browsers that cannot connect to proxy. When running the troubleshooter it says the remote device or resource won't accept the connection.


Also I don't know if this info will help you with anything or not but my skydrive online and on my computer had/havent been working right or sometimes don't seem to really work at all.


This is the awd cleaner file:

# AdwCleaner v3.012 - Report created 12/11/2013 at 21:24:01
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Administrator - OWNERPC-P0SPPR1
# Running from : C:\Users\Administrator\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : hshld
[#] Service Deleted : hsstrayservice
Service Deleted : hsswd

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\hotspot shield
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\hotspot shield
Folder Deleted : C:\Program Files (x86)\Vittalia
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Users\Administrator\AppData\Local\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Administrator\AppData\Roaming\hotspot shield
File Deleted : C:\END
File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstallerStub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-runtime-environment_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_java-runtime-environment_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7C28CEF1-A4A6-4B6A-8B97-C44F1267753C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\hotspotshield
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vittalia

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6596 octets] - [12/11/2013 21:22:12]
AdwCleaner[S0].txt - [5899 octets] - [12/11/2013 21:24:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5959 octets] ##########



This one is the OTL file:

OTL logfile created on: 12/11/2013 10:03:37 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

11.91 Gb Total Physical Memory | 9.24 Gb Available Physical Memory | 77.62% Memory free
23.81 Gb Paging File | 20.81 Gb Available in Paging File | 87.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 149.43 Gb Free Space | 21.39% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 32.59 Gb Free Space | 3.50% Space Free | Partition Type: NTFS
Drive I: | 3.70 Gb Total Space | 3.00 Gb Free Space | 81.09% Space Free | Partition Type: FAT32

Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
PRC - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
PRC - [2013/10/20 23:41:58 | 042,239,328 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\17.0.1241.53\opera.exe
PRC - [2013/08/04 11:33:28 | 004,686,848 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
PRC - [2013/07/03 14:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/03 14:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/28 11:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/20 23:42:01 | 000,881,504 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libGLESv2.dll
MOD - [2013/10/20 23:42:00 | 000,109,408 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\libEGL.dll
MOD - [2013/10/20 23:41:59 | 001,384,288 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\opera_crashreporter.exe
MOD - [2013/10/20 23:41:59 | 000,868,704 | ---- | M] () -- C:\Program Files (x86)\Opera\17.0.1241.53\ffmpegsumo.dll
MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/12/03 08:47:14 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/06/21 06:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011/06/20 06:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011/06/20 04:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011/06/20 04:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011/06/20 04:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011/06/20 04:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011/05/26 02:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011/05/26 02:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 22:14:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/13 09:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/01/17 22:28:28 | 000,024,576 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/18 03:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/11/18 03:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/10/10 02:00:58 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2013/06/21 05:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/06/20 18:09:46 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/08 01:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 01:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/09/10 09:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/09/04 13:17:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/30 23:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/25 09:26:34 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2011/12/06 03:23:10 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/16 10:24:57 | 000,032,848 | ---- | M] (ip-shield.net LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipshtap.sys -- (ipshtap)
DRV:64bit: - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/13 09:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 09:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 09:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 09:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 09:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 13:23:56 | 000,106,752 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys -- (swiwdmbus)
DRV:64bit: - [2010/11/16 13:12:10 | 000,211,072 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swumxa3.sys -- (SWUMXA3)
DRV:64bit: - [2010/11/16 13:11:50 | 000,245,760 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/08 18:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2009/11/20 14:26:50 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/12 05:16:06 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/02/05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013/07/02 12:55:03 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/12/09 21:57:03 | 000,089,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\EdenEternal\avital\ussjcs64.sys -- (usj)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 F2 F5 45 AA 84 CD 01 [binary data]
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7AURU_enCA499
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2013/07/02 19:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2013/07/24 10:59:24 | 000,000,000 | ---D | M]

[2013/11/12 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: MixiDJ V8 = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.0.62_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [Akamai NetSession Interface] C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [SkyDrive] C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [uTorrent] C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500..\RunOnce: [Uninstall C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.5.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25DFF212-CB9A-4D9C-897E-F37041D30E72}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3656380A-593C-446E-A327-14031E4898E7}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BF6E015-86D4-4B85-A85D-DDC5AAC54796}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F2496C-A4AE-4BC8-A53C-4350286FBA7C}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,000 | ---D | M] - H:\autorun -- [ NTFS ]
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,036 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/11/12 21:18:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/12 20:50:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/11 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\.appwork
[2013/11/10 23:04:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/08 15:02:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995_files
[2013/11/08 14:29:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota_files
[2013/11/04 12:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/11/04 12:03:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\:spam: Studio
[2013/11/04 12:03:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\:spam: Studio
[2013/11/04 12:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\:spam:
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\:spam: Studio
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\:spam: Studio
[2013/11/01 12:55:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/10/31 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
[2013/10/31 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2013/10/26 02:00:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/10/25 18:57:43 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/10/17 22:26:05 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/17 22:26:05 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2013/10/16 17:43:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\walkthrough's
[2013/10/16 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Ayurvedic course
[2013/10/16 17:35:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Intrnet xplornet bills
[2013/10/16 17:25:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Indigo Chapters documents
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/12 21:43:31 | 001,321,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/12 21:43:31 | 000,660,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/12 21:43:31 | 000,420,586 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/12 21:43:31 | 000,124,796 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/12 21:43:31 | 000,123,028 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/12 21:38:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 21:38:05 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 21:27:37 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/12 21:26:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/12 21:26:01 | 999,092,222 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/12 21:22:38 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/12 21:12:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/12 20:47:38 | 001,085,542 | ---- | M] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/12 20:41:37 | 005,625,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/10 18:57:51 | 000,402,986 | ---- | M] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:02:01 | 000,076,979 | ---- | M] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:57 | 000,090,811 | ---- | M] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/05 13:00:52 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/11/04 23:41:10 | 005,297,551 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:41:04 | 149,670,408 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:35:31 | 136,817,561 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:29:54 | 159,378,722 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:23:52 | 143,395,492 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:17:58 | 133,504,883 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:12:21 | 159,323,910 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:06:19 | 159,463,195 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 23:00:22 | 159,384,225 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:54:11 | 140,460,381 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:48:40 | 159,371,360 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:42:14 | 153,779,427 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:36:26 | 152,018,493 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | M] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/01 12:55:17 | 000,002,565 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | M] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | M] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | M] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | M] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | M] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:47 | 000,035,893 | ---- | M] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:34 | 000,067,955 | ---- | M] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:34:45 | 009,727,677 | ---- | M] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:23 | 004,750,301 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:33:12 | 009,345,141 | ---- | M] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:56 | 002,904,727 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:54 | 007,133,170 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:48 | 009,610,083 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:42 | 007,099,679 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:36 | 007,276,524 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:30 | 007,054,920 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:24 | 006,627,675 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 13:14:25 | 000,300,686 | ---- | M] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/17 20:41:31 | 000,189,826 | ---- | M] () -- C:\Windows\hpoins46.dat
[2013/10/16 12:05:57 | 000,231,582 | ---- | M] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:31:32 | 020,947,072 | ---- | M] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/16 02:02:12 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/12 20:47:21 | 001,085,542 | ---- | C] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/10 18:57:50 | 000,402,986 | ---- | C] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:01:53 | 000,076,979 | ---- | C] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:47 | 000,090,811 | ---- | C] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/04 23:41:04 | 005,297,551 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:35:32 | 149,670,408 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:29:54 | 136,817,561 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:23:52 | 159,378,722 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:17:58 | 143,395,492 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:12:21 | 133,504,883 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:06:19 | 159,323,910 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:00:22 | 159,463,195 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 22:54:11 | 159,384,225 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:48:40 | 140,460,381 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:42:15 | 159,371,360 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:28:10 | 153,779,427 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:22:09 | 152,018,493 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | C] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/04 11:37:16 | 268,100,293 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mkv
[2013/11/01 12:55:17 | 000,002,565 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | C] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/25 18:57:22 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | C] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | C] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | C] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | C] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:46 | 000,035,893 | ---- | C] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:30 | 000,067,955 | ---- | C] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:33:25 | 009,727,677 | ---- | C] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:14 | 004,750,301 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:32:58 | 009,345,141 | ---- | C] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:54 | 002,904,727 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:48 | 007,133,170 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:42 | 009,610,083 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:36 | 007,099,679 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:30 | 007,276,524 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:25 | 007,054,920 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:19 | 006,627,675 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 16:43:01 | 000,003,043 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00002
[2013/10/19 16:43:01 | 000,000,402 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00001
[2013/10/19 13:14:22 | 000,300,686 | ---- | C] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/16 12:05:57 | 000,231,582 | ---- | C] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:30:44 | 020,947,072 | ---- | C] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/01 22:30:51 | 000,000,145 | ---- | C] () -- C:\Windows\game.INI
[2013/09/27 16:22:37 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/09/25 15:58:15 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013/08/27 13:27:06 | 000,000,218 | ---- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2013/07/08 00:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/07/02 19:33:09 | 000,207,031 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2013/07/02 19:33:09 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2013/07/02 12:49:56 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2013/05/07 08:14:48 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/02/08 12:54:42 | 000,703,117 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\technic-launcher.jar
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/29 09:28:33 | 000,007,600 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/10/03 10:35:24 | 000,001,456 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/09/22 19:50:41 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/09/22 10:03:34 | 000,000,054 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/09/17 13:23:37 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/09/06 15:11:14 | 001,313,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/03 17:36:35 | 000,000,132 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/28 16:07:17 | 000,000,454 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/28 15:59:53 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/08/28 11:33:12 | 000,189,826 | ---- | C] () -- C:\Windows\hpoins46.dat
[2012/08/28 11:33:12 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2012/08/27 17:43:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/08/27 17:43:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:31:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/27 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.anomos
[2013/02/08 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.techniclauncher
[2013/09/27 17:13:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2013/03/30 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2013/04/23 16:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CDisplayEx
[2012/10/18 19:20:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/25 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/09/03 19:24:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2013/09/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2013/04/22 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Doblon
[2013/10/08 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Eipix
[2013/09/24 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EQATEC Analytics
[2013/06/18 11:46:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2013/02/04 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EuroTalk
[2013/09/11 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GlarySoft
[2013/10/09 11:26:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gogii Games
[2013/08/27 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2013/09/27 16:19:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2012/12/29 22:33:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IonFx
[2012/12/29 16:14:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kalypso Media
[2013/02/08 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\logs
[2013/10/07 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mad Head Games
[2013/09/25 15:34:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MotioninJoy
[2013/10/01 22:48:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera Software
[2013/09/24 19:28:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2012/09/13 09:16:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OverPlay.net, LP
[2012/09/17 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PACE Anti-Piracy
[2013/10/17 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/09/24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2013/06/18 09:12:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\S.A.D
[2013/07/16 09:36:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Wireless
[2012/08/27 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/26 12:39:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\sylteditor
[2013/01/03 09:22:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SystemRequirementsLab
[2013/10/25 13:40:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\The Longest Journey
[2013/10/09 16:34:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheBookofLegends_Saves
[2013/07/12 14:14:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheSage
[2013/11/12 21:30:51 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent
[2013/10/15 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/10/15 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 18:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 22:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 06:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 15:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 22:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 21:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 06:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 05:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 06:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 10:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 04:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 23:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 06:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 06:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 06:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 06:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 06:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 05:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 06:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 06:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 05:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 22:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 06:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 06:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 06:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 06:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 06:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 06:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 06:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 05:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 15:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 06:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 06:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[1995/07/11 08:50:00 | 000,204,288 | ---- | M] (Microsoft Corporation) MD5=40978DF82DAAFAD93117A0D81FAE5C5F -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK18\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 06:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[1995/07/11 08:50:00 | 000,006,007 | ---- | M] () MD5=D5E21E6DD81F7E6BEF32A67898362A85 -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK21\services
[2009/06/10 14:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2013/09/03 06:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.CSS >
[2005/06/29 14:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files (x86)\Intuit\QuickBooks 2010\Components\Services\services.css

< MD5 for: SERVICES.EXE >
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 18:19:58 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=130B7341F5446430B3FFB7DCD9A786E3 -- C:\Windows\SysNative\ja-JP\services.exe.mui
[2009/07/13 18:19:58 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=130B7341F5446430B3FFB7DCD9A786E3 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_f4c280f4fcec33c8\services.exe.mui
[2009/07/13 19:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 19:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 19:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 19:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 19:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
[2009/07/13 18:11:32 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\SysNative\ja-JP\services.msc
[2009/07/13 18:29:36 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\SysWOW64\ja-JP\services.msc
[2009/07/13 18:11:32 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_2f0450e0d355cdbb\services.msc
[2009/07/13 18:29:36 | 000,092,779 | ---- | M] () MD5=DD14A9FE7CD992573F40FC169551BBAB -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_d2e5b55d1af85c85\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SERVICES.SBS >
[2010/04/19 08:25:26 | 000,033,457 | ---- | M] () MD5=3171D886B2782CE1B51E0210BCD4E50C -- C:\Users\Administrator\Documents\Tools\111 Quick Tools\Installs\spybot\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< MD5 for: WINSOCK.DLL >
[1995/07/11 08:50:00 | 000,042,080 | ---- | M] (Microsoft Corporation) MD5=2A316E08790F0A4CABFBC9F5AC30CF1A -- C:\Users\Administrator\Documents\windows 95\WIN95_DSK19\winsock.dll

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 6A91-EEA5
Directory of C:\
13/07/2009 10:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
13/07/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
13/07/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
13/07/2009 10:08 PM <SYMLINKD> All Users [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Administrator
27/08/2012 02:40 PM <JUNCTION> Application Data [C:\Users\Administrator\AppData\Roaming]
27/08/2012 02:40 PM <JUNCTION> Cookies [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies]
27/08/2012 02:40 PM <JUNCTION> Local Settings [C:\Users\Administrator\AppData\Local]
27/08/2012 02:40 PM <JUNCTION> My Documents [C:\Users\Administrator\Documents]
27/08/2012 02:40 PM <JUNCTION> NetHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/08/2012 02:40 PM <JUNCTION> PrintHood [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/08/2012 02:40 PM <JUNCTION> Recent [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent]
27/08/2012 02:40 PM <JUNCTION> SendTo [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo]
27/08/2012 02:40 PM <JUNCTION> Start Menu [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu]
27/08/2012 02:40 PM <JUNCTION> Templates [C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\AppData\Local
27/08/2012 02:40 PM <JUNCTION> Application Data [C:\Users\Administrator\AppData\Local]
27/08/2012 02:40 PM <JUNCTION> History [C:\Users\Administrator\AppData\Local\Microsoft\Windows\History]
27/08/2012 02:40 PM <JUNCTION> Temporary Internet Files [C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Administrator\Documents
27/08/2012 02:40 PM <JUNCTION> My Music [C:\Users\Administrator\Music]
27/08/2012 02:40 PM <JUNCTION> My Pictures [C:\Users\Administrator\Pictures]
27/08/2012 02:40 PM <JUNCTION> My Videos [C:\Users\Administrator\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
13/07/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
13/07/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
13/07/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
13/07/2009 10:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
13/07/2009 10:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
13/07/2009 10:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
13/07/2009 10:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
13/07/2009 10:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
13/07/2009 10:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
13/07/2009 10:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
13/07/2009 10:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
13/07/2009 10:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
13/07/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
13/07/2009 10:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
13/07/2009 10:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
13/07/2009 10:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
13/07/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
13/07/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser
11/07/2013 11:32 AM <JUNCTION> Application Data [C:\Users\fbwuser\AppData\Roaming]
11/07/2013 11:32 AM <JUNCTION> Cookies [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Cookies]
11/07/2013 11:32 AM <JUNCTION> Local Settings [C:\Users\fbwuser\AppData\Local]
11/07/2013 11:32 AM <JUNCTION> My Documents [C:\Users\fbwuser\Documents]
11/07/2013 11:32 AM <JUNCTION> NetHood [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/07/2013 11:32 AM <JUNCTION> PrintHood [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/07/2013 11:32 AM <JUNCTION> Recent [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Recent]
11/07/2013 11:32 AM <JUNCTION> SendTo [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\SendTo]
11/07/2013 11:32 AM <JUNCTION> Start Menu [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Start Menu]
11/07/2013 11:32 AM <JUNCTION> Templates [C:\Users\fbwuser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser\AppData\Local
11/07/2013 11:32 AM <JUNCTION> Application Data [C:\Users\fbwuser\AppData\Local]
11/07/2013 11:32 AM <JUNCTION> History [C:\Users\fbwuser\AppData\Local\Microsoft\Windows\History]
11/07/2013 11:32 AM <JUNCTION> Temporary Internet Files [C:\Users\fbwuser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\fbwuser\Documents
11/07/2013 11:32 AM <JUNCTION> My Music [C:\Users\fbwuser\Music]
11/07/2013 11:32 AM <JUNCTION> My Pictures [C:\Users\fbwuser\Pictures]
11/07/2013 11:32 AM <JUNCTION> My Videos [C:\Users\fbwuser\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
13/07/2009 10:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
13/07/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
13/07/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
15/01/2013 12:29 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Roaming]
15/01/2013 12:29 PM <JUNCTION> Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
15/01/2013 12:29 PM <JUNCTION> Local Settings [C:\Users\UpdatusUser\AppData\Local]
15/01/2013 12:29 PM <JUNCTION> My Documents [C:\Users\UpdatusUser\Documents]
15/01/2013 12:29 PM <JUNCTION> NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
15/01/2013 12:29 PM <JUNCTION> PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
15/01/2013 12:29 PM <JUNCTION> Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
15/01/2013 12:29 PM <JUNCTION> SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
15/01/2013 12:29 PM <JUNCTION> Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
15/01/2013 12:29 PM <JUNCTION> Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
15/01/2013 12:29 PM <JUNCTION> Application Data [C:\Users\UpdatusUser\AppData\Local]
15/01/2013 12:29 PM <JUNCTION> History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
15/01/2013 12:29 PM <JUNCTION> Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
15/01/2013 12:29 PM <JUNCTION> My Music [C:\Users\UpdatusUser\Music]
15/01/2013 12:29 PM <JUNCTION> My Pictures [C:\Users\UpdatusUser\Pictures]
15/01/2013 12:29 PM <JUNCTION> My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
82 Dir(s) 160,429,043,712 bytes free

========== Files - Unicode (All) ==========
[2013/09/15 14:21:00 | 000,002,009 | ---- | M] ()(C:\Users\Public\Desktop\?1?e?I‰S.lnk) -- C:\Users\Public\Desktop\¹–ë‚̉S.lnk
[2013/09/15 14:21:00 | 000,002,009 | ---- | C] ()(C:\Users\Public\Desktop\?1?e?I‰S.lnk) -- C:\Users\Public\Desktop\¹–ë‚̉S.lnk

< End of report >



This next one is the extra's OTL::


OTL Extras logfile created on: 12/11/2013 10:03:37 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

11.91 Gb Total Physical Memory | 9.24 Gb Available Physical Memory | 77.62% Memory free
23.81 Gb Paging File | 20.81 Gb Available in Paging File | 87.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 149.43 Gb Free Space | 21.39% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 32.59 Gb Free Space | 3.50% Space Free | Partition Type: NTFS
Drive I: | 3.70 Gb Total Space | 3.00 Gb Free Space | 81.09% Space Free | Partition Type: FAT32

Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E15B26-829F-4CAC-8BBB-B7B8DAE77262}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{030F0992-2FBE-4250-BAA2-987E3CFC75D0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{0478E5D8-CA17-41D1-90C9-1CF1FCB96921}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A098DE1-223D-46AB-A093-4181DE5B1E1B}" = rport=138 | protocol=17 | dir=out | app=system |
"{153E3F92-56DD-4831-8F6F-CD666E1C030E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{17A36959-CC0E-4693-86C9-F1F8C5789DB5}" = lport=443 | protocol=6 | dir=out | app=system |
"{1EBDCCC2-1D17-4443-AA66-D4AC317C50BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2012EB90-A233-4FE3-9B33-D8E3903C0EF3}" = rport=445 | protocol=6 | dir=out | app=system |
"{24F25C6E-BF8F-4685-899D-331C24B383C4}" = rport=443 | protocol=6 | dir=out | app=system |
"{27B8528C-6280-48E8-B8D3-D42D9DE1A7F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2A8FA3C2-EB3B-4590-9696-ED7E84814925}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B102B30-07EA-4079-AA49-2B4EEB076AAD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B85F947-73AB-4ECE-8410-54B12AC3FA6C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2D907B9A-2478-42E1-B8BC-8876F39A034C}" = rport=3702 | protocol=17 | dir=out | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{300F632B-8359-447E-A7E5-6741C81C5BF4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31E49EDD-E1A3-4FF2-8F74-7EB214588D44}" = lport=443 | protocol=6 | dir=in | app=system |
"{339DE419-0BAD-454F-9A54-DF133A260E6A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4176C38D-1ADC-4C72-8FD1-077BD0E25EA9}" = lport=80 | protocol=6 | dir=in | app=system |
"{50BEA5F3-811F-45E9-A247-BAA493AFAF34}" = lport=445 | protocol=6 | dir=in | app=system |
"{521D912D-8A4A-4DC8-98F9-88FB54B01B19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{52F81EF8-FEF8-42DE-B83A-F18187A83695}" = lport=10243 | protocol=6 | dir=in | app=system |
"{55EABC07-4F97-422A-A09E-E99268E5CD64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5863031B-C8A8-4DA6-80D7-42483121B0C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C12A466-7870-4A4A-95C4-47607791D42B}" = lport=139 | protocol=6 | dir=in | app=system |
"{769D12F4-8A6E-4135-B820-068A6BA454E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{85DFB84D-B34B-40C4-A425-0D061B7A31AA}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{89E3C5D4-99D6-45FA-B095-73472E0D8E93}" = lport=137 | protocol=17 | dir=in | app=system |
"{8B205925-2D97-47A6-BCB6-9018EFD71B18}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{995F05BB-A80D-4FBC-81A4-B7DA78117F75}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9E96074C-CF89-43FB-B061-F06CB67CD15E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3B1978D-0A7A-491B-8390-F1D62328B4B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3F9A14B-5B0D-4C34-9182-CAE8404F7957}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{ABFA310D-5C3C-40C3-A768-865AE4FEFE78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C36C4670-FA63-4F17-9623-A54C706D64F6}" = lport=3702 | protocol=17 | dir=in | svc=peerdistsvc | app=%systemroot%\system32\svchost.exe |
"{C8A8DF6D-588A-4738-8F7B-F2171EA63248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C932430D-E725-407D-B152-4F3A6EE3D2FC}" = rport=80 | protocol=6 | dir=out | app=system |
"{D93C1066-13BD-4C58-9B05-BC3A7916B1E7}" = lport=138 | protocol=17 | dir=in | app=system |
"{E09AC44B-422E-4E5B-8E14-13BAE78A3B9B}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E9B9FE10-19E3-437B-BD59-5603FE68A3C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EAF6BB38-0CC2-47F5-95D2-7DE0983CF02E}" = rport=139 | protocol=6 | dir=out | app=system |
"{EF294970-894F-4B77-818E-B290D7BEE529}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F14A9A1A-6637-4457-9AA1-739B314B7937}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{051E4BFA-BF20-4985-B4D6-ED2B17C703C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{06535A34-429E-4193-85DE-7E626741E2E0}" = protocol=58 | dir=out | [email protected],-28546 |
"{0AAFA0B1-96BC-4CAF-B036-4AC3652BF6F3}" = protocol=58 | dir=in | [email protected],-28545 |
"{11A10CD8-B6D3-4107-9EBD-2BF43B243232}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{184BE7D6-4265-4EF7-9B5E-0BCE3E9C738A}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp software update\hpwucli.exe |
"{19193540-F1AB-480C-9853-BF8307FA9E4D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1977583F-FD9F-4928-928B-5FB4CD0B9F41}" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{19D11154-9764-4815-955C-24F46368B397}" = protocol=1 | dir=in | [email protected],-28543 |
"{1CB5C300-2822-42FC-8B17-3A14A98173A0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{1DF13C72-E947-4173-8AE9-0811F469696D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{1E46D2D7-533D-4986-9AD8-7FA36A1AA913}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{1EAC9928-1DF7-49BF-AFB9-CDF4B50EC45F}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{1EEF6913-F30D-41D7-91B1-2EC49A27B5C6}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{210C8BD4-AD26-4A4C-9FDB-EBE6EF9B31EC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{217A83DF-794B-449F-8D4B-97A62BF62EFC}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{243C8566-31EB-44C0-B992-AAC878C2D923}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{2604B37C-D55D-48E4-A96B-7DF040924A5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{290C0690-01FF-4FCC-91DD-1C192735E93F}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{29560FC7-C755-4E15-A529-E4DF2E5892C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29946260-D911-44D6-8770-09AF7E25249B}" = protocol=6 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{29C16454-4759-42B9-A84E-C4C83C867DE5}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{2A59A2AA-B20B-401E-A831-5C1F27EFDA9F}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{2A5F8401-E64E-4678-84D5-B4DFAA738C55}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{2B96C257-9F77-4D4A-BF47-83D7A50F69D9}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{2C94FE83-AC48-4FC0-95DC-97F632892D6F}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{2D1C5691-B583-45DE-85A2-713914810C65}" = protocol=6 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{2D484360-FD85-4995-BE0C-412D26EA06C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30930023-29C5-4888-B822-44C417ECBA6D}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{31671978-F898-4A6C-BEF5-0B1D61533FDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{32281D25-6934-4723-8E9A-DE9C1125911B}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{33894534-52E2-4440-95D4-94789B295869}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{3F19B784-2EDC-4813-A09D-41DEC3612632}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{46698A8B-D70B-43E3-8676-BB98591957EB}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{4B7F506E-33B7-439C-98D0-E9DBBC1ABD90}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{4C7FE828-994C-4C0A-B92F-91E5D31332A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rose online\wplauncher.exe |
"{4F31DB86-02EC-44BB-B431-8837DD28D3A8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{4FD53F65-BBFC-4099-85E8-2180C8CCB8CE}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{55D73536-1B23-4FF9-B045-02B0D4E707B2}" = protocol=6 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{56885DA3-21A0-4CF0-94E1-A801DCBDAE30}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{58DDD669-8218-442C-A555-C3B7029C353E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{58F4C153-F135-43A7-9B7A-3BD0B85126C4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{5A25C831-0AFE-4FDA-B50A-25910B8C7E69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60156D96-7238-4F55-9A1A-3C348C738AB1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{63632DAD-EA2D-4D97-8F7F-92EA501E3AEE}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{655485ED-C58B-4470-A646-273DE69F1D90}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673A8979-E1DD-4F7B-9345-E5B35C4AE308}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{67CF80DA-7B6D-46E9-84DA-03183DD687DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{67F3EF30-ECEA-4621-B1B1-B52303DE42E3}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaws.exe |
"{69DBF0F5-7A73-4223-8721-48A7CF2CB110}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6E43E14D-338E-4197-860C-DA58EE96AC2B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{71C6D2C5-A78A-469F-809E-BC4A5E35F5DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{738D8F3A-3FD4-4A2D-B70A-19F085A5DEB4}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{73BCEEB5-6401-4399-A398-FBFAD2B9DD22}" = protocol=17 | dir=in | app=c:\program files\motioninjoy\ds3\ds3_tool.exe |
"{759A6E52-5700-4D91-81B1-0003AAFB5F14}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{793DC66B-60F8-49B2-B6FA-25E5316A61BD}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{7A70252A-083B-4D8D-83EC-F05AFBA08194}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7D1F3695-2DA5-40A4-B65F-A8002D0A6132}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{7E283BF2-CF67-42EB-AD2F-1F8B3512EF1C}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\launcher.exe |
"{83180475-7C43-4324-95E6-F1EA92DB07BB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{8483453B-5C20-4EAA-AEDF-5BE2952277F5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{885721FC-D755-416C-9EE7-4DB6DB6024CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B412A21-4205-4BE1-A177-05F583BDAEB0}" = protocol=1 | dir=out | [email protected],-28544 |
"{8B78619B-1CBB-447A-926D-BEF32BAEAAB7}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{8DA63663-6AF4-4FAD-A51F-AAB2F5E6D091}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E0554BE-05B8-4060-B436-62D3FB780330}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8F6480D7-D9D9-48C4-B200-31A89AEAEBF6}" = protocol=17 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{902DB0E2-9101-4F02-9AED-3909DA30F46A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92DFE177-AC19-4F23-B7C9-B395B5370923}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{936EFFF6-8126-4C4F-84E7-E52ABA9199D2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{9650481C-E7BD-474B-B9A1-DA6AA8DE6C9C}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9716E5EE-35D4-4114-9A7A-4B3DEF3BC82D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adams_venture_3\binaries\win32\venturegame.exe |
"{973C198A-7ABF-47C0-87D3-A3EFACA55908}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{9D91449B-0B8B-4D9B-8724-F859CDF0A242}" = protocol=17 | dir=in | app=c:\games\tomb raider\tombraider.exe |
"{9E43CB0C-A640-42F0-9D6D-E6AD81F463A0}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{9F399563-9ED4-4804-9D1A-6E39040EC1F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9F87E700-2B7D-4506-AD39-0BB9BFF58237}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\discovery.exe |
"{A0B18D54-3F6E-4C8A-AF18-50CD2B007CF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{A2C2FD2F-0AF8-4AD8-8501-41A11CC1E937}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2ED5474-72BF-4864-A5DB-095FF83594D0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A50E7C0C-5496-4243-AD13-982CB0955238}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A669F69F-DC73-4AE7-BB9A-1B2AB556B85C}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{ABD68459-CA76-464E-9840-057641D79C50}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1D29C7D-6EFF-43DA-8E1B-BA4BF0FE916E}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{B2A368F2-4051-4170-B98A-C4CACA84EBA2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B399DC8F-DBC7-4026-B760-3B6878EACAAE}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{B714E75B-F163-4BB2-9C68-FF0A7BD24ED2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{B7C69025-A9A7-4841-86A9-2DCFA8BA206C}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{BA7272E2-41A9-4669-AD34-0DFD9D3A8EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adamsventure2\binaries\win32\venturegame.exe |
"{BAE6832B-736E-4735-84E5-A50A0C53EC30}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{BEB5AA26-A4B9-44B1-9225-3B8BCEED3FED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BF1D2A27-118D-43A5-87A0-93FE98D2B164}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\anna\anna.exe |
"{C09BBDEF-6DD2-42A0-A77D-BE63C06CF998}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mabinogi\nxsteam.exe |
"{C6A7C2D9-A134-4655-B26F-D274D0CA795E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{C6F950E6-D2B8-485C-B6BC-7EC05DD79F6A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{CF4C13CE-FFFE-4BD6-B30F-FF84080CE88E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{D1447317-2419-4B59-9FF0-9C8C8AC46B72}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{D50F9FB3-AE1C-49B0-BF92-B2E47BE0A854}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DA5F2F53-4D33-4818-9A83-372BA95792AA}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\rescue.exe |
"{DF7404D0-F725-46D8-BBD7-E0F79DADC3C3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\adam's venture 1\binaries\win32\venturegame.exe |
"{E2A170CC-A193-4B07-9A29-64471B2E4BBB}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\rt-n12 wireless router utilities\qiswizard.exe |
"{E333E86E-A2B7-4A69-A266-58C4CA26F26A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{E36F5E63-6EEB-4BF0-92EC-5A1CE437CBAB}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{E6C44D40-349B-4867-8D40-ABFFAD9E1F91}" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jdownloader.exe |
"{E6F78EB8-884C-4285-88BC-AFDDDE317418}" = protocol=17 | dir=in | app=c:\program files\microsoft security client\msseces.exe |
"{E8C67A06-B622-40B2-A72A-A5BA26CE8DDC}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{E9EFA5B0-AE7E-425E-8EA3-200977AB186B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dragonnest.exe |
"{EBD94467-C2D6-4C34-87C4-E0C8B2F07EDB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EC6784D2-8429-45E2-855E-16F6924E7E36}" = protocol=6 | dir=in | app=c:\users\administrator\appdata\roaming\utorrent\utorrent.exe |
"{F18E12AC-0ECF-4084-A791-48CC642284A8}" = protocol=6 | dir=out | app=system |
"{F1B1957C-14BB-427A-B3B3-59422D1CA3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dragonnest\dnlauncher.exe |
"{F43C0577-75B2-43A8-A0CB-AB005410667A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\miasmata\miasmata.exe |
"{F441F534-3F59-4220-968C-77536FBD483D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F655BBE6-A231-4B59-BA62-D503567C700E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F71168F4-8643-47B9-8F02-3F1B201B3FB7}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F7182550-1FB1-4F1F-9C94-6035052ECA87}" = dir=in | app=c:\program files (x86)\hewlett-packard\digital imaging\bin\hposid01.exe |
"TCP Query User{05FDC4DD-3425-453A-A80A-D8089438B041}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{16C4CF22-E135-4DFA-B32B-5A744A2F7CB6}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{1AF00278-2F27-45CC-A546-B793F9397C31}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{2020AE43-45C7-4022-AA59-FAE546959D26}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{5D84D83B-7556-442C-93E3-4D07EBC4767C}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{B97D3921-B60C-4807-8BB3-E81C072464FC}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"TCP Query User{E20BAFF7-BE5F-4636-ABBD-5F37FEDBFAEF}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{0E190494-6998-44B4-9AC7-D3C9F38CDD3F}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{1DFA14E9-7880-4F19-BB0A-2964E20281BA}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{4260A3C8-4C30-4191-87F5-F9C5F90D908F}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"UDP Query User{9305EB60-E5FF-41DE-92E0-6CF208B83F97}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A7BF1588-6E3D-4B04-ADFD-9C9F1653758D}C:\users\administrator\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\administrator\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DC2BB93D-2154-4A97-BD58-408E7152CFCA}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{FA46A657-0732-48E1-A405-450039301A4F}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14BC6853-A74E-4874-B50D-679889D1544D}" = HP Photosmart D110 All-In-One Driver 14.0 Rel. 7
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B9F1BB4-4C06-41E8-877D-B458742B0D0A}" = Fresco Logic USB3.0 Host Controller
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6CA934E5-416C-4E33-95E0-F0E629F5804A}" = calibre 64bit
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D26D58C-3464-4C03-BB61-5695F984EFEF}" = Microsoft Security Client
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A535111D-95C8-487F-869E-CE4C239972D2}" = iTunes
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 6.4.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Elantech" = ETDWare PS/2-x64 7.0.5.16_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"TheSage" = TheSage
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN ツールバー
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}" = Nero Prerequisite Installer 2.0
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{148E1C03-9ED1-4194-845E-159DE3ABC6A1}_is1" = :spam: Walkman Video Converter 6.1.50
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{1845470B-EB14-4ABC-835B-E36C693DC07D}" = Skype™ 5.10
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1943C3BD-4462-4612-92C3-D36DD917C447}" = Nero Recode
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 4.5.1
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1EE9D482-3C07-4EE1-8968-6B364238FFE4}_is1" = "Tomb Raider"
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{560FC78C-A4B2-461D-9B47-820C1EEF87B8}" = Nero 12
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{58E65E96-6649-4CBE-9382-35326D694E6F}" = MSN Toolbar Platform
"{58F2F72A-B8C9-4CCC-B253-4F1509193EC3}" = ASUS RT-N12 Wireless Router Utilities
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{5CD2E27A-F2C9-4A87-9A06-DFAF9A182481}" = Nero Express
"{61174B54-26FC-48F3-AF5C-7C9B9A9E9A8C}" = Human Japanese 2.0
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{69CAC0F3-5CA1-4AFB-8DF9-BD982998B36F}" = QuickBooks Premier: Retail Edition 2010
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F9B5855-7850-41E3-AAAE-DADD09B68B12}" = IObit Apps Toolbar v7.9
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{82D040D1-F95B-4C96-AF5C-B6A1E138EC6E}" = ¹–ë‚̉S
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FCCFCD-46E3-43FB-A397-78BFD5A8980A}" = Nero Video
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86847081-B387-4F49-AED1-C9B0A090D66C}" = Nero Recode Help (CHM)
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B128179D-A5E1-43AC-9422-12A109ECD2A0}" = Nero Video Help (CHM)
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CF508721-0E1E-4F99-A359-59E4EA8DAEC1}" = Nero Burning ROM
"{D4B26DED-9DE0-4DA9-AA4A-4AF44FC3B41B}" = Aeria Ignite
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{DA2D3078-A58C-45E8-8EE0-18B8BE6B34F7}" = Nero BackItUp
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E2B53C96-C9FC-4FC3-8324-1BCE50DEA7E7}" = QuickBooks
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F4A43B47-0518-4a39-B377-15DC62076AC0}_is1" = :spam: Video Converter Platinum 6.2.16
"{F929096B-54A0-4C5C-B125-1E7EB1917412}" = MySQL Connector/ODBC 3.51
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AccelerateTab_is1" = AccelerateTab
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite 1.11.2111" = Aeria Ignite
"AnyDVD" = AnyDVD
"Book of Legends 1.00" = Book of Legends 1.00
"CDisplayEx_is1" = CDisplayEx 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.WidgetBrowser" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"Declan's Japanese Dictionary_is1" = Declan's Japanese Dictionary v1.0
"Eden Eternal" = Eden Eternal
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"OpenSSL Light (32-bit)_is1" = OpenSSL 0.9.8l Light (32-bit)
"Opera 17.0.1241.53" = Opera Stable 17.0.1241.53
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"ReadWrite Katakana_is1" = ReadWrite Katakana version 1.0
"Steam App 108100" = Adam's Venture Episode 1: The Search For The Lost Garden
"Steam App 11610" = Dragon Nest
"Steam App 210390" = Adam's Venture Episode 2: Solomon's Secret
"Steam App 212200" = Mabinogi
"Steam App 214310" = Adam's Venture Episode 3: Revelations
"Steam App 215120" = ROSE Online
"Steam App 217690" = Anna
"Steam App 223510" = Miasmata
"Tagaini Jisho" = Tagaini Jisho
"The Longest Journey" = The Longest Journey
"TheSage" = TheSage
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 2.0.8
"WinLiveSuite" = Windows Live Essentials
"Xuse 永遠のアセリア - この大地の果てで -" = Xuse 永遠のアセリア - この大地の果てで - (Remove Only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1436811410-1753281251-3049770552-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"SkyDriveSetup.exe" = Microsoft SkyDrive
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/11/2013 3:32:24 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Application Error | ID = 1000
Description = Faulting application name: ApplicationUpdater.exe, version: 7.9.0.2,
time stamp: 0x523c7fda Faulting module name: ole32.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7b96f Exception code: 0xc0000005 Fault offset: 0x00039342 Faulting
process id: 0x7f4 Faulting application start time: 0x01cede9563d3cc85 Faulting application
path: C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe Faulting
module path: C:\Windows\syswow64\ole32.dll Report Id: 67cc02f6-4aa3-11e3-9173-14dae9ce8f5d

Error - 12/11/2013 11:39:59 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 490
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat"
for read / write access failed with system error 32 (0x00000020): "The process
cannot access the file because it is being used by another process. ". The open
file operation will fail with error -1032 (0xfffffbf8).

Error - 12/11/2013 11:39:59 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 439
Description = taskhost (1864) WebCacheLocal: Unable to write a shadowed header for
file C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat.
Error -1032.

Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 12/11/2013 11:40:09 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 454
Description = taskhost (1864) WebCacheLocal: Database recovery/restore failed with
unexpected error -1032.

Error - 12/11/2013 11:40:20 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/11/2013 11:40:20 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 12/11/2013 11:40:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 489
Description = taskhost (1864) WebCacheLocal: An attempt to open the file "C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 32 (0x00000020): "The process cannot
access the file because it is being used by another process. ". The open file
operation will fail with error -1032 (0xfffffbf8).

Error - 12/11/2013 11:40:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = ESENT | ID = 455
Description = taskhost (1864) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Administrator\AppData\Local\Microsoft\Windows\WebCache\V01.log.

[ System Events ]
Error - 12/11/2013 11:41:30 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The SecureUpdate service terminated unexpectedly. It has done this
1 time(s).

Error - 12/11/2013 11:48:24 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the LanmanServer service.

Error - 12/11/2013 11:49:27 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 12/11/2013 11:50:27 PM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7034
Description = The Adobe Acrobat Update Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 13/11/2013 12:10:31 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
due to the following error: %%2

Error - 13/11/2013 12:11:04 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS

Error - 13/11/2013 12:17:01 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 13/11/2013 12:17:38 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}
because another computer on the network has the same name. The server could not
start.

Error - 13/11/2013 12:27:10 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
due to the following error: %%2

Error - 13/11/2013 12:28:40 AM | Computer Name = OWNERPC-P0SPPR1 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AFS


< End of report >





Also I'm really hoping to be able to just do a really good clean on this laptop, reinstalling would be too big a job and life right now is pretty busy enough as is. I would be willing to do as much with you as possible to clean it as best as possible and would appreciate all your help if you would be so kind as to give me more of your time. I do appreciate it and I thank you.

Blessings.

Edited by Destiny000, 12 November 2013 - 11:31 PM.

  • 0

#9
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Now we will fix your internet. :)

- FIRST -

  • Press the Windows logo + R
  • Then type inetcpl.cpl into the window.
  • Click the Connections tab.
  • Please check 'Automatically detect settings' if it isn't already done
  • Then click on the button LAN settings.
  • Clear the Use a proxy server for your LAN option
  • Click OK to save any configuration changes.
  • Click OK to close the Internet properties window.

- NEXT -

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [CREATERESTOREPOINT]

    :Files
    ipconfig /flushdns /c
    ipconfig /release /c
    ipconfig /renew /c
    netsh winsock reset /c
    netsh advfirewall reset /c

    :Commands
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

 

Please don't forget to post this LogFile in your next answer:

  • OTL.txt

  • 0

#10
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Hi Gerrit,

This is from the first fix:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Administrator\Desktop\cmd.bat deleted successfully.
C:\Users\Administrator\Desktop\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
No operation can be performed on Local Area Connection* 11 while it has its media disconnected.
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Wireless Network Connection while it has its media disconnected.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::2974:a8c2:31d8:31ca%22
Default Gateway . . . . . . . . . :
Ethernet adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:cc:2197:e8e2:367b
Link-local IPv6 Address . . . . . : fe80::cc:2197:e8e2:367b%31
Default Gateway . . . . . . . . . : ::
Tunnel adapter isatap.{25DFF212-CB9A-4D9C-897E-F37041D30E72}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\Administrator\Desktop\cmd.bat deleted successfully.
C:\Users\Administrator\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Windows IP Configuration
No operation can be performed on Local Area Connection* 11 while it has its media disconnected.
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Wireless Network Connection while it has its media disconnected.
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::2974:a8c2:31d8:31ca%22
IPv4 Address. . . . . . . . . . . : 192.168.1.150
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Ethernet adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:cc:2197:e8e2:367b
Link-local IPv6 Address . . . . . : fe80::cc:2197:e8e2:367b%31
Default Gateway . . . . . . . . . : ::
Tunnel adapter isatap.{25DFF212-CB9A-4D9C-897E-F37041D30E72}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
C:\Users\Administrator\Desktop\cmd.bat deleted successfully.
C:\Users\Administrator\Desktop\cmd.txt deleted successfully.
< netsh winsock reset /c >
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
C:\Users\Administrator\Desktop\cmd.bat deleted successfully.
C:\Users\Administrator\Desktop\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
C:\Users\Administrator\Desktop\cmd.bat deleted successfully.
C:\Users\Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 20850 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: fbwuser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 529855 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11132013_094248

Files\Folders moved on Reboot...
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\CR_CF645.tmp\SETUP_PATCH.PACKED.7Z scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TMP0000000192C6004D1FEF6B2E scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


And this is from the last scan:

OTL logfile created on: 13/11/2013 9:52:55 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Administrator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

11.91 Gb Total Physical Memory | 9.89 Gb Available Physical Memory | 83.06% Memory free
23.81 Gb Paging File | 21.78 Gb Available in Paging File | 91.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698.54 Gb Total Space | 148.36 Gb Free Space | 21.24% Space Free | Partition Type: NTFS
Drive D: | 7.42 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1.26 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.66 Gb Total Space | 0.73 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 32.59 Gb Free Space | 3.50% Space Free | Partition Type: NTFS
Drive I: | 3.70 Gb Total Space | 3.00 Gb Free Space | 81.08% Space Free | Partition Type: FAT32

Computer Name: OWNERPC-P0SPPR1 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
PRC - [2013/09/30 11:48:34 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe
PRC - [2013/08/04 11:33:28 | 004,686,848 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe
PRC - [2013/07/03 14:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/07/03 14:32:25 | 001,205,024 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/10/28 11:18:46 | 000,049,208 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/12/03 08:47:14 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011/06/21 06:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011/06/20 06:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011/06/20 04:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011/06/20 04:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011/06/20 04:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011/06/20 04:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/12 13:11:04 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/08/12 13:11:04 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 22:14:24 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/03 14:32:38 | 001,887,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/07/13 15:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/03/13 09:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2011/01/17 22:28:28 | 000,024,576 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/18 03:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/11/18 03:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
DRV:64bit: - [2013/10/10 02:00:58 | 000,294,248 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm)
DRV:64bit: - [2013/06/21 05:06:36 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/06/20 18:09:46 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2013/06/18 20:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2013/03/04 05:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/08 01:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 01:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/09/10 09:41:06 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2012/09/04 13:17:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/30 23:04:12 | 000,690,832 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/07/04 13:48:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis)
DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
DRV:64bit: - [2012/06/12 21:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/25 09:26:34 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/07 18:42:28 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2011/12/06 03:23:10 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/16 10:24:57 | 000,032,848 | ---- | M] (ip-shield.net LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipshtap.sys -- (ipshtap)
DRV:64bit: - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/13 09:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/13 09:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/13 09:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/13 09:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/13 09:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/13 09:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/16 13:23:56 | 000,106,752 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swiwdmbusx64.sys -- (swiwdmbus)
DRV:64bit: - [2010/11/16 13:12:10 | 000,211,072 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swumxa3.sys -- (SWUMXA3)
DRV:64bit: - [2010/11/16 13:11:50 | 000,245,760 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV:64bit: - [2010/11/11 01:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 01:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 01:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 01:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/08 18:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PcaSp60.sys -- (PcaSp60)
DRV:64bit: - [2009/11/20 14:26:50 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/12 05:16:06 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/02/05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013/07/02 12:55:03 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2013/03/18 00:28:45 | 000,142,424 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012/12/09 21:57:03 | 000,089,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\AeriaGames\EdenEternal\avital\ussjcs64.sys -- (usj)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/09/07 13:27:24 | 000,038,912 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PcaSp60.sys -- (PcaSp60)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 F2 F5 45 AA 84 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7AURU_enCA499
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8555;https=127.0.0.1:8555


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2013/07/02 19:40:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2013/07/24 10:59:24 | 000,000,000 | ---D | M]

[2013/11/12 20:52:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: MixiDJ V8 = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajgghejjpgkmpgbchgjieahoefimdle\10.15.0.62_0\
CHR - Extension: No name found = C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Administrator\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SkyDrive] C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\Administrator\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\RunOnce: [Uninstall C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_07)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.5.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25DFF212-CB9A-4D9C-897E-F37041D30E72}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3656380A-593C-446E-A327-14031E4898E7}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BF6E015-86D4-4B85-A85D-DDC5AAC54796}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F2496C-A4AE-4BC8-A53C-4350286FBA7C}: DhcpNameServer = 209.91.107.11 209.121.225.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,000 | ---D | M] - H:\autorun -- [ NTFS ]
O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,036 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/12 21:18:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/12 20:50:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/11 20:00:00 | 000,000,000 | ---D | C] -- C:\Users\Administrator\.appwork
[2013/11/10 23:04:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/08 15:02:01 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995_files
[2013/11/08 14:29:57 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota_files
[2013/11/04 12:23:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013/11/04 12:03:22 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\:spam: Studio
[2013/11/04 12:03:21 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\:spam: Studio
[2013/11/04 12:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\:spam:
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\:spam: Studio
[2013/11/04 12:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\:spam: Studio
[2013/11/01 12:55:16 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
[2013/10/31 20:36:45 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
[2013/10/31 20:36:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2013/10/25 18:57:43 | 000,044,744 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/10/17 21:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2013/10/16 17:43:06 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\walkthrough's
[2013/10/16 17:36:40 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Ayurvedic course
[2013/10/16 17:35:59 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Intrnet xplornet bills
[2013/10/16 17:25:38 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\Indigo Chapters documents
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/13 09:55:22 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 09:55:22 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 09:55:11 | 001,321,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/13 09:55:11 | 000,660,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/13 09:55:11 | 000,420,586 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2013/11/13 09:55:11 | 000,124,796 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/13 09:55:11 | 000,123,028 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2013/11/13 09:48:17 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/13 09:46:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/13 09:46:45 | 999,092,222 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/13 09:23:09 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/13 09:12:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/12 20:47:38 | 001,085,542 | ---- | M] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/12 20:41:37 | 005,625,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/10 21:47:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\OTL (1).exe
[2013/11/10 18:57:51 | 000,402,986 | ---- | M] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:02:01 | 000,076,979 | ---- | M] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:57 | 000,090,811 | ---- | M] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/05 13:00:52 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/11/04 23:41:10 | 005,297,551 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:41:04 | 149,670,408 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:35:31 | 136,817,561 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:29:54 | 159,378,722 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:23:52 | 143,395,492 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:17:58 | 133,504,883 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:12:21 | 159,323,910 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:06:19 | 159,463,195 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 23:00:22 | 159,384,225 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:54:11 | 140,460,381 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:48:40 | 159,371,360 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:42:14 | 153,779,427 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:36:26 | 152,018,493 | ---- | M] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | M] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/01 12:55:17 | 000,002,565 | ---- | M] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | M] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | M] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | M] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | M] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | M] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | M] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:47 | 000,035,893 | ---- | M] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:34 | 000,067,955 | ---- | M] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:34:45 | 009,727,677 | ---- | M] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:23 | 004,750,301 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:33:12 | 009,345,141 | ---- | M] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:56 | 002,904,727 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:54 | 007,133,170 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:48 | 009,610,083 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:42 | 007,099,679 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:36 | 007,276,524 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:30 | 007,054,920 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:24 | 006,627,675 | ---- | M] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 13:14:25 | 000,300,686 | ---- | M] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/17 20:41:31 | 000,189,826 | ---- | M] () -- C:\Windows\hpoins46.dat
[2013/10/16 12:05:57 | 000,231,582 | ---- | M] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:31:32 | 020,947,072 | ---- | M] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/16 02:02:12 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/15 18:42:02 | 000,044,744 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[1 C:\Users\Administrator\Documents\*.tmp files -> C:\Users\Administrator\Documents\*.tmp -> ]
[1 C:\Users\Administrator\Desktop\*.tmp files -> C:\Users\Administrator\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/12 20:47:21 | 001,085,542 | ---- | C] () -- C:\Users\Administrator\Desktop\AdwCleaner.exe
[2013/11/10 18:57:50 | 000,402,986 | ---- | C] () -- C:\Users\Administrator\Desktop\pptc054.pdf
[2013/11/08 15:01:53 | 000,076,979 | ---- | C] () -- C:\Users\Administrator\Desktop\Regency Toyota Pre-Owned Vehicles 2008 Toyota Yaris 2008 $13,995.htm
[2013/11/08 14:29:47 | 000,090,811 | ---- | C] () -- C:\Users\Administrator\Desktop\Used 2009 Toyota Yaris, $12,998 - New Westminster Westminster Toyota.htm
[2013/11/04 23:41:04 | 005,297,551 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 13 [1E580435].mp4
[2013/11/04 23:35:32 | 149,670,408 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 12 [7729E599].mp4
[2013/11/04 23:29:54 | 136,817,561 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 11 [90DCD193].mp4
[2013/11/04 23:23:52 | 159,378,722 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 10 [A53F6183].mp4
[2013/11/04 23:17:58 | 143,395,492 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 09 [B3D6746D].mp4
[2013/11/04 23:12:21 | 133,504,883 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 08 [A52BC8DD].mp4
[2013/11/04 23:06:19 | 159,323,910 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 07 [DCEA53CA].mp4
[2013/11/04 23:00:22 | 159,463,195 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 06 [68A52627].mp4
[2013/11/04 22:54:11 | 159,384,225 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 05 [798DDFF5].mp4
[2013/11/04 22:48:40 | 140,460,381 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 04 [E45A3D8F].mp4
[2013/11/04 22:42:15 | 159,371,360 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 03 [C1279952].mp4
[2013/11/04 22:28:10 | 153,779,427 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 02 [30F330DD].mp4
[2013/11/04 22:22:09 | 152,018,493 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mp4
[2013/11/04 22:17:32 | 000,002,415 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\:spam: Video Converter Platinum.lnk
[2013/11/04 22:17:32 | 000,002,391 | ---- | C] () -- C:\Users\Public\Desktop\:spam: Video Converter Platinum.lnk
[2013/11/04 11:37:16 | 268,100,293 | ---- | C] () -- C:\Users\Administrator\Desktop\[Commie] Magi - 01 [CC187CB1].mkv
[2013/11/01 12:55:17 | 000,002,565 | ---- | C] () -- C:\Users\Administrator\Desktop\Windows 7 USB DVD Download Tool.lnk
[2013/10/31 20:36:45 | 000,002,233 | ---- | C] () -- C:\Users\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Veoh Web Player Beta.lnk
[2013/10/31 20:36:45 | 000,002,211 | ---- | C] () -- C:\Users\Administrator\Desktop\Veoh Web Player.lnk
[2013/10/25 18:57:22 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield.lnk
[2013/10/24 14:34:56 | 000,020,254 | ---- | C] () -- C:\Users\Administrator\Desktop\c1e1e55bba60201f1b15ef16b0e52092.jpg
[2013/10/24 14:34:14 | 000,082,441 | ---- | C] () -- C:\Users\Administrator\Desktop\il_570xN.390938365_l06k.jpg
[2013/10/24 14:34:00 | 000,030,921 | ---- | C] () -- C:\Users\Administrator\Desktop\leaf_shaped_copper_wire_wrapped_stone_necklace_with_brown_cotton_cord_13001b5c.jpg
[2013/10/24 14:33:54 | 000,029,265 | ---- | C] () -- C:\Users\Administrator\Desktop\e74619c0f64c9ce4ce796a9381422ac8.jpg
[2013/10/24 14:33:46 | 000,035,893 | ---- | C] () -- C:\Users\Administrator\Desktop\il_340x270.445656455_myvc.jpg
[2013/10/24 14:33:30 | 000,067,955 | ---- | C] () -- C:\Users\Administrator\Desktop\4773757104_d07ffa57bd.jpg
[2013/10/20 19:33:25 | 009,727,677 | ---- | C] () -- C:\Users\Administrator\Desktop\How to Care for Your Teeth! with David Wolfe.mp3
[2013/10/20 19:33:14 | 004,750,301 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Explains Enzymes ( Rawfood Superfood ).mp3
[2013/10/20 19:32:58 | 009,345,141 | ---- | C] () -- C:\Users\Administrator\Desktop\Daniel Vitalis - Milk Myths.mp3
[2013/10/20 19:26:54 | 002,904,727 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe on Calcium pt 7.mp3
[2013/10/20 19:26:48 | 007,133,170 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 6.mp3
[2013/10/20 19:26:42 | 009,610,083 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 5.mp3
[2013/10/20 19:26:36 | 007,099,679 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 4.mp3
[2013/10/20 19:26:30 | 007,276,524 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 3.mp3
[2013/10/20 19:26:25 | 007,054,920 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 2.mp3
[2013/10/20 19:26:19 | 006,627,675 | ---- | C] () -- C:\Users\Administrator\Desktop\David Wolfe Educates About Arthritis, Calcium, Osteoporosis Part 1.mp3
[2013/10/19 16:43:01 | 000,003,043 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00002
[2013/10/19 16:43:01 | 000,000,402 | ---- | C] () -- C:\Users\Administrator\Documents\ATT00001
[2013/10/19 13:14:22 | 000,300,686 | ---- | C] () -- C:\Users\Administrator\Documents\Superfoods2.pdf
[2013/10/16 12:05:57 | 000,231,582 | ---- | C] () -- C:\Users\Administrator\Documents\super immune tonic system david wolfe.pdf
[2013/10/16 09:30:44 | 020,947,072 | ---- | C] () -- C:\Users\Administrator\Desktop\osteoporosis for joan.mp3
[2013/10/01 22:30:51 | 000,000,145 | ---- | C] () -- C:\Windows\game.INI
[2013/09/27 16:22:37 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/09/25 15:58:15 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2013/08/27 13:27:06 | 000,000,218 | ---- | C] () -- C:\Users\Administrator\.recently-used.xbel
[2013/07/08 00:18:34 | 000,091,264 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2013/07/02 19:33:09 | 000,207,031 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2013/07/02 19:33:09 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2013/07/02 12:49:56 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2013/05/07 08:14:48 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/02/08 12:54:42 | 000,703,117 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\technic-launcher.jar
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/10/29 09:28:33 | 000,007,600 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
[2012/10/10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/10/03 10:35:24 | 000,001,456 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Adobe Save for Web 13.0 Prefs
[2012/09/22 19:50:41 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/09/22 10:03:34 | 000,000,054 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2012/09/17 13:23:37 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/09/06 15:11:14 | 001,313,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/03 17:36:35 | 000,000,132 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/08/28 16:07:17 | 000,000,454 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/08/28 15:59:53 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/08/28 11:33:12 | 000,189,826 | ---- | C] () -- C:\Windows\hpoins46.dat
[2012/08/28 11:33:12 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2012/08/27 17:43:41 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2012/08/27 17:43:37 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 22:31:16 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/27 13:22:44 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.anomos
[2013/02/08 12:54:40 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\.techniclauncher
[2013/09/27 17:13:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Azureus
[2013/03/30 18:43:28 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\calibre
[2013/04/23 16:53:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CDisplayEx
[2012/10/18 19:20:19 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/25 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Lite
[2012/09/03 19:24:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2013/09/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache
[2013/04/22 18:32:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Doblon
[2013/10/08 21:19:16 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Eipix
[2013/09/24 18:23:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EQATEC Analytics
[2013/06/18 11:46:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EurekaLog
[2013/02/04 16:47:55 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\EuroTalk
[2013/09/11 14:02:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GlarySoft
[2013/10/09 11:26:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Gogii Games
[2013/08/27 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\gtk-2.0
[2013/09/27 16:19:31 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IObit
[2012/12/29 22:33:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IonFx
[2012/12/29 16:14:48 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Kalypso Media
[2013/02/08 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\logs
[2013/10/07 17:14:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Mad Head Games
[2013/09/25 15:34:43 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\MotioninJoy
[2013/10/01 22:48:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera Software
[2013/09/24 19:28:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Orbit
[2012/09/13 09:16:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OverPlay.net, LP
[2012/09/17 13:23:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PACE Anti-Piracy
[2013/10/17 21:02:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\PlayFirst
[2013/09/24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ProgSense
[2013/06/18 09:12:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\S.A.D
[2013/07/16 09:36:47 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Sierra Wireless
[2012/08/27 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/04/26 12:39:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\sylteditor
[2013/01/03 09:22:24 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SystemRequirementsLab
[2013/10/25 13:40:32 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\The Longest Journey
[2013/10/09 16:34:29 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheBookofLegends_Saves
[2013/07/12 14:14:00 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TheSage
[2013/11/13 09:53:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/09/15 14:21:00 | 000,002,009 | ---- | M] ()(C:\Users\Public\Desktop\?1?e?IS.lnk) -- C:\Users\Public\Desktop\̉S.lnk
[2013/09/15 14:21:00 | 000,002,009 | ---- | C] ()(C:\Users\Public\Desktop\?1?e?IS.lnk) -- C:\Users\Public\Desktop\̉S.lnk

< End of report >




Also my internet is just the same as before with no change, browsers still say the proxy server is not responding. Thanks.
  • 0

Advertisements


#11
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Hello Destiny!

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

Please don't forget to post this in your next post:

  • Results.txt

  • 0

#12
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
Hi,

I was also wondering, did I need to be connected to the internet for this? I wasn't for this program. Here is the results:


MiniToolBox by Farbar Version: 13-07-2013
Ran by Administrator (administrator) on 13-11-2013 at 23:39:01
Running from "C:\Users\Administrator\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is enabled.
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : OWNERPC-P0SPPR1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-CE-8F-5D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
Physical Address. . . . . . . . . : 00-FF-36-56-38-0A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 16-2F-68-A0-BA-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physical Address. . . . . . . . . : 74-2F-68-A0-BA-9F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BA31D3CA-F86A-4649-A1DE-E6433C60C549}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3656380A-593C-446E-A327-14031E4898E7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{FFF4CFA2-3033-4FCE-90C2-4BDA9DE2797F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{25DFF212-CB9A-4D9C-897E-F37041D30E72}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
22...14 da e9 ce 8f 5d ......Realtek PCIe GBE Family Controller
20...00 ff 36 56 38 0a ......Anchorfree HSS VPN Adapter
19...16 2f 68 a0 ba 9f ......Microsoft Virtual WiFi Miniport Adapter
10...74 2f 68 a0 ba 9f ......Atheros AR9002WB-1NG Wireless Network Adapter
1...........................Software Loopback Interface 1
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
31...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
51...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44558394

Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44558394

Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44557396

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44557396

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44556382

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44556382

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44555383


System errors:
=============
Error: (11/13/2013 10:01:57 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.161.1908.0

Update Source: %NT AUTHORITY59

Update Stage: 4.3.0219.00

Source Path: 4.3.0219.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (11/13/2013 09:55:03 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (11/13/2013 09:52:27 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.

Error: (11/13/2013 09:47:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nvsvc service.

Error: (11/13/2013 09:47:26 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (11/13/2013 09:47:09 AM) (Source: Service Control Manager) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error:
%%2

Error: (11/13/2013 09:42:48 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/13/2013 09:37:43 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (11/13/2013 09:37:29 AM) (Source: Service Control Manager) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error:
%%2

Error: (11/13/2013 09:24:43 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44558394

Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44558394

Error: (11/13/2013 11:30:37 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44557396

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44557396

Error: (11/13/2013 11:30:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44556382

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 44556382

Error: (11/13/2013 11:30:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/13/2013 11:30:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 44555383


CodeIntegrity Errors:
===================================
Date: 2013-08-12 17:14:25.351
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-08-12 17:14:25.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-25 09:14:11.026
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-25 09:14:10.980
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-04 09:57:09.730
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-04 09:57:09.653
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-03 21:56:55.269
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-03 21:56:55.173
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-03 20:42:28.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-03 20:42:28.099
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sierra Wireless Inc\Common\SwiProcMonitorDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

"Tomb Raider"
?1?e?IS
64 Bit HP CIO Components Installer (Version: 7.2.8)
AccelerateTab (Version: 1.4)
Adam's Venture Episode 1: The Search For The Lost Garden
Adam's Venture Episode 2: Solomon's Secret
Adam's Venture Episode 3: Revelations
Adobe AIR (Version: 3.1.0.4880)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Aeria Ignite (Version: 1.11.2111)
Akamai NetSession Interface
Anna
AnyDVD (Version: 7.1.8.0)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ASUS RT-N12 Wireless Router Utilities (Version: 4.2.6.7)
bl (Version: 1.0.0)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Book of Legends 1.00
BufferChm (Version: 140.0.212.000)
calibre 64bit (Version: 0.9.25)
CDisplayEx 1.8
CutePDF Writer 3.0 (Version: 3.0)
D110 (Version: 140.0.283.000)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.4.0314)
Declan's Japanese Dictionary v1.0 (Version: 1.0.2115)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Dragon Nest
Eden Eternal
ETDWare PS/2-x64 7.0.5.16_WHQL (Version: 7.0.5.16)
Freelang Dictionary 3.74 beta
Fresco Logic USB3.0 Host Controller (Version: 3.0.116.3)
Google Chrome (Version: 30.0.1599.101)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
GPBaseService2 (Version: 140.0.211.000)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Memories Disc (Version: 1.0.4.805)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000)
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (Version: 14.0)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.005.000.002)
HPAppStudio (Version: 140.0.95.000)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
Human Japanese 2.0 (Version: 2.0.2)
Intel® OpenCL CPU Runtime
Intel® Processor Graphics (Version: 9.17.10.2932)
IObit Apps Toolbar v7.9 (Version: 7.9)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.1.1.11)
Japanese Fonts Support For Adobe Reader X (Version: 10.0.0)
Java 7 Update 40 (Version: 7.0.400)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.8)
LG United Mobile Driver (Version: 3.8.1)
LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1)
Mabinogi
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Miasmata
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Search Enhancement Pack (Version: 3.0.126.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (Version: 17.0.2015.0811)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Virtual PC 2007 SP1 (Version: 6.0.192.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MotioninJoy Gamepad tool 0.7.0000 (Version: 0.7.0000)
Movie Maker (Version: 16.4.3505.0912)
MSN Toolbar Platform (Version: 4.0.0357.1)
MSN c[o[ (Version: 4.0.0357.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MySQL Connector/ODBC 3.51 (Version: 3.51.19)
Nero 12 (Version: 12.0.02000)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.5.7000)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.20014)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Burning ROM (Version: 12.5.6000)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15600)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.20900)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.5.6000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.20100)
Nero Kwik Media Help (CHM) (Version: 12.0.12000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Prerequisite Installer 2.0 (Version: 12.0.01000)
Nero Recode (Version: 12.5.6000)
Nero Recode Help (CHM) (Version: 12.0.4000)
Nero RescueAgent (Version: 12.0.9000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.5.4000)
Nero Video Help (CHM) (Version: 12.0.4000)
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
Nexon Game Manager
NVIDIA Control Panel 320.49 (Version: 320.49)
NVIDIA GeForce Experience 1.5.1 (Version: 1.5.1)
NVIDIA Graphics Driver 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.125.816)
NVIDIA Optimus 6.4.23 (Version: 6.4.23)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
NVIDIA Update 6.4.23 (Version: 6.4.23)
NVIDIA Update Components (Version: 6.4.23)
OpenSSL 0.9.8l Light (32-bit)
Opera Stable 17.0.1241.53 (Version: 17.0.1241.53)
PCSX2 - Playstation 2 Emulator
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
Photo Gallery (Version: 16.4.3505.0912)
Prerequisite installer (Version: 12.0.0003)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickBooks (Version: 19.0.4007.1091)
QuickBooks Premier: Retail Edition 2010 (Version: 19.0.4007.1091)
QuickTime (Version: 7.74.80.86)
QuickTransfer (Version: 140.0.98.000)
ReadWrite Katakana version 1.0 (Version: 1.0 Build 1004)
ROSE Online
Scan (Version: 140.0.80.000)
Skype? 5.10 (Version: 5.10.116)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
Steam (Version: 1.0.0.0)
SupportSoft Assisted Service (Version: 15)
System Requirements Lab CYRI (Version: 5.0.6.0)
System Requirements Lab for Intel (Version: 4.5.5.0)
Tagaini Jisho
The Longest Journey
TheSage (Version: 5.1.1790)
:spam: Video Converter Platinum 6.2.16 (Version: 6.2.16)
:spam: Walkman Video Converter 6.1.50
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Veoh Web Player (Version: 1.1.2.0000)
VLC media player 2.0.8 (Version: 2.0.8)
WebReg (Version: 140.0.212.017)
Welcome App (Start-up experience) (Version: 12.0.15000)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Xuse ĩAZA | ̑n̉ʂĂ | (Remove Only)
YTD Video Downloader 4.5.1 (Version: 4.5.1)
Torrent (Version: 3.3.2.30164)

========================= Devices: ================================

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 12193.08 MB
Available physical RAM: 10024.78 MB
Total Pagefile: 24384.34 MB
Available Pagefile: 22057.72 MB
Total Virtual: 4095.88 MB
Available Virtual: 3959.55 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:698.54 GB) (Free:140.59 GB) NTFS
2 Drive d: (Jpns Hira & Kata) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
3 Drive e: () (CDROM) (Total:1.26 GB) (Free:0 GB) CDFS
5 Drive g: () (Removable) (Total:14.66 GB) (Free:0.73 GB) NTFS
6 Drive h: () (Fixed) (Total:931.51 GB) (Free:32.59 GB) NTFS
7 Drive i: () (Removable) (Total:3.7 GB) (Free:3 GB) FAT32

========================= Users: ========================================

User accounts for \\OWNERPC-P0SPPR1

Administrator fbwuser Guest
UpdatusUser

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#13
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Please connect to your Internet - does the Internet work now?
  • 0

#14
Destiny000

Destiny000

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 130 posts
I t does connect actually, would you like me to connect to to the internet and run that last one again and post it?

Thanks. :)
  • 0

#15
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,699 posts
Hello Destiny!

I t does connect actually, would you like me to connect to to the internet and run that last one again and post it?

Nope this isn't needed. :)

 

- FIRST -

I want you to uninstall following programs (XP: Start > Control Panel > Add/Remove Programs | Vista / Win7 / Win8: Start > Control Panel > uninstall a program):

  • ̉S
  • Scan
  • ph
  • bl

- NEXT -

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [CreateRestorePoint]

    :OTL
    O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,000 | ---D | M] - H:\autorun -- [ NTFS ]
    O32 - AutoRun File - [2012/03/02 00:05:09 | 000,000,036 | ---- | M] () - H:\autorun.inf -- [ NTFS ]

    :reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "TCP Query User{2020AE43-45C7-4022-AA59-FAE546959D26}C:\windows\kmsemulator.exe"=-
    "{E6C44D40-349B-4867-8D40-ABFFAD9E1F91}"=-

    :Commands
    [EMPTYTEMP]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


- NEXT -

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

Please post these Logfiles in your next answer:

  • OTL.txt
  • FSS Log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP