I don't know what TranslateGenius is. Pretty sure that's not good.
Here is the MBAM Log from before coming to you, OTL FixLog, Adwarecleaner Log, OTL, and Extras.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.11.15.11
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Matt :: MATT-PC [administrator]
11/15/2013 5:53:22 PM
mbam-log-2013-11-15 (17-53-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237195
Time elapsed: 3 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 8
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCR\TypeLib\{DCB1CD02-42FC-4447-B833-6405CE328D62} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKCR\Interface\{96B7C08E-01F0-491A-8509-9741CF47039F} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
[email protected] (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (
http://search.condui...BAAA292EF&SSPV=) Good: (
http://www.google.com) -> Quarantined and repaired successfully.
Folders Detected: 22
C:\Program Files (x86)\Social Privacy (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome\content (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
Files Detected: 88
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\bitool.dll (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nslF425.tmp (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nsq4C55.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nsw3682.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nsw3809.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nsw4AEE.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Matt\AppData\Local\Temp\nsvDF9.tmp\bi_client.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\Matt\Local Settings\Temporary Internet Files\Content.IE5\6OL206IB\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.
C:\Users\Matt\Local Settings\Temporary Internet Files\Content.IE5\FJR4TJPW\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Matt\Local Settings\Temporary Internet Files\Content.IE5\Z84YKMBH\BiTool[1].dll (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Matt\Local Settings\Temporary Internet Files\Content.IE5\Z84YKMBH\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\code.zip (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\r.log (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\sp.dll (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\Uninstall.exe (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome.manifest (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\install.rdf (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome\content\icon.png (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome\content\main.js (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Social Privacy\FF\chrome\content\overlay.xul (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
(end)
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{429DC9F2-1367-4C14-9906-89D81DE97551}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{429DC9F2-1367-4C14-9906-89D81DE97551}\ not found.
Prefs.js: "
http://search.condui...79&UM=UM_ID&q=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
Prefs.js:
[email protected]:1.0 removed from extensions.enabledAddons
C:\Users\Matt\AppData\Roaming\Mozilla\FireFox\Profiles\07udyna9.default\user.js moved successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected] deleted successfully.
File C:\Program Files (x86)\Social Privacy\FF not found.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3f34ed98-04e6-4252-9646-d930abe8bd3b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3f34ed98-04e6-4252-9646-d930abe8bd3b}\ not found.
File C:\Program Files (x86)\findAdeal\135.xpi [2013/11/15 17:49:20 | 000,006,225 | ---- | M] not found.
C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\searchplugins\askcom.xml moved successfully.
C:\Program Files (x86)\findAdeal\135.xpi moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b36ac8cc-a828-4b0b-b965-3c9c677c803a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b36ac8cc-a828-4b0b-b965-3c9c677c803a}\ deleted successfully.
C:\Program Files (x86)\findAdeal\135.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll deleted successfully.
C:\Program Files (x86)\findAdeal folder moved successfully.
C:\Windows\SysWow64\AI_RecycleBin\{D50F990E-EEC1-4880-97B1-B87CDB899431} folder moved successfully.
C:\Windows\SysWow64\AI_RecycleBin\{CFEEB76B-06CE-4990-A75F-5C31D3887A2D} folder moved successfully.
C:\Windows\SysWow64\AI_RecycleBin\{6B1868C2-C6B5-4E8C-8F91-FE7E743B1AA0} folder moved successfully.
C:\Windows\SysWow64\AI_RecycleBin\{1D06D0EB-212B-4CCE-8ED8-D6C5EA4FABE5} folder moved successfully.
C:\Windows\SysWow64\AI_RecycleBin folder moved successfully.
C:\Users\Matt\AppData\Local\SearchProtect\SearchProtect\rep folder moved successfully.
C:\Users\Matt\AppData\Local\SearchProtect\SearchProtect\Logs folder moved successfully.
C:\Users\Matt\AppData\Local\SearchProtect\SearchProtect folder moved successfully.
C:\Users\Matt\AppData\Local\{71BEC60D-ACE3-47BD-8772-417554A237FF} folder moved successfully.
C:\Users\Matt\AppData\Local\{B103F68B-10B7-4409-8F96-83AC8FCC0DEE} folder moved successfully.
C:\Users\Matt\AppData\Local\{54FAD5F5-BCBB-4502-A330-E94F6AC2D112} folder moved successfully.
C:\Users\Matt\AppData\Local\{3E551C14-718E-41F5-B0EA-77DA4B003B04} folder moved successfully.
C:\Windows\Tasks\find-a-deal Update.job moved successfully.
ADS C:\ProgramData\TEMP:359B3BDA deleted successfully.
ADS C:\Users\Matt\AppData\Local\Temp:EREkSInJfVa6RH1fFIDA1aQ deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Social Privacy not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Matt
->Temp folder emptied: 711507107 bytes
->Temporary Internet Files folder emptied: 35199136 bytes
->Java cache emptied: 2023 bytes
->FireFox cache emptied: 208033903 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 175330 bytes
User: Matt2
->Temp folder emptied: 199098 bytes
->Temporary Internet Files folder emptied: 905468 bytes
->FireFox cache emptied: 15909800 bytes
->Flash cache emptied: 492 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3121072 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 930.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11172013_101819
Files\Folders moved on Reboot...
C:\Users\Matt\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
# AdwCleaner v3.012 - Report created 17/11/2013 at 10:29:43
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Matt - MATT-PC
# Running from : C:\Users\Matt\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Matt\AppData\Local\Conduit
Folder Deleted : C:\Users\Matt\AppData\Local\PackageAware
Folder Deleted : C:\Users\Matt\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Matt\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Matt\AppData\LocalLow\Mail.Ru
Folder Deleted : C:\Users\Matt\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\ConduitCommon
Folder Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\Smartbar
Folder Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\CT2790392
Folder Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\Extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
File Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\.autoreg
File Deleted : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\invalidprefs.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16447
-\\ Mozilla Firefox v26.0 (en-US)
[ File : C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\prefs.js ]
Line Deleted : user_pref("CT2790392..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2790392.1000234.TWC_locId", "USMO0460");
Line Deleted : user_pref("CT2790392.1000234.TWC_temp_dis", "f");
Line Deleted : user_pref("CT2790392.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"31°F\",\"temperatureClear\":\"31°F\",\"highTemperature\":\"35°F\",\"lowTemperature\":\"22°F\",\"feelsLike\":\"20°F\",[...]
Line Deleted : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
Line Deleted : user_pref("CT2790392.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.CurrentServerDate", "27-5-2012");
Line Deleted : user_pref("CT2790392.DSInstall", false);
Line Deleted : user_pref("CT2790392.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2790392.DialogsGetterLastCheckTime", "Sat May 26 2012 21:09:10 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2790392.EMailNotifierPollDate", "Sun May 20 2012 19:05:18 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.FeedLastCount129313977501788460", 207);
Line Deleted : user_pref("CT2790392.FeedPollDate129313974171006416", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313975698350231", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976370850190", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313976648818968", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313977444757117", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980389131455", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980655381977", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313980886163259", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313981234756535", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983226631720", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedPollDate129313983607725691", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.FeedTTL129313974171006416", 10);
Line Deleted : user_pref("CT2790392.FeedTTL129313977444757117", 15);
Line Deleted : user_pref("CT2790392.FeedTTL129313980655381977", 5);
Line Deleted : user_pref("CT2790392.FeedTTL129313981234756535", 5);
Line Deleted : user_pref("CT2790392.FirstServerDate", "21-5-2012");
Line Deleted : user_pref("CT2790392.FirstTime", true);
Line Deleted : user_pref("CT2790392.FirstTimeFF3", true);
Line Deleted : user_pref("CT2790392.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2790392.HPInstall", false);
Line Deleted : user_pref("CT2790392.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2790392.Initialize", true);
Line Deleted : user_pref("CT2790392.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2790392.InstallationId", "fft185B.tmp.exe");
Line Deleted : user_pref("CT2790392.InstallationType", "XPE");
Line Deleted : user_pref("CT2790392.InstalledDate", "Sun May 20 2012 19:05:18 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.IsGrouping", false);
Line Deleted : user_pref("CT2790392.IsInitSetupIni", true);
Line Deleted : user_pref("CT2790392.IsMulticommunity", false);
Line Deleted : user_pref("CT2790392.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2790392.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT2790392.LanguagePackLastCheckTime", "Sat May 26 2012 22:57:47 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.0.8", "Mon May 21 2012 12:43:37 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.LastLogin_3.12.2.3", "Sun May 27 2012 13:30:40 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.LatestVersion", "3.12.2.3");
Line Deleted : user_pref("CT2790392.Locale", "en");
Line Deleted : user_pref("CT2790392.LoginRevertSettingsEnabled", true);
Line Deleted : user_pref("CT2790392.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2790392.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2790392.OriginalFirstVersion", "3.12.0.8");
Line Deleted : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
Line Deleted : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=");
Line Deleted : user_pref("CT2790392.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sat May 26 2012 22:57:47 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2790392.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2790392.ServiceMapLastCheckTime", "Sat May 26 2012 22:57:47 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.SettingsLastCheckTime", "Sun May 27 2012 13:30:39 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.SettingsLastUpdate", "1337625361");
Line Deleted : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sun May 20 2012 19:05:18 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT2790392.UserID", "UN57317740152823279");
Line Deleted : user_pref("CT2790392.WeatherNetwork", "");
Line Deleted : user_pref("CT2790392.WeatherPollDate", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.WeatherUnit", "F");
Line Deleted : user_pref("CT2790392.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT2790392.alertChannelId", "1182482");
Line Deleted : user_pref("CT2790392.autoDisableScopes", -1);
Line Deleted : user_pref("CT2790392.countryCode", "US");
Line Deleted : user_pref("CT2790392.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT2790392.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT2790392.firstTimeDialogOpened", true);
Line Deleted : user_pref("CT2790392.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT2790392.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT2790392.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT2790392.fixUrls", true);
Line Deleted : user_pref("CT2790392.fullUserID", "UN57317740152823279.UP.20130709035550");
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.initDone", true);
Line Deleted : user_pref("CT2790392.installId", "fftB9AC.tmp.exe");
Line Deleted : user_pref("CT2790392.installType", "XPE");
Line Deleted : user_pref("CT2790392.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2790392.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT2790392.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT2790392.isNewTabEnabled", true);
Line Deleted : user_pref("CT2790392.isPerformedSmartBarTransition", "true");
Line Deleted : user_pref("CT2790392.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT2790392.keyword", true);
Line Deleted : user_pref("CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=UN57317740152823279&SSPV=&Lay=1&UM=UM_ID\"}[...]
Line Deleted : user_pref("CT2790392.lastVersion", "10.20.0.513");
Line Deleted : user_pref("CT2790392.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT2790392.myStuffEnabled", true);
Line Deleted : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2790392.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT2790392.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F335021-might-have-gotten-spyware-from-something-i-instal[...]
Line Deleted : user_pref("CT2790392.openThankYouPage", "true");
Line Deleted : user_pref("CT2790392.openUninstallPage", "FALSE");
Line Deleted : user_pref("CT2790392.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CUI=UN57317740152823279&UM=UM_ID&q=");
Line Deleted : user_pref("CT2790392.revertSettingsEnabled", false);
Line Deleted : user_pref("CT2790392.search.searchAppId", "129298377186388102");
Line Deleted : user_pref("CT2790392.search.searchCount", "0");
Line Deleted : user_pref("CT2790392.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT2790392.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2790392.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2790392.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT2790392.searchUserMode", "UM_ID");
Line Deleted : user_pref("CT2790392.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2790392\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BitTorrentBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BitTorrentBar \"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT2790392.serviceLayer_services_Configuration_lastUpdate", "1384656971179");
Line Deleted : user_pref("CT2790392.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1364231743062");
Line Deleted : user_pref("CT2790392.serviceLayer_services_appsMetadata_lastUpdate", "1364231742947");
Line Deleted : user_pref("CT2790392.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1364231742916");
Line Deleted : user_pref("CT2790392.serviceLayer_services_location_lastUpdate", "1365704206605");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358381770595");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359677755851");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360682284381");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.14.65.43_lastUpdate", "1373352720123");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.15.0.562_lastUpdate", "1365716291883");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374965487515");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.16.70.505_lastUpdate", "1379190493214");
Line Deleted : user_pref("CT2790392.serviceLayer_services_login_10.20.0.513_lastUpdate", "1384701709178");
Line Deleted : user_pref("CT2790392.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1364231742949");
Line Deleted : user_pref("CT2790392.serviceLayer_services_searchAPI_lastUpdate", "1384656971065");
Line Deleted : user_pref("CT2790392.serviceLayer_services_serviceMap_lastUpdate", "1384656971009");
Line Deleted : user_pref("CT2790392.serviceLayer_services_toolbarContextMenu_lastUpdate", "1364231742833");
Line Deleted : user_pref("CT2790392.serviceLayer_services_toolbarSettings_lastUpdate", "1384700705043");
Line Deleted : user_pref("CT2790392.serviceLayer_services_translation_lastUpdate", "1384656971127");
Line Deleted : user_pref("CT2790392.settingsINI", true);
Line Deleted : user_pref("CT2790392.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT2790392.showToolbarPermission", "false");
Line Deleted : user_pref("CT2790392.smartbar.CTID", "CT2790392");
Line Deleted : user_pref("CT2790392.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT2790392.smartbar.isHidden", true);
Line Deleted : user_pref("CT2790392.smartbar.toolbarName", "BitTorrentBar ");
Line Deleted : user_pref("CT2790392.testingCtid", "");
Line Deleted : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sat May 26 2012 22:57:47 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.toolbarBornServerTime", "21-5-2012");
Line Deleted : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sun May 20 2012 19:05:19 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.toolbarCurrentServerTime", "17-11-2013");
Line Deleted : user_pref("CT2790392.toolbarLoginClientTime", "Mon Mar 25 2013 13:15:42 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2790392.usagesFlag", 2);
Line Deleted : user_pref("CT2790392_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384701987254,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"d728e3133901af9bc4d47b2d34f1dfc01\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1334663508\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"d76323372b05c3748a3d6b1c93a98292\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"67e1ac93c8bab6bfc9801049c6b49194\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Matt\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\07udyna9.default\\conduitCommon\\modules\\3.12.0.8");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "812ba45e-0ae8-462f-9ca3-e6483a2bc940");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun May 20 2012 19:05:21 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun May 20 2012 19:05:20 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "7818b1db-eafd-427d-a82f-069ef76aa724");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Ask.com");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT2790392");
Line Deleted : user_pref("extensions.crossrider.bic", "13af62567772787a45413302f2f38783");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CUI=UN57317740152823279&UM=UM_ID&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT2790392");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&CUI=UN57317740152823279&UM=UM_ID&q=");
Line Deleted : user_pref("smartbar.machineId", "ZG3SG0HVMNGBJYMHRKUB2+9+WK8H0EHMYLY9M8SSHQ4+GEQGFJG2AKH1UNB0R7GWDYW+5ZZVQLMABLVGUOHGHW");
[ File : C:\Users\Matt2\AppData\Roaming\Mozilla\Firefox\Profiles\sf0i1fpi.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [25242 octets] - [17/11/2013 10:28:40]
AdwCleaner[S0].txt - [25515 octets] - [17/11/2013 10:29:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25576 octets] ##########
OTL logfile created on: 11/17/2013 10:39:59 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.97 Gb Total Physical Memory | 6.17 Gb Available Physical Memory | 77.43% Memory free
15.94 Gb Paging File | 14.00 Gb Available in Paging File | 87.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 38.64 Gb Free Space | 4.15% Space Free | Partition Type: NTFS
Computer Name: MATT-PC | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/16 17:33:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
PRC - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/10/30 14:25:54 | 001,820,584 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/09/17 17:29:22 | 000,053,232 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\TranslateGeniusAgent.exe
PRC - [2013/09/08 17:16:16 | 000,002,560 | ---- | M] () -- C:\Windows\Runservice.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/06 17:23:14 | 001,457,552 | ---- | M] () -- C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe
PRC - [2012/09/06 17:23:14 | 000,390,544 | ---- | M] (MOTU Inc.) -- C:\Program Files (x86)\MOTU\motuDNSResponder.exe
PRC - [2012/05/30 12:18:07 | 004,331,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/08/24 16:30:58 | 000,651,832 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2011/08/24 16:30:58 | 000,430,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/04/12 14:29:02 | 000,953,232 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
PRC - [2010/08/31 23:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2009/08/13 16:38:46 | 000,854,536 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
PRC - [2009/08/13 16:38:04 | 000,850,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
PRC - [2009/08/13 16:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
========== Modules (No Company Name) ========== MOD - [2013/10/30 14:25:56 | 001,123,240 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/10/24 12:45:32 | 000,691,200 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/10/23 15:07:26 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/09/17 17:29:22 | 000,053,232 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\TranslateGeniusAgent.exe
MOD - [2013/09/17 17:29:20 | 000,050,688 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Updater\Temp\Agent.Application.dll
MOD - [2013/09/17 17:29:18 | 000,006,656 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Support.Infrastructure.dll
MOD - [2013/09/06 11:19:58 | 000,238,080 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\System.ComponentModel.Composition.dll
MOD - [2013/09/06 11:19:58 | 000,032,256 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Updater\Temp\BBV.Framework.dll
MOD - [2013/09/06 11:19:58 | 000,021,504 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Updater\Temp\Browsers.Firefox.dll
MOD - [2013/09/06 11:19:58 | 000,017,920 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Metrics.Dispatching.dll
MOD - [2013/09/06 11:19:58 | 000,012,800 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Environment.Identification.dll
MOD - [2013/09/06 11:19:58 | 000,009,728 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\Updater\Temp\Browsers.Chrome.dll
MOD - [2013/06/14 18:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 18:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 18:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/09/06 17:23:14 | 001,457,552 | ---- | M] () -- C:\Program Files (x86)\MOTU\Audio\MFWAKeys.exe
MOD - [2012/05/30 12:11:47 | 000,176,128 | ---- | M] () -- C:\Program Files (x86)\AIM\nssckbi.dll
MOD - [2012/05/25 03:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/10/15 04:51:49 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\6c1567259547084fc25ef4941b184be5\System.Xml.Linq.ni.dll
MOD - [2011/10/15 04:51:15 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\6d859463c9e6a7423ddb335211a79dda\System.Core.ni.dll
MOD - [2011/10/15 02:41:29 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\834be57d8ab824b4ebcbf01161791d70\System.Transactions.ni.dll
MOD - [2011/10/15 02:41:28 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll
MOD - [2011/10/15 02:41:13 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011/10/15 02:41:09 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011/10/15 02:40:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011/10/15 02:40:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011/10/15 02:40:55 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011/10/15 02:40:51 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 16:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
========== Services (SafeList) ========== SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/11/15 14:49:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/08 20:47:20 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/08 17:16:16 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\Windows\Runservice.exe -- (LicCtrlService)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/03 01:38:28 | 000,759,192 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/06 17:23:14 | 000,390,544 | ---- | M] (MOTU Inc.) [Auto | Running] -- C:\Program Files (x86)\MOTU\motuDNSResponder.exe -- (MOTU_ZeroConf)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/24 16:30:58 | 000,430,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/06/25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2013/09/14 15:51:43 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:
64bit: - [2013/09/14 15:51:41 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:
64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:
64bit: - [2013/02/25 00:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:
64bit: - [2013/01/25 17:44:28 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VirtualAudio5.sys -- (WsAudio_Device(5)
DRV:
64bit: - [2013/01/25 17:44:28 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VirtualAudio4.sys -- (WsAudio_Device(4)
DRV:
64bit: - [2013/01/25 17:44:28 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VirtualAudio3.sys -- (WsAudio_Device(3)
DRV:
64bit: - [2013/01/25 17:44:28 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VirtualAudio2.sys -- (WsAudio_Device(2)
DRV:
64bit: - [2013/01/25 17:44:28 | 000,031,080 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VirtualAudio1.sys -- (WsAudio_Device(1)
DRV:
64bit: - [2012/10/10 22:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:
64bit: - [2012/10/10 22:08:08 | 000,029,696 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:
64bit: - [2012/09/06 17:24:08 | 000,029,848 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\motubus64.sys -- (motubus)
DRV:
64bit: - [2012/09/06 17:24:02 | 000,032,408 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfwamidi64.sys -- (MFWAMIDI64)
DRV:
64bit: - [2012/09/06 17:24:00 | 000,609,944 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MotuFWA64.sys -- (MotuFWA64)
DRV:
64bit: - [2012/09/06 17:23:58 | 000,082,584 | ---- | M] (Mark of the Unicorn) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfwawave64.sys -- (MFWAWAVE64)
DRV:
64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/02/01 03:19:24 | 001,041,000 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:
64bit: - [2012/01/18 01:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUVC64.sys -- (LVUVC64)
DRV:
64bit: - [2012/01/18 01:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:
64bit: - [2012/01/18 01:44:14 | 000,025,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:
64bit: - [2011/11/03 02:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2011/07/07 11:42:38 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2011/03/31 14:01:50 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:
64bit: - [2011/02/22 01:21:54 | 000,404,584 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:
64bit: - [2011/01/15 11:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:
64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV:
64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV:
64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV:
64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV:
64bit: - [2010/12/24 15:27:44 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV:
64bit: - [2010/12/16 17:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:
64bit: - [2010/12/07 15:39:32 | 000,187,912 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioFastTrackPro.sys -- (MAUSBFASTTRACKPRO)
DRV:
64bit: - [2010/07/01 13:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:
64bit: - [2010/06/25 12:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:
64bit: - [2009/11/17 18:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:
64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:
64bit: - [2009/07/14 14:36:28 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:
64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/01 10:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2008/12/26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?...=EIE9HP&PC=UP50IE - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comIE - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/"FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.12
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Matt\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Matt\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Matt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/15 14:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/15 14:49:36 | 000,000,000 | ---D | M]
[2011/10/14 21:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Extensions
[2013/11/17 10:29:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions
[2013/09/05 01:47:46 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2012/05/10 19:56:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\SeaMonkey\Profiles\j2x55qrb.default\extensions
[2013/10/08 09:32:53 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\
[email protected][2012/09/13 16:15:48 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\
[email protected][2013/11/15 17:49:12 | 000,331,553 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\
[email protected][2013/11/08 15:01:56 | 000,534,744 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/10/10 10:48:43 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/01 16:30:05 | 000,282,570 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/11/13 16:28:17 | 000,549,871 | ---- | M] () (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\07udyna9.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013/11/15 14:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/15 14:49:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ========== CHR - homepage:
http://www.google.comCHR - homepage:
http://www.google.comCHR - Extension: YouTube = C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
CHR - Extension: No name found = C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012/08/03 14:58:25 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:
64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:
64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:
64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [adblock pro] C:\Program Files (x86)\Adblock Pro\abpmain.exe -m File not found
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)
O4 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000..\Run: [Aim] C:\Program Files (x86)\AIM\aim.exe (AOL Inc.)
O4 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TranslateGeniusAgent.lnk = C:\Users\Matt\AppData\Roaming\TGF Interactive LLC\Translate Genius\TranslateGeniusAgent.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-6543664-2043801977-3085460779-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: &Block This Image (ABP) - Reg Error: Value error. File not found
O8 - Extra context menu item: &Block This Image (ABP) - Reg Error: Value error. File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16E0B6DF-764C-4C1D-BD12-AC3E94EED18A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16E0B6DF-764C-4C1D-BD12-AC3E94EED18A}: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40C5FD02-38D1-4EB5-8DE3-6AEA0E14B674}: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 75.126.206.18,184.173.169.186
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F283811-EC66-4EA4-8717-98882A73DA42}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F283811-EC66-4EA4-8717-98882A73DA42}: NameServer = 75.126.206.18,184.173.169.186
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:
64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2013/11/17 10:28:38 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/17 10:18:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/16 17:33:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2013/11/15 17:49:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC
[2013/11/15 17:49:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TGF Interactive
[2013/11/15 17:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSeMu3
[2013/11/15 14:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/14 16:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galactic Cafe
[2013/11/14 16:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Galactic Cafe
[2013/11/13 02:38:27 | 000,000,000 | ---D | C] -- C:\Crash
[2013/11/07 18:12:23 | 000,000,000 | ---D | C] -- C:\Users\Matt\Documents\Beyond_Perception_130826
========== Files - Modified Within 30 Days ========== [2013/11/17 10:38:33 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 10:38:33 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/17 10:31:55 | 000,001,940 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6520 series (Copy 1).lnk
[2013/11/17 10:31:26 | 000,000,593 | -HS- | M] () -- C:\Windows\SysWow64\mmf.sys
[2013/11/17 10:31:24 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2013/11/17 10:31:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/17 10:31:13 | 2125,799,423 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/17 10:22:29 | 001,085,542 | ---- | M] () -- C:\Users\Matt\Desktop\AdwCleaner.exe
[2013/11/17 09:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/17 09:19:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-6543664-2043801977-3085460779-1000UA.job
[2013/11/16 21:19:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-6543664-2043801977-3085460779-1000Core.job
[2013/11/16 17:33:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Desktop\OTL.exe
[2013/11/15 17:49:11 | 000,001,245 | ---- | M] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TranslateGeniusAgent.lnk
[2013/11/14 16:59:06 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\The Stanley Parable.lnk
[2013/11/12 15:28:18 | 000,779,264 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/12 15:28:18 | 000,660,354 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/12 15:28:18 | 000,121,282 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
========== Files Created - No Company Name ========== [2013/11/17 10:22:26 | 001,085,542 | ---- | C] () -- C:\Users\Matt\Desktop\AdwCleaner.exe
[2013/11/15 17:49:11 | 000,001,245 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TranslateGeniusAgent.lnk
[2013/11/14 16:59:06 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\The Stanley Parable.lnk
[2013/09/08 17:16:17 | 000,000,593 | -HS- | C] () -- C:\Windows\SysWow64\mmf.sys
[2013/09/08 17:16:16 | 000,045,056 | ---- | C] () -- C:\Windows\mmfs.dll
[2013/09/08 17:16:16 | 000,002,560 | ---- | C] () -- C:\Windows\Runservice.exe
[2013/05/28 12:11:17 | 000,000,056 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\MOTU FireWire SMPTE Prefs.prefs
[2013/02/28 10:41:44 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/02/20 13:22:12 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WS_ATLMovie.dll
[2013/02/19 11:40:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/08/18 00:48:55 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/08/12 00:16:15 | 000,000,127 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\mbam.context.scan
[2012/07/10 04:53:41 | 000,000,530 | ---- | C] () -- C:\Windows\eReg.dat
[2012/05/08 21:04:12 | 000,000,906 | ---- | C] () -- C:\Windows\DC.ini
[2012/05/02 21:17:10 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/02 21:17:10 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/02 21:17:10 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/01/27 21:27:48 | 000,772,988 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/18 01:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 01:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 01:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/12 22:00:48 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/12/31 22:11:00 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/11/30 13:16:01 | 000,020,480 | ---- | C] () -- C:\Users\Matt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 09:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 09:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 09:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll
========== LOP Check ========== [2013/11/05 19:06:37 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\.minecraft
[2011/10/14 21:34:51 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\acccore
[2013/11/16 17:06:35 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Applian FLV and Media Player
[2012/12/12 02:29:07 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Audacity
[2012/02/05 13:58:53 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\BigHugeEngine
[2013/11/16 17:44:05 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\BitTorrent
[2013/09/10 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\fltk.org
[2012/06/13 22:25:16 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\GameFly
[2013/09/14 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\GetRightToGo
[2012/04/19 14:55:39 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\GOG.com
[2013/03/24 21:55:56 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Hive Cluster
[2012/10/31 21:38:08 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\ImTOO
[2013/06/26 14:12:47 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\IonFx
[2011/12/01 00:06:05 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Leadertech
[2012/07/05 23:05:54 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\LolClient
[2012/11/07 18:24:34 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\OnLive App
[2012/12/07 21:43:16 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\PACE Anti-Piracy
[2013/05/28 16:56:17 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\PreSonus
[2011/11/30 13:00:18 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Publish Providers
[2013/08/09 02:00:58 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Screaming Bee
[2011/11/30 13:00:17 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Sony
[2012/06/21 15:22:52 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Stardock
[2012/08/03 15:53:57 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Subversion
[2011/10/27 21:49:42 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\TeamViewer
[2013/11/15 17:49:11 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\TGF Interactive LLC
[2012/03/07 01:05:43 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\To the Moon - Freebird Games
[2012/08/30 18:26:39 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Trine2
[2013/06/02 00:43:05 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\TS3Client
[2013/03/04 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\ts3overlay
[2012/10/24 19:35:12 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\ts3overlay_hook_win64
[2013/09/14 18:01:00 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Tunngle
[2013/09/14 20:39:32 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\Ubisoft
[2013/11/03 15:08:21 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\VidCoder
[2011/11/14 06:11:28 | 000,000,000 | ---D | M] -- C:\Users\Matt\AppData\Roaming\WinMPG
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV:
64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:
64bit: - [2009/07/13 20:40:01 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:
64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
No service found with a name of BITS
SRV:
64bit: - [2009/07/13 20:40:10 | 000,703,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:
64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:
64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:
64bit: - [2009/07/13 20:40:13 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:
64bit: - [2009/07/13 20:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2009/07/13 20:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:
64bit: - [2009/07/13 20:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:
64bit: - [2011/03/03 01:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:
64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:
64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:
64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:
64bit: - [2009/07/13 20:41:10 | 000,500,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:
64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:
64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:
64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:
64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:
64bit: - [2009/07/13 20:41:52 | 000,302,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:
64bit: - [2011/05/24 06:21:59 | 000,404,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:
64bit: - [2010/08/21 01:29:47 | 000,558,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:
64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:
64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,343,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:
64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:
64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:
64bit: - [2010/08/27 01:14:02 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:
64bit: - [2009/07/13 20:41:54 | 000,369,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/13 20:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:
64bit: - [2010/11/02 00:16:53 | 001,114,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:
64bit: - [2009/07/13 20:41:55 | 000,316,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 20:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:
64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,208,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:
64bit: - [2009/07/13 20:39:50 | 001,598,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:
64bit: - [2009/07/13 20:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:
64bit: - [2009/07/13 20:40:04 | 000,676,864 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:
64bit: - [2009/07/13 20:41:53 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 20:41:56 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:
64bit: - [2009/07/13 20:41:27 | 000,824,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:
64bit: - [2009/07/13 20:41:56 | 000,578,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:
64bit: - [2009/07/13 20:39:21 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2009/07/13 20:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:
64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:
64bit: - [2012/06/02 17:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:
64bit: - [2009/07/13 20:40:32 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:
64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:
64bit: - [2009/07/13 20:41:56 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: QMGR.DLL >[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\erdnt\cache64\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\SysNative\qmgr.dll
[2009/07/13 20:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll
< MD5 for: SERVICES >[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services
< MD5 for: SERVICES.CFG >[2013/09/03 08:53:56 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\Services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\Services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SERVICES.EXE.MUI >[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 21:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui
< MD5 for: SERVICES.LNK >[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof
< MD5 for: SERVICES.MSC >[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 21:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml
< MD5 for: SERVICES.SBS >[2011/03/01 02:58:44 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files (x86)\Spybot - Search & Destroy\Includes\Services.sbs
< MD5 for: SERVICES.SETTINGS >[2013/05/28 17:00:47 | 000,002,995 | ---- | M] () MD5=11645E3CFF6A37231BEF3EDB3701E33F -- C:\Users\Matt\AppData\Roaming\PreSonus\Studio One 2\x64\Services.settings
< MD5 for: SVCHOST.EXE >[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/27 10:55:38 | 008,161,008 | ---- | M] () MD5=922FE2CCD384C24201CD7A58C03C104E -- C:\Program Files\Java\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\erdnt\cache86\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\erdnt\cache64\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\erdnt\cache64\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< dir "%systemdrive%\*" /S /A:L /C > Volume in drive C has no label.
Volume Serial Number is F88B-6CA2
Directory of C:\
07/14/2009 12:08 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:08 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:08 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:08 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:08 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:08 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:08 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:08 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:08 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:08 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:08 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:08 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:08 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:08 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:08 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Matt
10/14/2011 08:45 PM <JUNCTION> Application Data [C:\Users\Matt\AppData\Roaming]
10/14/2011 08:45 PM <JUNCTION> Cookies [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Cookies]
10/14/2011 08:45 PM <JUNCTION> Local Settings [C:\Users\Matt\AppData\Local]
10/14/2011 08:45 PM <JUNCTION> My Documents [C:\Users\Matt\Documents]
10/14/2011 08:45 PM <JUNCTION> NetHood [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/14/2011 08:45 PM <JUNCTION> PrintHood [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/14/2011 08:45 PM <JUNCTION> Recent [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Recent]
10/14/2011 08:45 PM <JUNCTION> SendTo [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\SendTo]
10/14/2011 08:45 PM <JUNCTION> Start Menu [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu]
10/14/2011 08:45 PM <JUNCTION> Templates [C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Matt\AppData\Local
10/14/2011 08:45 PM <JUNCTION> Application Data [C:\Users\Matt\AppData\Local]
10/14/2011 08:45 PM <JUNCTION> History [C:\Users\Matt\AppData\Local\Microsoft\Windows\History]
10/14/2011 08:45 PM <JUNCTION> Temporary Internet Files [C:\Users\Matt\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Matt\Documents
10/14/2011 08:45 PM <JUNCTION> My Music [C:\Users\Matt\Music]
10/14/2011 08:45 PM <JUNCTION> My Pictures [C:\Users\Matt\Pictures]
10/14/2011 08:45 PM <JUNCTION> My Videos [C:\Users\Matt\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Matt2
05/24/2013 08:51 PM <JUNCTION> Application Data [C:\Users\Matt2\AppData\Roaming]
05/24/2013 08:51 PM <JUNCTION> Cookies [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Cookies]
05/24/2013 08:51 PM <JUNCTION> Local Settings [C:\Users\Matt2\AppData\Local]
05/24/2013 08:51 PM <JUNCTION> My Documents [C:\Users\Matt2\Documents]
05/24/2013 08:51 PM <JUNCTION> NetHood [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/24/2013 08:51 PM <JUNCTION> PrintHood [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/24/2013 08:51 PM <JUNCTION> Recent [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Recent]
05/24/2013 08:51 PM <JUNCTION> SendTo [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\SendTo]
05/24/2013 08:51 PM <JUNCTION> Start Menu [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Start Menu]
05/24/2013 08:51 PM <JUNCTION> Templates [C:\Users\Matt2\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Matt2\AppData\Local
05/24/2013 08:51 PM <JUNCTION> Application Data [C:\Users\Matt2\AppData\Local]
05/24/2013 08:51 PM <JUNCTION> History [C:\Users\Matt2\AppData\Local\Microsoft\Windows\History]
05/24/2013 08:51 PM <JUNCTION> Temporary Internet Files [C:\Users\Matt2\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Matt2\Documents
05/24/2013 08:51 PM <JUNCTION> My Music [C:\Users\Matt2\Music]
05/24/2013 08:51 PM <JUNCTION> My Pictures [C:\Users\Matt2\Pictures]
05/24/2013 08:51 PM <JUNCTION> My Videos [C:\Users\Matt2\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:08 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:08 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:08 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
65 Dir(s) 41,240,637,440 bytes free
< End of report >
OTL Extras logfile created on: 11/17/2013 10:39:59 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.97 Gb Total Physical Memory | 6.17 Gb Available Physical Memory | 77.43% Memory free
15.94 Gb Paging File | 14.00 Gb Available in Paging File | 87.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 38.64 Gb Free Space | 4.15% Space Free | Partition Type: NTFS
Computer Name: MATT-PC | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-6543664-2043801977-3085460779-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{22808223-9F47-42A7-8954-A57F03A471BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26A9B80B-FB72-4E14-B7F3-85932BEA365D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78642692-8E92-4748-8239-9F5041D7B8E7}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in |
[email protected],-28545 |
"{006DC8D6-AAB8-477A-B986-ADDAC661EA35}" = dir=in | app=c:\program files\hp\hp photosmart 6520 series\bin\hpnetworkcommunicator.exe |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BB226FD-56D3-472B-8F1A-6267A0FCF074}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16AB2DCD-D23D-4649-8DFB-862B3F6711A5}" = dir=in | app=c:\program files\hp\hp photosmart 6520 series\bin\hpnetworkcommunicatorcom.exe |
"{19BD0423-9C89-4E5A-BF65-7080AE796645}" = dir=in | app=c:\users\matt\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{2174C124-63CC-49F3-A12D-C277D9083551}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{2422ECC5-4B0F-44F8-8A51-7E980593D79C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\benchmark.exe |
"{253B31DA-C179-408F-A363-07484EB66AEA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{2B8726FD-C298-434F-A1C7-064069014A6C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\addon.exe |
"{318392CA-C5D4-45AB-82E2-695F3F993440}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\addonweb.exe |
"{325BA30D-A23F-4FC7-AB69-472F70C4DFC9}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in |
[email protected],-28543 |
"{4BB1279E-B7AC-439A-B34A-71DCF66A8761}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\benchmark.exe |
"{4E762BA5-2B23-41C4-A021-FE179835AE83}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\anno4.exe |
"{569A0A32-56DC-4338-9E4D-14F271F069A6}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out |
[email protected],-28544 |
"{5A5A00DB-AC80-49CE-B444-6887AFC1361C}" = dir=in | app=c:\program files\hp\hp photosmart 6520 series\bin\devicesetup.exe |
"{5B4DEFED-6810-43C5-A1DE-6E1805D3FA5D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{5BA586D9-85D6-4001-978B-4413D061470B}" = protocol=6 | dir=in | app=c:\users\matt\appdata\local\temp\7zs2620\hpdiagnosticcoreui.exe |
"{61A9498D-8D33-4FB3-98C2-679FF2720E7E}" = protocol=17 | dir=in | app=c:\users\matt\appdata\roaming\bittorrent\bittorrent.exe |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{66E07259-D76C-4D68-BDA9-452EC1140BE7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\darksouls.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{71AE8648-F410-41BA-BBB7-F6068E6C59DB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{73E7FEBB-884B-43C3-89C0-5C074A2B0F0C}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe |
"{75E871A5-8281-4D16-90F2-03F42805AD22}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{7BA56618-0538-4DA5-A1C1-9CD4686DA630}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{7CF7FAD0-43FE-4218-8F6F-B87272D31A40}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe |
"{80DCB420-122E-4BE6-9735-B36A4621E49D}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\anno4web.exe |
"{81E26179-93B8-478F-9C1A-0EFBAF894ECB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{8360336B-4988-4C59-A579-1613262F6D1F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87530382-9F1E-43DA-AD3B-0958CAC7216A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe |
"{9D5B7CC6-24A7-4439-8BF2-FBF97A470AA1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{9DAE36CF-309B-4770-9A5B-80A11860D356}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\addonweb.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AD8E853F-C77E-4EB4-8DDE-CBE87497ED92}" = dir=in | app=c:\program files (x86)\namco bandai games\darksouls\darksouls.exe |
"{AF72DB8C-13B6-4AB5-A164-42E56E208D95}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\addon.exe |
"{B64EDB2E-B399-4743-993C-B97F2F42C125}" = protocol=17 | dir=in | app=c:\users\matt\appdata\local\temp\7zs2620\hpdiagnosticcoreui.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{C0028CB1-A0FF-4F00-B8CD-F3337FA6971A}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1E90285-AB2E-459E-AC7A-61F03D921073}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6B8EB4A-4C36-461D-B7A2-FE48BB733DFE}" = protocol=6 | dir=in | app=c:\users\matt\appdata\roaming\bittorrent\bittorrent.exe |
"{D941F02A-F3DB-4811-AB9C-DF1B2DB65227}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\tools\anno4web.exe |
"{DB8E2603-DA75-4F37-ADC7-E31BF109003F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E5285FEA-4456-48CF-AEF7-48BA20CBE8AA}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\dawn of discovery - gold edition\anno4.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out |
[email protected],-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDF7BA15-0912-4AAC-85A9-F04BC3B73794}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1455629-E83F-40AA-B013-6526EA3E5D7A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBA1FE58-C897-48DC-8919-E1E8FD37B85A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"TCP Query User{013F4CE2-1CE4-40D5-9B4E-C2960EDCFB35}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"TCP Query User{10C754B5-30B5-4161-A104-9A574CD72681}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{6095AD91-C9FD-42D4-9211-7D33BC72119F}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=6 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"TCP Query User{A7D20FA0-14B4-489A-91A4-C8F46BE3E64F}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{B429732D-7076-4B84-AB71-B0C7E096DDFB}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{D00FAF59-98A4-44CE-AC87-5C9D1D66105A}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{EC76014C-F1FB-4C75-B257-964711E0E994}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{38D8523D-D26F-4B09-9365-B9A11B560562}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{3D3DA1EC-AB9E-4C76-9D49-33CB3591DCAB}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{729928F5-478C-4AC8-8D34-D8AD59A12336}C:\program files (x86)\prototype 2\prototype2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\prototype 2\prototype2.exe |
"UDP Query User{84BE995C-7FC8-4A6E-908A-B83360A13A6D}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{96D4A05E-54DD-48AC-ADF3-DF29F1491EEB}C:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe" = protocol=17 | dir=in | app=c:\users\public\sony online entertainment\installed games\planetside 2 beta\planetside2.exe |
"UDP Query User{C847CF27-726A-4DE6-9CEA-E714D0165394}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{F0A6795A-AF9B-476D-8287-5F65E48319E7}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1151BCF8-3246-4E34-9C17-22E66318C41C}" = HP Photosmart 6520 series Basic Device Software
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133
"{72EF03F5-0507-4861-9A44-D99FD4C41418}" = Paint.NET v3.5.11
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb" = Adobe Audition 3.0 Vista Compatibility
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A05D2328-5096-4748-981B-493B1D56BBEB}" = MOTU Hardware
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F144E07C-4019-4092-BE25-B57819C97D2F}" = HP Photosmart 6520 series Product Improvement Study
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PreSonus Studio One 2" = PreSonus Studio One 2 x64
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VidCoder-x64_is1" = VidCoder 1.4.24 (x64)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DDBB040-3BEB-4057-90BB-B38B5E081D1B}" = MorphVOX Pro
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2032DA39-C844-43AE-B638-6A4F7496686E}" = Furry Voices for Second Life
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java 7 Update 5
"{27D9C90F-575C-4088-85F5-6F25A24B4B2B}_is1" = Aiseesoft Streaming Video Recorder
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2CC32E0E-9A10-4BCC-94F0-614F85375F59}" = Male Voice Pack
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{456A5815-604D-4D72-94DF-346D2B978A59}_is1" = GOG.com Downloader version 3.0.25
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B886E97-AF5B-46F0-9F48-6BE03149D972}" = Personality Voices
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{573F9269-A022-4C6F-97BD-CF1316A76369}" = Creatures of Darkness
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}" = Fantasy Voice Pack
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars® Knights of the Old Republic® II: The Sith Lords
"{67CEC218-B250-4B4C-B23F-A597EC8DB153}" = Deep Space Voices
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68CE86BC-8CA1-4B4D-A1AC-50C95F8BBC8A}" = Dawn of Discovery - Gold Edition
"{6A09EC92-016B-4032-8CF1-6840B20C254A}" = Dawn of Discovery - Gold Edition
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6D592E30-11EC-11E0-859C-0013D3D69929}" = Vegas Pro 10.0
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{6F2C6EC4-A386-4CAA-9C63-51FCF07A8A42}" = Translate Genius
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7c1da5a1-0b46-49db-b4e4-6bb4e7e4c791}" = find-a-deal
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}" = Galactic Voices
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}" = Belkin N600 DB USB Wireless Adapter
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BC038C91-D3C6-4E43-8439-B65976FE7937}" = Sci-Fi Voice Pack
"{C39768C1-82E7-4466-8526-2D8AC44B768F}" = Translator Fun Voice Pack
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFEF8DB5-B45E-4b05-90BE-D02AA6F45354}" = Firefall
"{D3293275-1002-41F5-BC37-099B4251FF5B}" = HP Photosmart 6520 series Help
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D947A225-8C23-4E52-866E-CF3967476BFC}" = Female Voice Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1" = Pazera Free FLV to AVI Converter 1.4
"{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIM_7" = AIM 7
"Aimersoft DRM Media Converter_is1" = Aimersoft DRM Media Converter(Build 1.4.7.2)
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0.2
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Botanicula_is1" = Botanicula
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Cisco Connect" = Cisco Connect
"Dishonored_is1" = Dishonored
"DivX Setup" = DivX Setup
"DOOM Collector's Edition" = DOOM Collector's Edition
"EADM" = EA Download Manager
"Fallout New Vegas_is1" = Fallout New Vegas
"FL Studio 10" = FL Studio 10
"FLV Player2.0.25" = FLV Player
"Fraps" = Fraps (remove only)
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"GOGPACKHOTLINEMIAMI_is1" = Hotline Miami
"Gunpoint_is1" = Gunpoint
"HP Photo Creations" = HP Photo Creations
"ImTOO Movie Maker 6" = ImTOO Movie Maker 6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MUSHclient" = MUSHclient (remove only)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"OpenAL" = OpenAL
"Rochard_is1" = Rochard
"Satinav" = The Dark Eye - Chains of Satinav
"Soulseek2" = SoulSeek 157 NS 13e
"SpeedFan" = SpeedFan (remove only)
"Steam App 105600" = Terraria
"Steam App 211420" = Dark Souls: Prepare to Die Edition
"Steam App 550" = Left 4 Dead 2
"The Elder Scrolls V Skyrim - High Resolution Texture Pack_is1" = The Elder Scrolls V Skyrim - High Resolution Texture Pack
"The Stanley Parable_is1" = The Stanley Parable
"The Swapper_is1" = The Swapper
"Torchlight II © Runic Games_is1" = Torchlight II © Runic Games version 1
"Tunngle beta_is1" = Tunngle beta
"UmF5bWFuTGVnZW5kcw==_is1" = Rayman Legends
"Uplay" = Uplay
"VirtualCloneDrive" = VirtualCloneDrive
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Xenimus" = Xenimus
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-6543664-2043801977-3085460779-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SOE-C:/Users/Matt/AppData/Local/Sony Online Entertainment/ApplicationUpdater" = applicationupdater
"SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2" = gamelauncher-ps2-live
"SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta" = gamelauncher-code4344-beta
"SOE-PlanetSide 2" = PlanetSide 2
"SOE-PlanetSide 2 Test" = PlanetSide 2 Live Test
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/10/2013 1:04:36 PM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/11/2013 3:17:52 AM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/12/2013 2:32:06 AM | Computer Name = Matt-PC | Source = Application Error | ID = 1000
Description = Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time
stamp: 0x527aa462 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850,
time stamp: 0x4e211485 Exception code: 0xc0000005 Fault offset: 0x0000b9bc Faulting
process id: 0xda4 Faulting application start time: 0x01cedf645f6e3291 Faulting application
path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 25cf9ec3-4b64-11e3-9a2f-8c89a5136da5
Error - 11/12/2013 2:55:07 AM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/12/2013 5:40:33 AM | Computer Name = Matt-PC | Source = Application Error | ID = 1000
Description = Faulting application name: PlanetSide2.exe, version: 0.0.0.0, time
stamp: 0x527aa462 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850,
time stamp: 0x4e211485 Exception code: 0xc0000005 Fault offset: 0x0000b9bc Faulting
process id: 0x1410 Faulting application start time: 0x01cedf805ed20072 Faulting application
path: C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\PlanetSide2.exe
Faulting
module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 792a8a0d-4b7e-11e3-9a2f-8c89a5136da5
Error - 11/13/2013 5:29:39 AM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/15/2013 1:04:45 AM | Computer Name = Matt-PC | Source = Application Error | ID = 1000
Description = Faulting application name: LCDPictureViewer.exe, version: 3.3.133.0,
time stamp: 0x4a84b067 Faulting module name: LCDPictureViewer.exe, version: 3.3.133.0,
time stamp: 0x4a84b067 Exception code: 0xc0000005 Fault offset: 0x00000000000049e5
Faulting
process id: 0xd1c Faulting application start time: 0x01cee03cbbf8f859 Faulting application
path: C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
Faulting
module path: C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
Report
Id: 7172d539-4db3-11e3-ab15-8c89a5136da5
Error - 11/15/2013 6:02:28 AM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/16/2013 6:00:57 AM | Computer Name = Matt-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.
Error - 11/16/2013 7:45:26 PM | Computer Name = Matt-PC | Source = Application Error | ID = 1000
Description = Faulting application name: firefox.exe, version: 26.0.0.5066, time
stamp: 0x52853056 Faulting module name: xul.dll, version: 26.0.0.5066, time stamp:
0x52852fea Exception code: 0xc0000005 Fault offset: 0x00187c98 Faulting process id:
0x18b4 Faulting application start time: 0x01cee32574312ded Faulting application path:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe Faulting module path: C:\Program
Files (x86)\Mozilla Firefox\xul.dll Report Id: 2a6fce6a-4f19-11e3-bc36-8c89a5136da5
[ System Events ]
Error - 11/6/2013 7:56:35 PM | Computer Name = Matt-PC | Source = volsnap | ID = 393251
Description = The shadow copies of volume C: were aborted because the shadow copy
storage failed to grow.
Error - 11/7/2013 2:40:27 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the eventlog service.
Error - 11/7/2013 2:42:55 PM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
Error - 11/7/2013 4:16:27 PM | Computer Name = Matt-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 11/7/2013 6:12:46 PM | Computer Name = Matt-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 11/8/2013 4:34:34 AM | Computer Name = Matt-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 11/10/2013 11:48:48 PM | Computer Name = Matt-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:47:05 PM on ?11/?10/?2013 was unexpected.
Error - 11/13/2013 5:49:15 AM | Computer Name = Matt-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 11/14/2013 4:24:37 PM | Computer Name = Matt-PC | Source = nvlddmkm | ID = 11141134
Description =
Error - 11/17/2013 11:18:19 AM | Computer Name = Matt-PC | Source = Service Control Manager | ID = 7034
Description = The UMVPFSrv service terminated unexpectedly. It has done this 1
time(s).
< End of report >