Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I think I'm infected with the zero access virus-Help [Solved]


  • This topic is locked This topic is locked

#16
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Here are the log files of the FSS scan and Zoek. Am to connect my laptop to the internet yet? If so I will plug in my Ethernet cord and rerun the scans.::

Farbar Service Scanner Version: 23-11-2013
Ran by DanTheMan (administrator) on 24-11-2013 at 09:07:55
Running from "C:\Users\DanTheMan\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============
Checking ServiceDll of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist.



File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by DanTheMan on Sun 11/24/2013 at 9:12:18.79.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\DanTheMan\Desktop\zoek.com [Script inserted]

==== System Restore Info ======================

11/24/2013 9:17:53 AM Zoek.exe System Restore Point Created Succesfully.

==== Windows Installer Info ======================

Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB540C64F3B24CB4E8C4000EFCB89DBD]c:\Windows\Installer\f4dc.msi
Adobe Community Help [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DBDB1253354DF9D5AA55447BD5126492]C:\windows\Installer\4d460022.msi
Adobe Media Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5CD9A3EDD5A9584669264317267C4EAC]C:\windows\Installer\17df768.msi
Adobe Reader X MUI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA7FFFFB744AA0000000010]C:\Windows\Installer\f4d7.msi
Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0212CE3624715264AA746C8AEA9C6CC4]C:\windows\Installer\60c98d8.msi
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D8EF64479F1C24D4AAEAD5CB5E68506A]C:\windows\Installer\60c98e2.msi
Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\windows\Installer\60c98e7.msi
Avid Audio Drivers (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ACA722F2C4029254AB330D594CC227BD]C:\windows\Installer\3815ec0.msi
Avid EDL Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FD94CB5D6C5310C47AF96E834EFB913B]C:\windows\Installer\3815ea3.msi
Avid FilmScribe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\85F2968E1E30BBD4D8A17AA01BCD36A4]C:\windows\Installer\3815ea8.msi
Avid Log Exchange [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E9D7EA50359612489AE3C7E0D57F23B]C:\windows\Installer\3815e9e.msi
Avid Media Composer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\35770967CD8CE60418B902FD31F10A25]C:\windows\Installer\3815ed6.msi
Avid MediaLog [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\27958142587C20D4281A36F21DC441CE]C:\windows\Installer\3815ead.msi
Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AEE7106C15E9921448ABFE9A25E0968D]c:\windows\Installer\d5573a1.msi
Contents [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B9E7C4CC62B4D8D4086704FC07A8F94A]c:\windows\Installer\d5573b3.msi
D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\f53f.msi
DeviceIO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED58F70D1F224BF43B1D04F22DC28407]c:\windows\Installer\d5573a6.msi
Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\18555481990E8AB4CBB63FB4F26006C0]C:\windows\Installer\1e9b0.msi
Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\windows\Installer\90bb9.msi
ICA [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\13C209AAD94B8064CBFC5291BE7727D2]c:\windows\Installer\d5573c7.msi
Interlok driver setup x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\01C316522D72B01449B29D225D3C7AEB]C:\windows\Installer\bb16ab9.msi
IPM_VS_Pro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C598765A32D1DE84EB38BFE37D3D4024]c:\windows\Installer\d5573bf.msi
ISCOM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CF79886DD8E7948418A927B6429817C3]c:\windows\Installer\d5573c3.msi
iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EA2B394116202D741BAA4FAD0D6F4CB8]C:\windows\Installer\60c98ed.msi
Junk Mail filter update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E]C:\Windows\Installer\f59d.msi
[email protected] 1.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\777597D006D9296438682F3B2F5B5EFB]C:\windows\Installer\1e9a1.msi
Mesh Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6116D6C8427B0184F8D20D746E7B6DE8]C:\Windows\Installer\f62e.msi
MetaSync [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2954EB7A101E6084FBA98DC85F3E784E]C:\windows\Installer\3815eb2.msi
Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DFC90B5F2B0FFA63D84FD16F6BF37C4B]C:\windows\Installer\a38ef38.msi
Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C28643E881181F13CBC489DC69571E2C]C:\windows\Installer\aef2d63.msi
Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\f4f3.msi
Microsoft Office 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004159070000000000000000F01FEC]C:\Windows\Installer\f6e2.msi
Microsoft Office Access MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109510090400000000000F01FEC]C:\windows\Installer\14f3546.msi
Microsoft Office Access Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109711090400000000000F01FEC]C:\windows\Installer\14f354b.msi
Microsoft Office Excel MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109610090400000000000F01FEC]C:\windows\Installer\14f350e.msi
Microsoft Office Groove MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109AB0090400000000000F01FEC]C:\windows\Installer\14f3513.msi
Microsoft Office InfoPath MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109440090400000000000F01FEC]C:\windows\Installer\14f3540.msi
Microsoft Office Office 64-bit Components 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20000000100000000F01FEC]C:\windows\Installer\14f355b.msi
Microsoft Office OneNote MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000041091A0090400000000000F01FEC]C:\windows\Installer\14f353b.msi
Microsoft Office Outlook MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A10090400000000000F01FEC]C:\windows\Installer\14f3518.msi
Microsoft Office PowerPoint MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109810090400000000000F01FEC]C:\windows\Installer\14f3509.msi
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109110000000000000000F01FEC]C:\windows\Installer\14f3564.msi
Microsoft Office Proof (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F10090400000000000F01FEC]C:\windows\Installer\14f3531.msi
Microsoft Office Proof (French) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100C0400000000000F01FEC]C:\windows\Installer\14f352c.msi
Microsoft Office Proof (Spanish) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109F100A0C00000000000F01FEC]C:\windows\Installer\14f3527.msi
Microsoft Office Proofing (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109C20090400000000000F01FEC]C:\windows\Installer\14f3536.msi
Microsoft Office Publisher MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109910090400000000000F01FEC]C:\windows\Installer\14f3550.msi
Microsoft Office Shared 64-bit MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109A20090400100000000F01FEC]C:\windows\Installer\14f351d.msi
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109611090400100000000F01FEC]C:\windows\Installer\14f3522.msi
Microsoft Office Shared MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109E60090400000000000F01FEC]C:\windows\Installer\14f34ff.msi
Microsoft Office Shared Setup Metadata MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109511090400000000000F01FEC]C:\windows\Installer\14f3504.msi
Microsoft Office Word MUI (English) 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109B10090400000000000F01FEC]C:\windows\Installer\14f3555.msi
Microsoft Office XP Professional with FrontPage [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040820900063D11C8EF00054038389C]C:\windows\Installer\7c18881.msi
Microsoft Security Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\348B201EA68785F4FA57564075E002B7]c:\windows\Installer\2485113.msi
Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\windows\Installer\1684799.msi
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\f5de.msi
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D756077321A70C3E844C138CE981581]c:\windows\Installer\3370ae69.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\windows\Installer\6abbd.msi
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\windows\Installer\bb16ab3.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]c:\windows\Installer\d557383.msi
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\windows\Installer\558ba3e.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\10c19.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]c:\windows\Installer\1e9c0.msi
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\windows\Installer\559d21e.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\windows\Installer\3815e99.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\windows\Installer\1e9ba.msi
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\windows\Installer\559d224.msi
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D04BB691875110D32B98EBCF771AA1E1]c:\windows\Installer\7db88.msi
Microsoft_VC80_ATL_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8F7463F0D15ECCF48826A9D8C0A5FC52]C:\windows\Installer\17df739.msi
Microsoft_VC80_ATL_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B850D529A465A3444B2BE7096C34E255]C:\windows\Installer\17df740.msi
Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\windows\Installer\17df708.msi
Microsoft_VC80_CRT_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19DA96544F74E9D4F89C17E73CD2A71E]C:\windows\Installer\17df747.msi
Microsoft_VC80_MFC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\20B91A1DE71869244AB57058F37DD475]C:\windows\Installer\17df71d.msi
Microsoft_VC80_MFC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DAB1C8C6E456414DA70A3A83D56963C]C:\windows\Installer\17df755.msi
Microsoft_VC80_MFCLOC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BBB29DFF28DE24A8C3E460F249A47B]C:\windows\Installer\17df716.msi
Microsoft_VC80_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\811CF9E1D156439479EB5EC3EAC5D754]C:\windows\Installer\17df74e.msi
Microsoft_VC90_ATL_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E873E3303DA65DA4DBBEBC6DB91340C6]C:\windows\Installer\17df724.msi
Microsoft_VC90_ATL_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7937558D24AF684793B2ABC2C735239]C:\windows\Installer\17df75c.msi
Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\windows\Installer\17df70f.msi
Microsoft_VC90_CRT_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D0AC3A29DC55D5C4AB59C562002CF062]C:\windows\Installer\17df732.msi
Microsoft_VC90_MFC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B5DEF536D6C2EB94786EA7F6DC22CBA5]C:\windows\Installer\17df72b.msi
Microsoft_VC90_MFC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E9B274AFFA0B7F42BD56FF4E829A8BA]C:\windows\Installer\17df763.msi
Microsoft_VC90_MFCLOC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09683D6BE55704F43AA5328FCBB268CA]C:\windows\Installer\4d460018.msi
Microsoft_VC90_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0630FB09BD1A99546A3459BA095AC2E1]C:\windows\Installer\4d460045.msi
MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\f53b.msi
MSVCRT_amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52744B0D6663D294EB6F85A741DBB99D]C:\Windows\Installer\f5a1.msi
Native Instruments Abbey Road 60s Drums Vintage [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64AD632EDDE27904C84F44B4F49C2E62]C:\windows\Installer\28f347.msi
Native Instruments Controller Editor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B00968803F2BC2545B08061F52F3F708]C:\windows\Installer\d3836b.msi
Native Instruments Guitar Rig 5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6FC75D10CB5B30D4FA5F9706FCDB509A]C:\windows\Installer\28ec90.msi
Native Instruments Guitar Rig Elements for Maschine [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA023D9784187CB44BB9775B8D942E5A]C:\windows\Installer\28f353.msi
Native Instruments Komplete Elements Mk2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\285BB42800B4E1345A0B5CCDD40B329E]C:\windows\Installer\28f364.msi
Native Instruments Kontakt 5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B354255567BB3E5479D39FE554E87D08]C:\windows\Installer\28f333.msi
Native Instruments Kontakt Elements Selection R2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F107602EC31799740BC1FA421CC728E6]C:\windows\Installer\28f34d.msi
Native Instruments Maschine [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\44DFA6CF9FDE30A4BAE9615A93F12EF4]C:\windows\Installer\e5edc9.msi
Native Instruments Maschine Controller [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\28E3B762149C8D74CB3DB1BB5BF6BC6C]C:\windows\Installer\d38370.msi
Native Instruments Maschine Mikro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EDE9C029008b434A9252133A7C86952]C:\windows\Installer\d38375.msi
Native Instruments Reaktor 5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\83F5AE9E99261A54D9322F71921A3975]C:\windows\Installer\5798357.msi
Native Instruments Reaktor Elements Selection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D8ACF49D6B8A30F40BEA14B6BFA70FA6]C:\windows\Installer\28f359.msi
Native Instruments Reaktor Spark R2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\10EC40C88B7F169488B4C67EFEAFCD4D]C:\windows\Installer\28f35f.msi
Native Instruments Service Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB5658B05DAB23741B22F57DE8CF059A]C:\windows\Installer\5798340.msi
PDF Settings CS5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A79EF87A8C0CEC94980DDE5D421A3729]C:\windows\Installer\17df77d.msi
PlayReady PC Runtime amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4339ACB9C6B56F4A937CAA523A9D440]C:\Windows\Installer\10495.msi
PlayReady PC Runtime x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DAAE5ACC4F29A7B45BEE4192C466BA16]C:\Windows\Installer\f4cc.msi
PureHD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42CAF78BD379F4A4FA4C55F59BB523BD]c:\windows\Installer\d557391.msi
QuickTime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\50D24CD8B0860B148887C6412D6420BD]C:\windows\Installer\d5573cc.msi
ScorpionSaver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3A9F56B942D9A2546BFE41756DE52495]c:\windows\Installer\19d971.msi
Sentinel Protection Installer 7.4.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DE081A51CA0A0147B09E53091DCA039]C:\windows\Installer\3815ed1.msi
Setup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5FCB9D8DF5F0F3D44872467B36F239EB]c:\windows\Installer\d557387.msi
Share [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EBCE48B5DE668E44BBAFD643D2414F1]c:\windows\Installer\d5573ae.msi
Share64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A743BB85B8664E4F9CC716F71B29A1E]c:\windows\Installer\d5573aa.msi
SkypeT 6.10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E7FF67E4ABEA78C47B88DC745E24B5D9]C:\windows\Installer\37aa1.msi
SmartSound Common Data [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9682A8BAC035C04C98FDB37455EE78F]c:\windows\Installer\d5573d6.msi
SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF3AB8F29AF197246B6917A2BB210FF9]c:\windows\Installer\d5573db.msi
Toshiba App Place [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87ABC3DEF884C8E43BF3E8B34FDD4B2D]C:\windows\Installer\1e9c9.msi
Toshiba Book Place [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\44CD7C293DADEF948BB99FC2B69A3A13]C:\Windows\Installer\f4d2.msi
TOSHIBA Bulletin Board [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA81541CF0A193D4081196AB0AC13D08]C:\Windows\Installer\10c14.msi
TOSHIBA Disc Creator [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F20E0AD5B079B424FB1415A305814E0C]C:\windows\Installer\1e9ab.msi
TOSHIBA Face Recognition [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\545AF76F5E8D9024681BEA0E541D00F3]C:\windows\Installer\7db8d.msi
TOSHIBA HDD/SSD Alert [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8442234DFA6B61348B958D0A8ED4BC83]C:\Windows\Installer\10c0f.msi
TOSHIBA Media Controller Plug-in [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75FDF62FE3848C249A9CEE1EDE2B650E]C:\Windows\Installer\11b71.msi
Toshiba Online Backup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDCB75C9BC7D7643BABE7119961DC1C]C:\windows\Installer\1e9c4.msi
TOSHIBA ReelTime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21C118429A4FF0D448497A8BEF6421C3]C:\Windows\Installer\10c1e.msi
TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8FFFC660FB2109346A37579FE5FF81E8]C:\windows\Installer\7db92.msi
TOSHIBA Web Camera Application [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1098C3F63DBED074788FCA12F0E6E520]C:\windows\Installer\7db83.msi
TOSHIBA Wireless LAN Indicator [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CB9EDADCC2168B249B92C5A628E3F79F]C:\windows\Installer\1e997.msi
VIO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8048774C8623EC54EA5177D271931A1F]c:\windows\Installer\d55738c.msi
VSClassic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\236E09933C2452A4DAFF11103E6DDD74]c:\windows\Installer\d5573b7.msi
VSPro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BEB5210B1376AF3488AD6BD4B73DDAD2]c:\windows\Installer\d5573bb.msi
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\f550.msi
Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\032440EF5AC97F34B985A55C2AA8F133]C:\Windows\Installer\f677.msi
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26ABA8B10F47DE741BC84A13825E198B]C:\Windows\Installer\f4eb.msi
Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\f523.msi
Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E16A70DC95AC334CBDB2220F52A82B7]C:\Windows\Installer\f4f7.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E42866C3BBC1584BBF38EFC6D539032]C:\Windows\Installer\f6ac.msi
Windows Live Mail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A57765D93F393A44082948E08362ED03]C:\Windows\Installer\f5a5.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88119C0AF88C68E4396EDCC7A9626694]C:\Windows\Installer\f6dd.msi
Windows Live Mesh [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7BCDCEDCC85568419FA26F77989EF84]C:\Windows\Installer\f66f.msi
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14]C:\Windows\Installer\f6d9.msi
Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\55565908215A0914C9DA0B003CD6B6B6]C:\Windows\Installer\f693.msi
Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\884FD4BEFEAAF6043A14BCA2AA13B509]C:\Windows\Installer\f585.msi
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E08F45ADC1622A148A5545A941F4F295]C:\Windows\Installer\f4fb.msi
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4314AE291D01A814191EA5403531A183]C:\Windows\Installer\f613.msi
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7F80AB91827CC964A853FBDB6333EB80]C:\Windows\Installer\f6c6.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\775F634D5961F2D4B844CA679CE90020]C:\Windows\Installer\f684.msi
Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\f564.msi
Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A9D4F432C248434EB4F5E358C54947E]C:\Windows\Installer\f6b6.msi
Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\766F6333940964D4896BC447E3BE5C1B]C:\Windows\Installer\f5e2.msi
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\f560.msi
Windows Live Remote Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A889D6FD0AEE7724AA8B51E880E634B9]C:\Windows\Installer\f504.msi
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2350B7483E55FAA4D8B73E1A7ADC715E]C:\Windows\Installer\f508.msi
Windows Live Remote Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8456A20EEDF62E04E89D11D9D7E746F1]C:\Windows\Installer\f4ef.msi
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EDEED656CA6FAC745A861A4B3EB47506]C:\Windows\Installer\f50c.msi
Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\f547.msi
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\f543.msi
Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\f510.msi
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A4869755DDD3AC4E98AB77E9D95D34B]C:\Windows\Installer\f673.msi
Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\076CFAAAB965F2A4284B2449E5D03EFE]C:\Windows\Installer\f5c0.msi
Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60EA627A3AAA1D34783E075F0113F440]C:\Windows\Installer\f621.msi
Windows Live Writer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CF454FAAAC2892F4BA13A60149587EE6]C:\Windows\Installer\f6d0.msi
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EEDB8CDDCACDD4042875E3D8B4874276]C:\Windows\Installer\f6a2.msi
Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D00C83EB86A81348A6A7F4D5B1BFDE0]C:\windows\Installer\d5573d2.msi

==== Possible Rootkit Infection ======================

C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Desktop\Install

==== Installed Programs ======================

Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Photoshop CS5.1
Adobe Reader X MUI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASIO4ALL
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Audacity 2.0
AudioBox USB driver
avast Free Antivirus
Avid Audio Drivers (x64)
Avid EDL Manager
Avid FilmScribe
Avid Log Exchange
Avid Media Composer
Avid MediaLog
Bejeweled 3
Chuzzle Deluxe
Common
Conexant HD Audio
Contents
Corel VideoStudio Pro X4
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceIO
Digidesign Audio Drivers 8.0
Digidesign Pro Tools Creative Collection 8.0
Digidesign Pro Tools LE 8.0
ERUNT 1.1j
FATE - The Traitor Soul
FL Studio 10
Free DigiRack Plug-Ins 8.0
Free Mp3 Wma Converter V 2.2
Google Chrome
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GTA San Andreas
ICA
IL Download Manager
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Interlok driver setup x64
IPM_VS_Pro
ISCOM
iTunes
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
[email protected] 1.0
LAME v3.99.3 (for Windows)
Magic ISO Maker v5.5 (build 0265)
Mesh Runtime
MetaSync
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office XP Professional with FrontPage
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
More Games - WildTangent
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Native Instruments Abbey Road 60s Drums Vintage
Native Instruments Controller Editor
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig Elements for Maschine
Native Instruments Komplete Elements Mk2
Native Instruments Kontakt 5
Native Instruments Kontakt Elements Selection R2
Native Instruments Maschine
Native Instruments Maschine Controller
Native Instruments Maschine Mikro
Native Instruments Reaktor 5
Native Instruments Reaktor Elements Selection
Native Instruments Reaktor Spark R2
Native Instruments Service Center
PDF Settings CS5
Penguins
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Polar Bowler
PowerISO
PreSonus Studio One 2 x64
PureHD
QuickTime
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Reason 5.0
ScorpionSaver
Screwlab Pro
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Sentinel Protection Installer 7.4.0
Setup
Share
Share64
Skype Launcher
SkypeT 6.10
SmartSound Common Data
SmartSound Quicktracks 5
Synaptics Pointing Device Driver
Tom Clancy's Splinter Cell
Toshiba App Place
TOSHIBA Application Installer
TOSHIBA Assist
Toshiba Book Place
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Laptop Checkup
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
Toshiba Online Backup
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
ToshibaRegistration
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update Installer for WildTangent Games App
Updater
VIO
VirtualDJ LE Lite (DJ2GO)
VSClassic
VSPro
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
WinRAR 4.00 (64-bit)
Yahoo Software Update
Yahoo Toolbar
Zuma's Revenge

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Yahoo\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe

==== Batch Command(s) Run By Tool======================


==== System Specs ======================

Operating System: Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 64-bit
Manufacturer: TOSHIBA - Model: Satellite C655
Install Date: 12/12/2011 8:32:59 PM
Last Boot: 11/24/2013 9:03:45 AM
Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Number of Processors: 4
Work Station
Bootmode: Normal boot
Total RAM: 4043 MB (free 2500 MB - 61)
Computername: DANTHEMAN-PC
Domain: WORKGROUP
User: DanTheMan (Administrator account)
Local Disk: C:\ - NTFS - 452 GB (free 266 GB)
CD \ DVD Drive: D:\
Removable Disk: E:\ - FAT - 0 GB (free 0 GB)
Bootdevice: \Device\HarddiskVolume1
Windows update:
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Firefox 16.0.2
Internet Explorer Version: 11.0.9600.16428
Mozilla Firefox version: 16.0.2 (x86 en-US)
Google Chrome version: 30.0.1599.101
Adobe Reader version: 10.0.0.396
Flash Player version: 11.9.900.152

==== Files Recently Created / Modified ======================

====== C:\windows ====
2013-11-22 23:34:01 466094E637732A9834710230CF700DC4 43152 ----a-w- C:\windows\avastSS.scr
====== C:\Users\DANTHE~1\AppData\Local\Temp ====
2013-11-23 15:11:13 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-11-23 13:47:22 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\SmiProvider.dll
2013-11-23 13:47:22 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\WimProvider.dll
2013-11-23 13:47:22 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\OSProvider.dll
2013-11-23 13:47:22 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\FolderProvider.dll
2013-11-23 13:47:22 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\IntlProvider.dll
2013-11-23 13:47:22 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\UnattendProvider.dll
2013-11-23 13:47:22 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\wdscore.dll
2013-11-23 13:47:22 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\TransmogProvider.dll
2013-11-23 13:47:22 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\MsiProvider.dll
2013-11-23 13:47:21 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DmiProvider.dll
2013-11-23 13:47:21 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DismCore.dll
2013-11-23 13:47:21 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\CbsProvider.dll
2013-11-23 13:47:21 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DismHost.exe
2013-11-23 13:47:21 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DismProv.dll
2013-11-23 13:47:21 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\CompatProvider.dll
2013-11-23 13:47:21 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DismCorePS.dll
2013-11-23 13:45:49 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\SmiProvider.dll
2013-11-23 13:45:49 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DmiProvider.dll
2013-11-23 13:45:49 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\WimProvider.dll
2013-11-23 13:45:49 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DismCore.dll
2013-11-23 13:45:49 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\CbsProvider.dll
2013-11-23 13:45:49 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\OSProvider.dll
2013-11-23 13:45:49 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\FolderProvider.dll
2013-11-23 13:45:49 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\IntlProvider.dll
2013-11-23 13:45:49 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DismHost.exe
2013-11-23 13:45:49 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\UnattendProvider.dll
2013-11-23 13:45:49 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DismProv.dll
2013-11-23 13:45:49 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\wdscore.dll
2013-11-23 13:45:49 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\TransmogProvider.dll
2013-11-23 13:45:49 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\CompatProvider.dll
2013-11-23 13:45:49 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DismCorePS.dll
2013-11-23 13:45:49 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\MsiProvider.dll
2013-11-23 13:43:47 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\SmiProvider.dll
2013-11-23 13:43:47 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DmiProvider.dll
2013-11-23 13:43:47 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\WimProvider.dll
2013-11-23 13:43:47 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DismCore.dll
2013-11-23 13:43:47 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\CbsProvider.dll
2013-11-23 13:43:47 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\OSProvider.dll
2013-11-23 13:43:47 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\FolderProvider.dll
2013-11-23 13:43:47 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\IntlProvider.dll
2013-11-23 13:43:47 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DismHost.exe
2013-11-23 13:43:47 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\UnattendProvider.dll
2013-11-23 13:43:47 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DismProv.dll
2013-11-23 13:43:47 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\wdscore.dll
2013-11-23 13:43:47 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\TransmogProvider.dll
2013-11-23 13:43:47 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\CompatProvider.dll
2013-11-23 13:43:47 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DismCorePS.dll
2013-11-23 13:43:47 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\MsiProvider.dll
2013-11-23 13:35:23 FE447D1CD38CECAC2331FA932078D9A0 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\SmiProvider.dll
2013-11-23 13:35:23 FC00A05639494779002682A9B965EF9C 471040 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\WimProvider.dll
2013-11-23 13:35:23 8D3855B133E21143E8B4BFADB9FB14A3 302080 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\UnattendProvider.dll
2013-11-23 13:35:23 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\wdscore.dll
2013-11-23 13:35:23 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\TransmogProvider.dll
2013-11-23 13:35:22 FC2DB5842190C6E78A40CD7DA483B27C 435712 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DmiProvider.dll
2013-11-23 13:35:22 F2B0771A7CD27F20689E0AB787B7EB7C 289792 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DismCore.dll
2013-11-23 13:35:22 EFCB002ABC3529D71B61E6FB6434566C 762368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\CbsProvider.dll
2013-11-23 13:35:22 E7CAED467F80B29F4E63BA493614DBB1 127488 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\OSProvider.dll
2013-11-23 13:35:22 C9D74156913061BE6C51D8FC3ACF8E93 53760 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\FolderProvider.dll
2013-11-23 13:35:22 BBB9E4FA2561F6A6E5CCF25DA069AC1B 313344 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\IntlProvider.dll
2013-11-23 13:35:22 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DismHost.exe
2013-11-23 13:35:22 8CA117CB9338C0351236939717CB7084 186368 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DismProv.dll
2013-11-23 13:35:22 6A4BD682396F29FD7DF5AB389509B950 183296 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\CompatProvider.dll
2013-11-23 13:35:22 5488E381238FF19687FDD7AB2F44CFCC 111616 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DismCorePS.dll
2013-11-23 13:35:22 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\MsiProvider.dll
2013-11-22 21:05:40 CCD2BEE763D25AB30D3A5CEE702CF7D8 761504 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\McInstallerStartup.dll
2013-11-22 21:05:40 AAB3889BCA9A1A4FBEA37F4BDBF02155 153280 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\McInstallerRes_LD.dll
2013-11-22 21:05:40 883DCE2103820031FCD450C8199914A4 264008 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\McInstallerRes.dll
2013-11-22 21:05:40 55ED435133E38C699D367FB10CD03147 644656 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\McUICnt.exe
2013-11-22 21:05:40 2FBB1819B94F57AA7519F4F1959C99E9 565328 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\mcbrwsr2.dll
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2013-11-22 22:41:44 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\windows\SysWOW64\elshyph.dll
2013-11-22 22:41:34 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-22 22:41:34 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\windows\SysWOW64\mshtml.dll
2013-11-22 22:41:34 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\windows\SysWOW64\ieuinit.inf
2013-11-22 22:41:34 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\windows\SysWOW64\ieui.dll
2013-11-22 22:41:34 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\windows\SysWOW64\inseng.dll
2013-11-22 22:41:34 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\windows\SysWOW64\html.iec
2013-11-22 22:41:34 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\windows\SysWOW64\url.dll
2013-11-22 22:41:34 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\windows\SysWOW64\dxtmsft.dll
2013-11-22 22:41:34 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-22 22:41:34 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\windows\SysWOW64\ieapfltr.dat
2013-11-22 22:41:34 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\windows\SysWOW64\iesetup.dll
2013-11-22 22:41:34 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\windows\SysWOW64\iertutil.dll
2013-11-22 22:41:34 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\windows\SysWOW64\wininet.dll
2013-11-22 22:41:34 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\windows\SysWOW64\licmgr10.dll
2013-11-22 22:41:34 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\windows\SysWOW64\tdc.ocx
2013-11-22 22:41:34 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\windows\SysWOW64\jsIntl.dll
2013-11-22 22:41:34 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\windows\SysWOW64\iexpress.exe
2013-11-22 22:41:34 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\windows\SysWOW64\inetcpl.cpl
2013-11-22 22:41:34 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\windows\SysWOW64\msfeeds.dll
2013-11-22 22:41:34 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\windows\SysWOW64\wextract.exe
2013-11-22 22:41:34 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\windows\SysWOW64\vbscript.dll
2013-11-22 22:41:34 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\windows\SysWOW64\iedkcs32.dll
2013-11-22 22:41:34 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\windows\SysWOW64\mshtmled.dll
2013-11-22 22:41:34 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\windows\SysWOW64\iernonce.dll
2013-11-22 22:41:34 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\windows\SysWOW64\icardie.dll
2013-11-22 22:41:34 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\windows\SysWOW64\pngfilt.dll
2013-11-22 22:41:34 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\windows\SysWOW64\jsproxy.dll
2013-11-22 22:41:34 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\windows\SysWOW64\msrating.dll
2013-11-22 22:41:34 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\windows\SysWOW64\ieapfltr.dll
2013-11-22 22:41:34 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\windows\SysWOW64\urlmon.dll
2013-11-22 22:41:34 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\windows\SysWOW64\mshtmlmedia.dll
2013-11-22 22:41:34 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\windows\SysWOW64\msls31.dll
2013-11-22 22:41:34 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\windows\SysWOW64\ieframe.dll
2013-11-22 22:41:34 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\windows\SysWOW64\dxtrans.dll
2013-11-22 22:41:34 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\windows\SysWOW64\webcheck.dll
2013-11-22 22:41:33 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\windows\SysWOW64\ieUnatt.exe
2013-11-22 22:41:33 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\windows\SysWOW64\IEAdvpack.dll
2013-11-22 22:41:33 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\windows\SysWOW64\mshtml.tlb
2013-11-22 22:41:33 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\windows\SysWOW64\mshtmler.dll
2013-11-22 22:41:33 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\windows\SysWOW64\jscript9.dll
2013-11-22 22:41:33 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\windows\SysWOW64\mshta.exe
2013-11-22 22:41:33 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\windows\SysWOW64\SetIEInstalledDate.exe
2013-11-22 22:41:33 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\windows\SysWOW64\iesysprep.dll
2013-11-22 22:41:33 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\windows\SysWOW64\jscript9diag.dll
2013-11-22 22:41:33 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\windows\SysWOW64\jscript.dll
2013-11-22 22:41:33 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\windows\SysWOW64\imgutil.dll
2013-11-22 22:41:33 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\windows\SysWOW64\MshtmlDac.dll
2013-11-22 22:41:33 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\windows\SysWOW64\msfeedsbs.dll
2013-11-22 22:41:33 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\windows\SysWOW64\msfeedssync.exe
2013-11-22 22:41:33 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\windows\SysWOW64\ieetwproxystub.dll
2013-11-22 22:41:33 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\windows\SysWOW64\iepeers.dll
2013-11-22 22:41:33 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\windows\SysWOW64\occache.dll
2013-11-22 20:42:50 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\windows\SysWOW64\crypt32.dll
2013-11-22 20:42:32 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\windows\SysWOW64\authui.dll
2013-11-22 20:42:32 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\windows\SysWOW64\credui.dll
2013-11-22 20:42:32 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-22 20:42:25 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\windows\SysWOW64\ncrypt.dll
2013-11-22 20:42:25 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\windows\SysWOW64\schannel.dll
2013-11-22 20:42:25 42B924C5F3924C1EB2539F22C10D7DF1 96768 ----a-w- C:\windows\SysWOW64\sspicli.dll
2013-11-22 20:42:25 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\windows\SysWOW64\secur32.dll
2013-11-22 20:42:20 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-22 20:42:20 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\windows\SysWOW64\nshwfp.dll
2013-11-22 20:42:20 56E3313690866F99CD17AA1342F64AE1 311808 ----a-w- C:\windows\SysWOW64\gdi32.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2013-11-22 23:34:06 FD6FE2728F8747C6A15E2650958037C3 334648 ----a-w- C:\windows\Sysnative\aswBoot.exe
2013-11-22 22:46:17 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\windows\Sysnative\IEUDINIT.EXE
2013-11-22 22:41:44 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\windows\Sysnative\MsSpellCheckingFacility.exe
2013-11-22 22:41:34 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\windows\Sysnative\elshyph.dll
2013-11-22 22:41:33 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\windows\Sysnative\occache.dll
2013-11-22 22:41:33 FB9459892AF2AD60BDA98F820C1A28C3 708608 ----a-w- C:\windows\Sysnative\jscript9diag.dll
2013-11-22 22:41:33 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\windows\Sysnative\ieuinit.inf
2013-11-22 22:41:33 F34C20D099CF94A606A2B5B0C668B570 4096 ----a-w- C:\windows\Sysnative\ieetwcollectorres.dll
2013-11-22 22:41:33 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\windows\Sysnative\webcheck.dll
2013-11-22 22:41:33 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\windows\Sysnative\mshtmlmedia.dll
2013-11-22 22:41:33 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\windows\Sysnative\ieUnatt.exe
2013-11-22 22:41:33 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\windows\Sysnative\pngfilt.dll
2013-11-22 22:41:33 E6CB36B85BE59095337427E853A5B65A 2332160 ----a-w- C:\windows\Sysnative\wininet.dll
2013-11-22 22:41:33 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\windows\Sysnative\msfeedssync.exe
2013-11-22 22:41:33 E36FDC470352C8F351F31959619CADD8 66048 ----a-w- C:\windows\Sysnative\iesetup.dll
2013-11-22 22:41:33 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\windows\Sysnative\JavaScriptCollectionAgent.dll
2013-11-22 22:41:33 D36A88D22B843C3812B501434E5A67A0 817664 ----a-w- C:\windows\Sysnative\ieapfltr.dll
2013-11-22 22:41:33 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\windows\Sysnative\IEAdvpack.dll
2013-11-22 22:41:33 D233E1A32CE6AF918C9DE1BC44AFEB2A 23212032 ----a-w- C:\windows\Sysnative\mshtml.dll
2013-11-22 22:41:33 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\windows\Sysnative\tdc.ocx
2013-11-22 22:41:33 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\windows\Sysnative\msfeeds.dll
2013-11-22 22:41:33 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\windows\Sysnative\url.dll
2013-11-22 22:41:33 C70F72684CDCF9BB142F50F98BB1DD9C 574976 ----a-w- C:\windows\Sysnative\ieui.dll
2013-11-22 22:41:33 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\windows\Sysnative\dxtmsft.dll
2013-11-22 22:41:33 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\windows\Sysnative\ieapfltr.dat
2013-11-22 22:41:33 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\windows\Sysnative\jscript.dll
2013-11-22 22:41:33 B99C7CC6ED6917E3035A12171F40D240 5765120 ----a-w- C:\windows\Sysnative\jscript9.dll
2013-11-22 22:41:33 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\windows\Sysnative\imgutil.dll
2013-11-22 22:41:33 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\windows\Sysnative\vbscript.dll
2013-11-22 22:41:33 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\windows\Sysnative\MshtmlDac.dll
2013-11-22 22:41:33 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\windows\Sysnative\licmgr10.dll
2013-11-22 22:41:33 95951E6A277F78FA13A85F2F408F4C0B 12995584 ----a-w- C:\windows\Sysnative\ieframe.dll
2013-11-22 22:41:33 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\windows\Sysnative\mshta.exe
2013-11-22 22:41:33 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\windows\Sysnative\iedkcs32.dll
2013-11-22 22:41:33 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\windows\Sysnative\jsIntl.dll
2013-11-22 22:41:33 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\windows\Sysnative\mshtmled.dll
2013-11-22 22:41:33 612DC699EBF0AA1AAA065898D33B553A 1993728 ----a-w- C:\windows\Sysnative\inetcpl.cpl
2013-11-22 22:41:33 5FAC15F872026BBC31C11D3A32B84624 33792 ----a-w- C:\windows\Sysnative\iernonce.dll
2013-11-22 22:41:33 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\windows\Sysnative\msrating.dll
2013-11-22 22:41:33 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\windows\Sysnative\inseng.dll
2013-11-22 22:41:33 5A54ED24D5D42102A64904809215E0DC 2724864 ----a-w- C:\windows\Sysnative\mshtml.tlb
2013-11-22 22:41:33 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\windows\Sysnative\SetIEInstalledDate.exe
2013-11-22 22:41:33 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\windows\Sysnative\iexpress.exe
2013-11-22 22:41:33 45152BA21450811F4619C9C1790E7353 48640 ----a-w- C:\windows\Sysnative\ieetwproxystub.dll
2013-11-22 22:41:33 43D9CE875F8FC8370C6BA2F74D50D01C 1394176 ----a-w- C:\windows\Sysnative\urlmon.dll
2013-11-22 22:41:33 4399857346DD183683332921500046B1 86016 ----a-w- C:\windows\Sysnative\RegisterIEPKEYs.exe
2013-11-22 22:41:33 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\windows\Sysnative\ieetwcollector.exe
2013-11-22 22:41:33 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\windows\Sysnative\html.iec
2013-11-22 22:41:33 3168FA85740503BAE77DB821CB3EE4FB 53760 ----a-w- C:\windows\Sysnative\jsproxy.dll
2013-11-22 22:41:33 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\windows\Sysnative\msls31.dll
2013-11-22 22:41:33 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\windows\Sysnative\mshtmler.dll
2013-11-22 22:41:33 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\windows\Sysnative\iepeers.dll
2013-11-22 22:41:33 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\windows\Sysnative\wextract.exe
2013-11-22 22:41:33 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\windows\Sysnative\iesysprep.dll
2013-11-22 22:41:33 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\windows\Sysnative\icardie.dll
2013-11-22 22:41:33 092F3E7D054FDF779054E29A0A0D4267 2764288 ----a-w- C:\windows\Sysnative\iertutil.dll
2013-11-22 22:41:33 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\windows\Sysnative\ie4uinit.exe
2013-11-22 22:41:33 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\windows\Sysnative\msfeedsbs.dll
2013-11-22 22:41:33 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\windows\Sysnative\dxtrans.dll
2013-11-22 22:07:28 971BCACC7310DB7B8373F6D6DD5B956F 82896128 ----a-w- C:\windows\Sysnative\MRT.exe
2013-11-22 20:42:52 780F6ECC4F55D76C9730E6B6C9B31913 1474048 ----a-w- C:\windows\Sysnative\crypt32.dll
2013-11-22 20:42:32 8563BA40DF4F1E93A61B70E2C8B60CF8 190464 ----a-w- C:\windows\Sysnative\SmartcardCredentialProvider.dll
2013-11-22 20:42:32 4403D5ECE7D8323CAF1207D1AA38FA01 197120 ----a-w- C:\windows\Sysnative\credui.dll
2013-11-22 20:42:32 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\windows\Sysnative\authui.dll
2013-11-22 20:42:25 B08EA91C774AA734E0B9881F85CD9F42 135680 ----a-w- C:\windows\Sysnative\sspicli.dll
2013-11-22 20:42:25 7C46EC9CCDE6E793713FA01DB2EB918E 28672 ----a-w- C:\windows\Sysnative\sspisrv.dll
2013-11-22 20:42:25 747B9BA5412422F27934CB21131F0A3E 307200 ----a-w- C:\windows\Sysnative\ncrypt.dll
2013-11-22 20:42:25 4D71227301DD8D09097B9E4CC6527E5A 30720 ----a-w- C:\windows\Sysnative\lsass.exe
2013-11-22 20:42:25 31FFED18C7B836CEC1B559347E32E151 340992 ----a-w- C:\windows\Sysnative\schannel.dll
2013-11-22 20:42:25 208EAAFF40DA400190AA0605C797BEA2 28160 ----a-w- C:\windows\Sysnative\secur32.dll
2013-11-22 20:42:25 086F906B1D30C0A5D35FE0F6362DAB21 1447936 ----a-w- C:\windows\Sysnative\lsasrv.dll
2013-11-22 20:42:20 D07EB640618F96490DB88C3CE58DB608 324096 ----a-w- C:\windows\Sysnative\FWPUCLNT.DLL
2013-11-22 20:42:20 660C06F663F27760F565FD567B57625C 830464 ----a-w- C:\windows\Sysnative\nshwfp.dll
2013-11-22 20:42:20 56325BB1FF19F2A5AC8713756AC41140 404480 ----a-w- C:\windows\Sysnative\gdi32.dll
2013-11-22 20:42:20 344789398EC3EE5A4E00C52B31847946 859648 ----a-w- C:\windows\Sysnative\IKEEXT.DLL
====== C:\windows\Sysnative\drivers =====
2013-11-22 23:34:13 6FFECAE6A7BF190D4A3D7AFA6D7B5478 65264 ----a-w- C:\windows\Sysnative\drivers\aswTdi.sys
2013-11-22 23:34:13 59787B95DD9CA44CB139D96863438587 205320 ----a-w- C:\windows\Sysnative\drivers\aswVmm.sys
2013-11-22 23:34:12 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\windows\Sysnative\drivers\aswRvrt.sys
2013-11-22 23:34:12 79ADA401A6E2054F110E7FBDFAC71942 409832 ----a-w- C:\windows\Sysnative\drivers\aswSP.sys
2013-11-22 23:34:12 5C49AB607897C94E123EC8364FF4BF61 84328 ----a-w- C:\windows\Sysnative\drivers\aswMonFlt.sys
2013-11-22 23:34:12 1BA60C77EB3CDB6129DAD25BAF675F43 1032416 ----a-w- C:\windows\Sysnative\drivers\aswSnx.sys
2013-11-22 23:34:11 9F34AA1124EEA112E49E48258B1D6394 38984 ----a-w- C:\windows\Sysnative\drivers\aswFsBlk.sys
2013-11-22 23:34:10 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\windows\Sysnative\drivers\aswRdr2.sys
2013-11-22 20:42:35 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\windows\Sysnative\drivers\afd.sys
2013-11-22 20:42:25 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\windows\Sysnative\drivers\cng.sys
2013-11-22 20:42:25 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\windows\Sysnative\drivers\ksecdd.sys
2013-11-22 20:42:25 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys
2013-11-07 18:12:39 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\windows\Sysnative\drivers\usbport.sys
2013-11-07 18:12:39 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\windows\Sysnative\drivers\usbccgp.sys
2013-11-07 18:12:39 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\windows\Sysnative\drivers\usbuhci.sys
2013-11-07 18:12:39 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\windows\Sysnative\drivers\usbohci.sys
2013-11-07 18:12:39 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\windows\Sysnative\drivers\usbd.sys
2013-11-07 18:12:39 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\windows\Sysnative\drivers\usbehci.sys
2013-11-07 18:12:39 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\windows\Sysnative\drivers\usbhub.sys
2013-11-07 04:42:04 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\windows\Sysnative\drivers\ataport.sys
2013-11-07 04:41:47 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\windows\Sysnative\drivers\Wdf01000.sys
2013-11-07 04:41:42 B0435098C81D04CAFFF80DDB746CD3A2 109824 ----a-w- C:\windows\Sysnative\drivers\USBAUDIO.sys
2013-11-07 04:41:42 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\windows\Sysnative\drivers\usbcir.sys
2013-11-07 04:41:42 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\windows\Sysnative\drivers\usbvideo.sys
2013-11-07 04:41:40 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\windows\Sysnative\drivers\hidparse.sys
2013-11-07 04:41:40 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\windows\Sysnative\drivers\hidclass.sys
2013-11-07 04:41:37 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\windows\Sysnative\drivers\mrxdav.sys
2013-11-07 04:41:35 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\windows\Sysnative\drivers\tcpip.sys
2013-11-07 04:40:51 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\windows\Sysnative\drivers\dxgkrnl.sys
====== C:\windows\Tasks ======
2013-11-22 23:34:23 5F90442C32B52974E192643DA9D4AFB5 4182 ----a-w- C:\windows\Sysnative\Tasks\avast! Emergency Update
====== C:\windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-11-24 15:00:25 -------- d-----w- C:\PROGRA~2\ERUNT
2013-11-07 04:01:39 50053120 ----a-w- C:\PROGRA~2\GUT976B.tmp
2013-11-07 04:01:39 -------- d-----w- C:\PROGRA~2\GUM975A.tmp
======= C: =====
2013-11-24 15:20:38 0B86CDF0CC6E646993EC8E39EBA534B7 81 ----a-w- C:\folders.txt
====== C:\Users\DanTheMan\AppData\Roaming ======
2013-11-22 20:23:44 -------- d-----w- C:\Users\DanTheMan\AppData\Local\Programs
====== C:\Users\DanTheMan ======
2013-11-24 15:00:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2013-11-22 23:34:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

====== C: exe-files ==
2013-11-23 15:11:13 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2013-11-23 13:47:21 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\DB8E076A-540B-4DE3-BEF8-4B088EFCBA4A\DismHost.exe
2013-11-23 13:45:49 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\A8864014-C709-4B9A-8AA5-9CF03C8C88D2\DismHost.exe
2013-11-23 13:43:47 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\96F91755-D6C6-4FD6-AB9F-AC2A65FA7FC0\DismHost.exe
2013-11-23 13:35:22 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\398345A7-65CC-4F1B-B75C-449ADCB1912B\DismHost.exe
2013-11-22 22:52:30 D22D719495F23E38805BBEA5DF434ABB 743704 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FON2IW7\AA_v3.exe
2013-11-22 22:45:34 404D42FF39F526AD5EF4A17B519C79EE 33985 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT13UO1H\updater[2].exe
2013-11-22 22:45:30 959090604BCE0982AB4C2911E44D75E0 553968 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U23PKPEQ\SLC_20131120[1].exe
2013-11-22 22:45:28 CBF4B4BD1F269D7E6FAE5082086585F2 1271591 ----a-w- C:\FRST\Quarantine\Updater\Uninstall.exe
2013-11-22 22:44:49 1B88B1634234216E8A13ED0D67812A16 79216 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JT13UO1H\spstub[1].exe
2013-11-22 22:44:46 0A943482B4C42C57D54375C9755173B3 770918 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U23PKPEQ\SocPriv_adk7[1].exe
2013-11-22 22:44:15 F39CFE48CE4B9E9B733E27A2CA09BE5C 508928 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U23PKPEQ\D2M-Precheck[1].exe
2013-11-22 22:41:34 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2013-11-22 22:41:34 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2013-11-22 22:41:34 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2013-11-22 22:41:33 D68007F924B9F387AA7C76F48D0A260A 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-11-22 22:41:33 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
2013-11-22 22:41:33 70D721CC971A9EFFCF7845CEFBB02704 480256 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-11-22 22:41:33 41F922D6A794C0F8425C8436D7077C84 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2013-11-22 22:41:33 0685765C0CBE095BA0C6C8790BAE21EF 804560 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-11-22 21:05:40 55ED435133E38C699D367FB10CD03147 644656 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\MSS\3.8.130.8\McUICnt.exe
2013-11-22 20:44:38 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U23PKPEQ\OTL.exe
2013-11-22 12:26:26 CFFFEC5CCE647375CD55B8984895DA31 594461 ----a-w- C:\FRST\Quarantine\sp\sp.exe
2013-11-20 04:29:22 7960A33EF6CE9EF9EC76E4737AE05944 481656 ----a-w- C:\FRST\Quarantine\Updater\updater.exe
2013-11-20 04:29:22 0ACCC413978646BEF62E5566D166C8CC 426872 ----a-w- C:\FRST\Quarantine\RHelpers\IeHelper\IeHelper.exe
2013-11-20 04:29:22 0ACCC413978646BEF62E5566D166C8CC 426872 ----a-w- C:\FRST\Quarantine\RHelpers\FirefoxHelper\FirefoxHelper.exe
2013-11-20 04:29:22 0ACCC413978646BEF62E5566D166C8CC 426872 ----a-w- C:\FRST\Quarantine\RHelpers\ChromeHelper\ChromeHelper.exe
2013-11-20 04:26:46 9A4720207306B2A54C59308BFBE8E5BE 513400 ----a-w- C:\FRST\Quarantine\TubeDimmer\Uninstall.exe
=== C: other files ==
2013-11-23 15:11:09 87458834C37183459AA6F19EF5E06533 9099 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\runvalues.bat
2013-11-23 15:11:09 372EA6F783198102CF5779072EE78C79 24751 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\searchlnk.bat
2013-11-23 15:11:09 1FBF882AA934A741530741FC134872A3 1243 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\TDL4.bat
2013-11-23 15:11:08 CC6C23C02BE66014AD87F2678BBB3A1D 8117 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\modules.bat
2013-11-23 15:11:08 C4A5476A9D54B400F1623A2EE7DDA5C5 13955 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\chrome.bat
2013-11-23 15:11:08 BAD6C67C870CC81C48DBA53089929884 153331 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\firefox.bat
2013-11-23 15:11:08 B964B792D3692699CD7D4FDB63EE470E 1239 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\FWPolicy.bat
2013-11-23 15:11:08 B8AF52799C6359D40228B006C1432C57 16063 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\get.bat
2013-11-23 15:11:08 B45931E5313CB14CAA0F2BC3DA30E6FC 29648 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\ask.bat
2013-11-23 15:11:08 80D02380F1AC33E459324B088392A1EC 732 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\ev_clear.bat
2013-11-23 15:11:08 75C9C20DD9839BF287B43B0E179822DC 31414 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\iexplore.bat
2013-11-23 15:11:08 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\delorphans.bat
2013-11-23 15:11:08 58605DA3492FB918D3D40B1FB88046AE 39471 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\prelim.bat
2013-11-23 15:11:08 504CA0FC8BE3A47ECE89CEC2E5B21E67 10261 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\JRT.bat
2013-11-23 15:11:08 14D6EE8B672684E2232FB430D8C4A928 18668 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\medfos.bat
2013-11-23 15:11:08 0768E560CCD86C18F35FAD29DCEA7B80 1820 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\delfolders.bat
2013-11-23 15:11:08 006F09DF7EB9E9E61935F16AF2B6DC71 150291 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\jrt\misc.bat
2013-11-23 14:37:16 0ABED3A9FD8A4F098BD324765B76BCB2 77 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\utt3D1A.tmp.bat
2013-11-22 23:34:13 6FFECAE6A7BF190D4A3D7AFA6D7B5478 65264 ----a-w- C:\Windows\System32\drivers\aswTdi.sys
2013-11-22 23:34:13 59787B95DD9CA44CB139D96863438587 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-22 23:34:12 C04F7B373881009D7994D9BF55D24AB4 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-22 23:34:12 79ADA401A6E2054F110E7FBDFAC71942 409832 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2013-11-22 23:34:12 5C49AB607897C94E123EC8364FF4BF61 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-22 23:34:12 1BA60C77EB3CDB6129DAD25BAF675F43 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-22 23:34:11 9F34AA1124EEA112E49E48258B1D6394 38984 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys
2013-11-22 23:34:10 679712B7A353EE665B9301592164A172 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-22 21:57:28 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\DanTheMan\AppData\Local\Temp\{17BEA112-3ECD-4192-87E2-5B9F37851F1F}.bat
2013-11-22 20:42:35 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-11-22 20:42:25 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-22 20:42:25 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-11-22 20:42:25 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Updater"="C:\ProgramData\Updater\updater.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t"
"TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
"TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "
"TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
"TosNC"="%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe "
"TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeBridge"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Bridge CS5.1\\Bridge.exe\" -stealth"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5.5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackgroundContainer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BackgroundContainer"
"hkey"="HKCU"
"command"="\"C:\\windows\\SysWOW64\\Rundll32.exe\" \"C:\\Users\\DanTheMan\\AppData\\Local\\Conduit\\BackgroundContainer\\BackgroundContainer.dll\",DllRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DATAMNGR"
"hkey"="HKLM"
"command"="C:\\PROGRA~2\\SEARCH~1\\Datamngr\\DATAMN~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DigidesignMMERefresh]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DigidesignMMERefresh"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Digidesign\\Drivers\\MMERefresh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\DanTheMan\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NortonOnlineBackupReminder]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NortonOnlineBackupReminder"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Toshiba\\Toshiba Online Backup\\Activation\\TOBuActivation.exe\" UNATTENDED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PWRISOVM.EXE]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PWRISOVM.EXE"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\PowerISO\\PWRISOVM.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaAppPlace]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ToshibaAppPlace"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Toshiba\\Toshiba App Place\\ToshibaAppPlace.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaServiceStation]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ToshibaServiceStation"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\ToshibaServiceStation.exe\" /hide:60"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\uTorrent\\uTorrent.exe\" /MINIMIZED"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\windows\\pss\\Microsoft Office.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\MICROS~3\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"


==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11/22/2013 04:44 PM]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/19/2011 08:59 AM]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/19/2011 08:59 AM]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job --a------ C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe [09/17/2012 04:43 AM]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job --a------ C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe [09/17/2012 04:43 AM]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\AdobeAAMUpdater-1.0-DanTheMan-PC-DanTheMan" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core" [C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA" [C:\Users\DanTheMan\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wr[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/22/2013 05:34 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default
- Undetermined - C:\Program Files (x86)\Social Privacy\FF
- YouTube to MP3 - %ProfilePath%\extensions\[email protected]
- Shop to Win 36 - %ProfilePath%\extensions\{806215f3-1fe9-5c04-f5dd-1617f7bae315}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\Profiles\rqai0fss.default
101700E93EB905992B518256CB441829 - C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update
FCECD904FAB352C719A555BDB1422855 - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator
BBFF97A70B358A5E2BE35E321B7491B9 - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
CABBD15F47F7559AF0CAA074D9350A1D - C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
AB87C54CA19675880B0CAE65B8AF140C - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eoccbpoodnckjdnackiffhjfkogfhnhh - C:\Program Files\VDownloader\Addons\Chrome.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/22/2013 05:33 PM]

Social Privacy - DanTheMan - Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn
Scorpion Saver - DanTheMan - Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Start Page Restore"="http://www.google.com"
"Default_Page_URL"="http://start.toshiba.com/g/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{00A453ED-DDCB-47D4-8291-4E08EA7E0D23} Google Url="http://www.google.co...g}&rlz=1I7TSNF"
{9A71687E-1E7A-4DDE-96FF-D16D78B1859B} Yahoo//search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20111251,17118,0,18,0"
{A63D3F1D-B21A-4DDF-A5A1-8AD0D0C63132} Google Url="http://www.google.co...I7TSNF_enUS462"
{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10} Bing Url="http://www.bing.com/...ferrer:source}"

==== Uninstall List x64 ======================

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3521BDBD-D453-5D9F-AA55-44B75D214629}]
Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1]
Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}]
Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1]
Adobe Photoshop CS5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15FEDA5F-141C-4127-8D7E-B962D1742728}]
Adobe Photoshop CS5.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9158FF30-78D7-40EF-B83E-451AC5334640}]
Adobe Reader X MUI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}]
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
ASIO4ALL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ASIO4ALL]
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3108C217-BE83-42E4-AE9E-A56A2A92E549}]
Audacity 2.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1]
AudioBox USB driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\USB_AUDIO_DEusb-audio.depresonusAudioBoxUSB]
avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast]
Avid Audio Drivers (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F227ACA-204C-4529-BA33-D095C42C72DB}]
Avid EDL Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D5BC49DF-35C6-4C01-A79F-E638E4BF19B3}]
Avid FilmScribe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E8692F58-03E1-4DBB-8D1A-A70AB1DC634A}]
Avid Log Exchange [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5AE7D9E5-9530-4216-98EA-C3E7D0752FB3}]
Avid Media Composer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{76907753-C8DC-406E-819B-20DF131FA052}]
Avid MediaLog [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24185972-C785-4D02-82A1-632FD14C14EC}]
Bejeweled 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-69a5fde1-517f-495c-acb4-af98f05da7c2]
Chuzzle Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-59ae30ab-5fc0-40fb-8a9c-def76a3bcb84]
Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C6017EEA-9E51-4129-84BA-EFA9520E69D8}]
Conexant HD Audio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_AUDIO_HDA]
Contents [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}]
Corel VideoStudio Pro X4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\_{AA902C31-B49D-4608-BCCF-2519EB77722D}]
D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]
DeviceIO [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}]
Digidesign Audio Drivers 8.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9F1D8E17-2AE6-4608-901D-42146D7D9C68}]
Digidesign Pro Tools Creative Collection 8.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3BB2CF34-1FC8-46E2-9D64-4A8D1D577549}]
Digidesign Pro Tools LE 8.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{409A13BD-5F3E-442B-BA7B-A1E32B2D8927}]
ERUNT 1.1j [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ERUNT_is1]
FATE - The Traitor Soul [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-b894c8c1-30c7-4b8b-8f9a-4669f5999bbf]
FL Studio 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FL Studio 10]
Free DigiRack Plug-Ins 8.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A24C2C43-4312-493E-96B3-5D1DCE24DEBF}]
Free Mp3 Wma Converter V 2.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Mp3 Wma Converter_is1]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Talk Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}]
Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
GTA San Andreas [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}]
ICA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA902C31-B49D-4608-BCCF-2519EB77722D}]
IL Download Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IL Download Manager]
Intel® Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}]
Intel® Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}]
Intel® Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}]
Interlok driver setup x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{25613C10-27D2-410B-942B-D922D5C3A7BE}]
IPM_VS_Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A567895C-1D23-48ED-BE83-FB3ED7D30442}]
ISCOM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D68897FC-7E8D-4849-819A-726B2489713C}]
iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}]
Jewel Quest: The Sleepless Star - Collector's Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-6adfdabe-30d1-483c-8cb1-eb1d54827efc]
Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]
[email protected] 1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}]
LAME v3.99.3 (for Windows) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LAME_is1]
Magic ISO Maker v5.5 (build 0265) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Magic ISO Maker v5.5 (build 0265)]
Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]
MetaSync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A7BE4592-E101-4806-BF9A-D88CF5E387E4}]
Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]
Microsoft .NET Framework 4 Extended [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}]
Microsoft Office Professional Plus 2010 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Office14.PROPLUS]
Microsoft Office XP Professional with FrontPage [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{90280409-6000-11D3-8CFE-0050048383C9}]
Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E102B843-786A-4F58-AF75-6504570E207B}]
Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}]
Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}]
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{196BB40D-1578-3D01-B289-BEFC77A11A1E}]
Microsoft_VC80_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}]
Microsoft_VC80_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925D058B-564A-443A-B4B2-7E90C6432E55}]
Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]
Microsoft_VC80_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}]
Microsoft_VC80_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}]
Microsoft_VC80_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}]
Microsoft_VC80_MFCLOC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}]
Microsoft_VC80_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}]
Microsoft_VC90_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}]
Microsoft_VC90_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8557397C-A42D-486F-97B3-A2CBC2372593}]
Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]
Microsoft_VC90_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}]
Microsoft_VC90_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}]
Microsoft_VC90_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}]
Microsoft_VC90_MFCLOC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}]
Microsoft_VC90_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90BF0360-A1DB-4599-A643-95AB90A52C1E}]
Mozilla Firefox 16.0.2 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 16.0.2 (x86 en-US)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]
MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]
Native Instruments Abbey Road 60s Drums Vintage [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E236DA46-2EDD-4097-8CF4-444B4FC9E226}]
Native Instruments Abbey Road 60s Drums Vintage [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Abbey Road 60s Drums Vintage]
Native Instruments Controller Editor [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0886900B-B2F3-452C-B580-60F1253F7F80}]
Native Instruments Controller Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Controller Editor]
Native Instruments Guitar Rig 5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}]
Native Instruments Guitar Rig 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig 5]
Native Instruments Guitar Rig Elements for Maschine [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79D320AB-8148-4BC7-B49B-77B5D849E2A5}]
Native Instruments Guitar Rig Elements for Maschine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Guitar Rig Elements for Maschine]
Native Instruments Komplete Elements Mk2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824BB582-4B00-431E-A5B0-C5DC4DB023E9}]
Native Instruments Komplete Elements Mk2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Komplete Elements Mk2]
Native Instruments Kontakt 5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5552453B-BB76-45E3-973D-F95E458ED780}]
Native Instruments Kontakt 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Kontakt 5]
Native Instruments Kontakt Elements Selection R2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E206701F-713C-4799-B01C-AF24C17C826E}]
Native Instruments Kontakt Elements Selection R2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Kontakt Elements Selection R2]
Native Instruments Maschine [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FC6AFD44-EDF9-4A03-AB9E-16A5391FE24F}]
Native Instruments Maschine [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Maschine]
Native Instruments Maschine Controller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{267B3E82-C941-47D8-BCD3-1BBBB56FCBC6}]
Native Instruments Maschine Controller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Maschine Controller]
Native Instruments Maschine Mikro [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{20C9EDE0-8009-434b-9A52-12337A8C9625}]
Native Instruments Maschine Mikro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Maschine Mikro]
Native Instruments Reaktor 5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9EA5F38-6299-45A1-9D23-F21729A19357}]
Native Instruments Reaktor 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Reaktor 5]
Native Instruments Reaktor Elements Selection [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D94FCA8D-A8B6-4F03-B0AE-416BFB7AF06A}]
Native Instruments Reaktor Elements Selection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Reaktor Elements Selection]
Native Instruments Reaktor Spark R2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C04CE01-F7B8-4961-884B-6CE7EFFADCD4}]
Native Instruments Reaktor Spark R2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Reaktor Spark R2]
Native Instruments Service Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}]
Native Instruments Service Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Native Instruments Service Center]
PDF Settings CS5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}]
Penguins [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-8b18b3d1-54e1-46ec-89ab-790f47f8e66d]
Plants vs. Zombies - Game of the Year [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-bc27bdef-4547-4552-8e3f-cde91c878e53]
PlayReady PC Runtime amd64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}]
PlayReady PC Runtime x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}]
Polar Bowler [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-d70218c9-b462-4192-886a-1d0e4788e249]
PowerISO [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PowerISO]
PreSonus Studio One 2 x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PreSonus Studio One 2]
PureHD [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}]
QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DC42D05-680B-41B0-8878-6C14D24602DB}]
Realtek USB 2.0 Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911}]
Realtek WLAN Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D3D8C60-A55F-4fed-B2B9-173001290E16}]
Reason 5.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Reason5_is1]
ScorpionSaver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}]
Screwlab Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Screwlab Pro_is1]
Sentinel Protection Installer 7.4.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A180ED5-0AC1-410A-B790-5E0319CD0A93}]
Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}]
Share [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}]
Share64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}]
Skype Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DA84ECBF-4B79-47F2-B34C-95C38484C058}]
SkypeT 6.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}]
SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}]
SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}]
SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}]
SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}]
Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]
Tom Clancy's Splinter Cell [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-19552635-ecc1-4198-baaf-daf5d228f770]
Toshiba App Place [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}]
TOSHIBA Application Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}]
TOSHIBA Assist [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}]
Toshiba Book Place [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}]
TOSHIBA Bulletin Board [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C14518AF-1A0F-4D39-8011-69BAA01CD380}]
TOSHIBA Bulletin Board [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}]
TOSHIBA Disc Creator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5DA0E02F-970B-424B-BF41-513A5018E4C0}]
TOSHIBA Face Recognition [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F67FA545-D8E5-4209-86B1-AEE045D1003F}]
TOSHIBA Face Recognition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}]
TOSHIBA Hardware Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}]
TOSHIBA HDD/SSD Alert [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4322448-B6AF-4316-B859-D8A0E84DCB38}]
TOSHIBA HDD/SSD Alert [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D4322448-B6AF-4316-B859-D8A0E84DCB38}]
TOSHIBA HDD/SSD Alert [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}]
Toshiba Laptop Checkup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NortonPCCheckup]
TOSHIBA Media Controller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}]
TOSHIBA Media Controller Plug-in [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}]
Toshiba Online Backup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}]
TOSHIBA Quality Application [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E69992ED-A7F6-406C-9280-1C156417BC49}]
TOSHIBA Recovery Media Creator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}]
TOSHIBA ReelTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}]
TOSHIBA ReelTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}]
TOSHIBA Resolution+ Plug-in for Windows Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}]
TOSHIBA Service Station [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC6569FA-6919-442A-8552-073BE69E247A}]
TOSHIBA Supervisor Password [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0AF17224-CF88-40B8-BB1A-D179369847B4}]
TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{066CFFF8-12BF-4390-A673-75F95EFF188E}]
TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{066CFFF8-12BF-4390-A673-75F95EFF188E}]
TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}]
TOSHIBA Web Camera Application [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}]
TOSHIBA Web Camera Application [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}]
TOSHIBA Wireless LAN Indicator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}]
ToshibaRegistration [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5AF550B4-BB67-4E7E-82F1-2C4300279050}]
Update Installer for WildTangent Games App [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App]
Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}]
VIO [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4778408-3268-45CE-AE15-772D1739A1F1}]
VirtualDJ LE Lite (DJ2GO) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCE465F3-ACA2-487A-BCC9-5F1CB9F0CC42}]
VSClassic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3990E632-42C3-4A25-ADFF-1101E3D6DD47}]
VSPro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}]
WildTangent Games [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent toshiba Master Uninstall]
WildTangent Games App (Toshiba Games) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba]
Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}]
Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]
Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}]
Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]
Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]
Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C91188-C88F-4E86-93E6-CD7C9A266649}]
Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]
Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}]
Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80956555-A512-4190-9CAD-B000C36D6B6B}]
Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}]
Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19BA08F7-C728-469C-8A35-BFBD3633BE08}]
Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]
Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}]
Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}]
Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34F4D9A4-42C2-4348-BEF4-E553C84549E7}]
Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]
Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]
Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}]
Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]
Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}]
Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]
Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]
Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]
Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]
Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAF454FC-82CA-4F29-AB31-6A109485E76E}]
Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}]
Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}]
Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Encoder 9]
WinRAR 4.00 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
Zuma's Revenge [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WTA-9d875b9f-3d5f-4b03-a3b4-58e9c296d2fe]

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\???\???\???\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\GoogleUpdate.exe" > (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Desktop\Install\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\???\???\???\{c136d43e-e11f-ee7f-f0ff-51ae95aac160}\GoogleUpdate.exe" > (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Avid Technology, Inc. - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

==== EOF on Sun 11/24/2013 at 13:36:21.81 ======================
  • 0

Advertisements


#17
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Removing FF Profiles and creating a new one

Take a look from here.

First, start the Profile Manager. Then delete all profiles (with the option delete files) and create a new one. (How to do that? Look into the tutorial linked above)

Resetting Google Extensions

  • Run Google Chrome
  • Please type the command below into the Adress Box

chrome:extensions


  • A new Tab will open in Google Chrome
  • You will see an entry which is probably called Babylon ToolBar
  • Next to this entry you will see a can icon - please click on that to remove the extension from your Browser
  • A confirmation dialog appears, click Remove.

Please do the same for following entries:

  • Wajam
  • Social Privacy

OTL Fix

  • Run OTL.
  • Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:


    :Commands
    [CreateRestorePoint]
    
    :OTL
    File not found (No name found) -- C:\PROGRAM FILES (X86)\SOCIAL PRIVACY\FF
    File not found (No name found) -- C:\USERS\DANTHEMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RQAI0FSS.DEFAULT\EXTENSIONS\[email protected]
    File not found (No name found) -- C:\USERS\DANTHEMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RQAI0FSS.DEFAULT\EXTENSIONS\[email protected]
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKU\.DEFAULT..\Run: [Google Update] Reg Error: Value error. File not found
    O4 - HKU\S-1-5-18..\Run: [Google Update] Reg Error: Value error. File not found
    O4 - HKU\S-1-5-21-784218189-4065130257-2341892420-1000..\Run: [Updater] C:\ProgramData\Updater\updater.exe File not found
    [2013/11/22 16:45:33 | 000,000,000 | ---D | C] -- C:\temp
    [2013/11/22 16:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy DNS
    [2011/12/12 23:30:33 | 000,143,240 | ---- | C] (Ask.com) -- C:\Program Files (x86)\Common Files\ApnStub.exe
    @Alternate Data Stream - 1128 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:QosDlzlPgyGQX7h2
    
    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR]
    
    :Files
    C:\ProgramData\Updater
    C:\\PROGRA~2\\SEARCH~1\\Datamngr
    C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
    C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
    C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
    
    :Commands
    [EMPTYTEMP]
    
  • Click the Run Fix button.
  • After your computer has rebooted, run OTL and click Quick Scan.
  • Copy and paste the contents of the log that it produces into your next post.

Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Eset Scan

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Paste that log as a reply to this topic.
  • Then click on Finish

Question

How is your PC running? Any issues?
  • 0

#18
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
My laptop seems to running just fine with no issues. I deleted the quarantine files along with the uninstall of Eset. Here are the log files:

OTL logfile created on: 11/24/2013 8:31:12 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DanTheMan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 59.81% Memory free
7.90 Gb Paging File | 6.33 Gb Available in Paging File | 80.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.82 Gb Total Space | 268.67 Gb Free Space | 59.33% Space Free | Partition Type: NTFS
Drive E: | 996.88 Mb Total Space | 972.89 Mb Free Space | 97.59% Space Free | Partition Type: FAT

Computer Name: DANTHEMAN-PC | User Name: DanTheMan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/23 19:04:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
PRC - [2013/11/22 17:33:58 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/22 17:33:58 | 000,761,568 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
PRC - [2013/11/22 17:33:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/03 13:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
PRC - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/05/05 01:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2010/03/10 16:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/22 17:34:00 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/22 17:33:58 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/22 16:41:33 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/12/05 06:02:44 | 005,739,008 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010/12/09 18:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/12/08 16:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2010/10/20 15:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/22 16:44:33 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/28 20:12:26 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/02/03 13:50:10 | 000,126,392 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe -- (PCCUJobMgr)
SRV - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/29 15:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/05/05 01:58:36 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 16:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/12/03 22:25:10 | 000,159,744 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2008/11/09 14:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/22 17:34:02 | 001,032,416 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/11/22 17:34:02 | 000,409,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/11/22 17:34:02 | 000,205,320 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/11/22 17:34:02 | 000,084,328 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/11/22 17:34:02 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/11/22 17:34:02 | 000,065,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/11/22 17:34:02 | 000,038,984 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/11/22 17:34:01 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/07 10:42:38 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/07/07 04:54:28 | 000,357,968 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxavs.sys -- (gbxavs)
DRV:64bit: - [2011/07/07 04:54:28 | 000,068,688 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxusb.sys -- (gbxusb_svc)
DRV:64bit: - [2011/05/13 05:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 05:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 05:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/04/04 21:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/14 13:43:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/02/09 12:29:08 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/02/08 20:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2011/01/05 02:08:58 | 001,109,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 00:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/08 12:49:08 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/03/10 19:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/12/04 09:26:56 | 000,462,968 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusbu.sys -- (PRESONUS_AUDIOBOX_USB)
DRV:64bit: - [2009/12/04 09:26:56 | 000,050,808 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusba.sys -- (PRESONUS_AUDIOBOX_WDM)
DRV:64bit: - [2009/12/04 09:26:56 | 000,037,496 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psabusbm.sys -- (PRESONUS_AUDIOBOX_MIDI)
DRV:64bit: - [2009/07/30 21:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/26 20:54:30 | 000,090,544 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 09:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FwLnk.sys -- (FwLnk)
DRV:64bit: - [2009/06/24 16:36:48 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/12/04 03:03:12 | 000,021,520 | ---- | M] (Digidesign, A Division of Avid Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:64bit: - [2008/09/08 13:05:00 | 000,105,520 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2007/04/27 09:40:00 | 000,142,120 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\sentinel64.sys -- (Sentinel64)
DRV - [2009/10/05 17:10:42 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Stopped] -- C:\windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{B9EFE0A0-89A3-46D9-905E-0BE8A46F1175}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{00A453ED-DDCB-47D4-8291-4E08EA7E0D23}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{00A453ED-DDCB-47D4-8291-4E08EA7E0D23}: "URL" = http://www.google.co...ng}&rlz=1I7TSNF
IE - HKCU\..\SearchScopes\{9A71687E-1E7A-4DDE-96FF-D16D78B1859B}: "URL" = http://search.yahoo....51,17118,0,18,0
IE - HKCU\..\SearchScopes\{A63D3F1D-B21A-4DDF-A5A1-8AD0D0C63132}: "URL" = http://www.google.co...1I7TSNF_enUS462
IE - HKCU\..\SearchScopes\{BC364A77-1EA2-BC9C-F6F5-CC73E1D83A10}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DanTheMan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DanTheMan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\vitzo.com/VDownloader: C:\Program Files\VDownloader\Addons\npVDownloader.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\VDownloader\Addons\FireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/22 17:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 20:12:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/28 20:12:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/11/02 02:05:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Extensions
[2011/12/12 18:46:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\extensions
[2011/12/12 18:46:09 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\DanTheMan\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2013/11/22 15:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/28 20:12:27 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/31 22:21:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/12 03:27:04 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Conduit Search (Enabled)
CHR - default_search_provider: search_url = http://search.condui...rchTerms}&SSPV=
CHR - default_search_provider: suggest_url = http://suggest.searc...x={searchTerms},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Babylon ToolBar (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
CHR - plugin: nphelper scriptable example plugin (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo\1.2_0\nphelper.dll
CHR - plugin: Wajam (Enabled) = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00C2\u2122 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: VDownloader (Enabled) = C:\Program Files\VDownloader\Addons\npVDownloader.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: avast! Online Security = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: No name found = C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E7FC2C5-81B5-405B-97D2-51B393EBCAB7}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96F2D705-7341-47CF-9BDC-EF5A6DD8D385}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/24 20:19:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/24 20:17:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
[2013/11/24 13:36:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2013/11/24 09:11:59 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2013/11/24 09:02:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2013/11/24 09:01:05 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2013/11/24 09:00:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/24 09:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/11/23 09:11:24 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/11/23 09:01:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/23 07:29:58 | 000,000,000 | ---D | C] -- C:\windows\Temp2C03EFF6-1920-FF92-EDAF-6244EFE7D18C-Signatures
[2013/11/22 17:37:14 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Roaming\AVAST Software
[2013/11/22 17:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2013/11/22 17:34:13 | 000,065,264 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/11/22 17:34:12 | 001,032,416 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/11/22 17:34:12 | 000,409,832 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/11/22 17:34:12 | 000,084,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/11/22 17:34:11 | 000,038,984 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/11/22 17:34:10 | 000,092,544 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/11/22 17:34:06 | 000,334,648 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/11/22 17:34:01 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013/11/22 17:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/22 17:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/11/22 16:39:50 | 000,000,000 | ---D | C] -- C:\windows\Temp1EFEC91A-6825-5B94-A982-4BBCDD89F599-Signatures
[2013/11/22 16:12:27 | 000,000,000 | ---D | C] -- C:\windows\Temp46AC38B7-0AAD-DDAA-03D4-EF582C437C90-Signatures
[2013/11/22 16:07:35 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/11/22 16:04:23 | 000,000,000 | ---D | C] -- C:\windows\pss
[2013/11/22 14:24:30 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Roaming\Malwarebytes
[2013/11/22 14:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/22 14:23:44 | 000,000,000 | ---D | C] -- C:\Users\DanTheMan\AppData\Local\Programs
[2013/11/22 13:55:16 | 000,000,000 | ---D | C] -- C:\windows\Temp1431E82F-B848-4210-F6F5-A7E2955E27C2-Signatures
[2013/11/22 12:28:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/21 18:22:50 | 000,000,000 | ---D | C] -- C:\windows\Temp05EF05A9-1375-4327-175F-B12CA9BD7E15-Signatures
[2013/11/21 11:31:09 | 000,000,000 | ---D | C] -- C:\windows\Temp1E8D64CA-5074-F8B9-9669-AD54B4C0262E-Signatures
[2013/11/10 05:01:15 | 000,000,000 | ---D | C] -- C:\windows\Temp19119A66-ECE5-16C3-0D36-FF3051727CC2-Signatures
[2013/11/09 03:45:10 | 000,000,000 | ---D | C] -- C:\windows\Temp8CAB040F-B135-15B9-4644-A64794D8CBAD-Signatures
[2013/11/09 03:45:07 | 000,000,000 | ---D | C] -- C:\e0bb54a30b3096dc1e
[2013/11/08 08:09:11 | 000,000,000 | ---D | C] -- C:\windows\TempF5254778-AC34-470C-F5A2-08AB70053793-Signatures
[2013/11/07 05:20:24 | 000,000,000 | ---D | C] -- C:\windows\TempD52D1B30-7C02-B05A-C61F-877AC7B8F37B-Signatures
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/24 20:36:07 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/24 20:36:07 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/24 20:35:40 | 000,779,306 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/11/24 20:35:40 | 000,660,546 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/11/24 20:35:40 | 000,121,442 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/11/24 20:34:04 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/11/24 20:29:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/24 20:28:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/11/24 20:28:35 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/24 20:18:11 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000UA.job
[2013/11/24 20:14:06 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/24 09:03:15 | 000,000,872 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-784218189-4065130257-2341892420-1000Core.job
[2013/11/24 09:00:27 | 000,000,935 | ---- | M] () -- C:\Users\DanTheMan\Desktop\NTREGOPT.lnk
[2013/11/24 09:00:27 | 000,000,916 | ---- | M] () -- C:\Users\DanTheMan\Desktop\ERUNT.lnk
[2013/11/24 08:55:16 | 004,182,609 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.rar
[2013/11/24 07:19:11 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/11/23 19:04:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DanTheMan\Desktop\OTL.exe
[2013/11/22 17:34:41 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/22 17:34:02 | 001,032,416 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013/11/22 17:34:02 | 000,409,832 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013/11/22 17:34:02 | 000,334,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013/11/22 17:34:02 | 000,205,320 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/11/22 17:34:02 | 000,084,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013/11/22 17:34:02 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/11/22 17:34:02 | 000,065,264 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013/11/22 17:34:02 | 000,038,984 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013/11/22 17:34:01 | 000,092,544 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013/11/22 17:34:01 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013/11/22 16:41:34 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/22 16:41:33 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.scr
[2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.pif
[2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.com
[2013/11/07 05:53:02 | 005,006,000 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/11/07 05:35:20 | 000,773,332 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/24 09:10:37 | 001,397,113 | ---- | C] () -- C:\Users\DanTheMan\Desktop\zoek.scr
[2013/11/24 09:10:36 | 001,397,113 | ---- | C] () -- C:\Users\DanTheMan\Desktop\zoek.pif
[2013/11/24 09:10:36 | 001,397,113 | ---- | C] () -- C:\Users\DanTheMan\Desktop\zoek.com
[2013/11/24 09:09:08 | 004,182,609 | ---- | C] () -- C:\Users\DanTheMan\Desktop\zoek.rar
[2013/11/24 09:00:27 | 000,000,935 | ---- | C] () -- C:\Users\DanTheMan\Desktop\NTREGOPT.lnk
[2013/11/24 09:00:27 | 000,000,916 | ---- | C] () -- C:\Users\DanTheMan\Desktop\ERUNT.lnk
[2013/11/22 17:34:41 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/22 17:34:13 | 000,205,320 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013/11/22 17:34:12 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013/11/22 16:41:34 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/22 16:41:33 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2012/12/13 06:11:33 | 000,217,088 | ---- | C] () -- C:\windows\SysWow64\qtmlClient.dll
[2012/10/16 02:15:07 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2012/08/11 17:36:47 | 000,484,352 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2012/04/10 20:20:02 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe
[2011/12/15 22:55:22 | 000,001,789 | ---- | C] () -- C:\Users\DanTheMan\Default.atp
[2011/12/15 22:55:21 | 000,000,302 | ---- | C] () -- C:\Users\DanTheMan\DanTheMan.properties
[2011/12/13 20:50:09 | 000,773,332 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/08 13:35:54 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Audacity
[2013/11/22 17:37:14 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\AVAST Software
[2011/12/15 22:53:26 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Avid
[2011/12/13 16:25:19 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Book Place
[2012/08/11 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\FreeAudioPack
[2012/12/13 08:02:46 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\PACE Anti-Piracy
[2012/10/04 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\PreSonus
[2011/12/30 14:07:10 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Propellerhead Software
[2012/12/10 16:48:48 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/12/13 07:09:06 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Structure
[2011/12/23 21:18:16 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\SynthMaker
[2012/11/02 02:13:28 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\TFP
[2013/10/05 13:14:49 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Tific
[2011/12/12 20:37:35 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Toshiba
[2012/12/13 08:04:29 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Trillium Lane
[2011/12/18 19:43:17 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\Ulead Systems
[2011/12/12 20:33:30 | 000,000,000 | ---D | M] -- C:\Users\DanTheMan\AppData\Roaming\WinBatch

========== Purity Check ==========



< End of report >


Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
DanTheMan :: DANTHEMAN-PC [administrator]

Protection: Disabled

11/24/2013 9:07:32 PM
mbam-log-2013-11-24 (21-07-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210681
Time elapsed: 9 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\ScorpionSaver (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\DanTheMan\Downloads\iLividSetup(1).exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\DanTheMan\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\DanTheMan\Downloads\Setup_FreeConverter.exe (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully.
C:\Users\DanTheMan\Downloads\Something.from.Nothing-The.Art.of.Rap.2012.DVDRiP.XViD_downloader_205b.exe (Trojan.Agent.ED) -> Quarantined and deleted successfully.
C:\Users\DanTheMan\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully.

(end)


C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\ldrtbuTor.dll.vir a variant of Win32/Toolbar.Conduit.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\prxtbuTor.dll.vir Win32/Toolbar.Conduit.O application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\tbuTor.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\uTorrentBarToolbarHelper.exe.vir Win32/Toolbar.Conduit.Q application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\Local\Conduit\CT2786678\uTorrentBarAutoUpdateHelper.exe.vir multiple threats cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\ldrtbuTo0.dll.vir a variant of Win32/Toolbar.Conduit.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\ldrtbuTo2.dll.vir a variant of Win32/Toolbar.Conduit.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll.vir a variant of Win32/Toolbar.Conduit.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\tbuTo0.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\tbuTo2.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\DanTheMan\AppData\LocalLow\uTorrentBar\tbuTor.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\FRST\Quarantine\[email protected] Win32/Adware.MultiPlug.H application deleted - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite.C application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite.A application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\DnsBHO.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\IEBHO.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF13.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF14.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF15.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF16.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll probably a variant of Win32/Toolbar.SearchSuite.D application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\SRTOOL~1\dtUser.exe a variant of Win32/Toolbar.Visicom.C application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll a variant of Win32/Toolbar.Visicom.B application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultstb.dll a variant of Win32/Toolbar.Visicom.A application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\x64\datamngr.dll a variant of Win64/Toolbar.SearchSuite.A application cleaned by deleting - quarantined
C:\FRST\Quarantine\Search Results Toolbar\Datamngr\x64\IEBHO.dll a variant of Win64/Toolbar.SearchSuite.A application cleaned by deleting - quarantined
C:\FRST\Quarantine\Updater\Uninstall.exe a variant of Win32/ExFriendAlert.B application cleaned by deleting - quarantined
C:\FRST\Quarantine\W3i\InstallIQUpdater\InstallIQUpdater.exe Win32/InstallIQ.C application cleaned by deleting - quarantined
C:\FRST\Quarantine\Wajam\Updater\WajamUpdater.exe Win32/Wajam.A application cleaned by deleting - quarantined
C:\Users\DanTheMan\Downloads\Dom_Kennedy_-_Yellow_Album_downloader_205b.exe a variant of Win32/ExpressFiles application cleaned by deleting - quarantined
C:\Users\DanTheMan\Downloads\Something_from_Nothing_The_Art_of_Rap_(2012)DVDRip_XviD_PLay-ACM_downloader_205b.exe a variant of Win32/ExpressFiles application cleaned by deleting - quarantined
  • 0

#19
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Resetting Chromes Search Provider

  • Open Google Chrome
  • Go to the Google Menu on the browser toolbar
  • A list will pop up - please select settings
  • A new page will open. On that page you'll see a Search Section , click Manage search engines
  • Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default (Skip this point if you haven't a preferred search engine)
  • You will also see something with Conduit there - please mouse over the Conduit entry and click X to remove it

Disabling Chrome Plugins

  • We need to disable some Chrome Plugins
  • Start Chrome and type this into the address bar:

chrome:plugins


  • A new tab will open with a list of your installed plugins - Please disable the plugin(s) below by clicking the word Disable.

    • Babylon ToolBar
    • Wajam
  • We're done with that step! Well done!


OTL Fix

  • Run OTL.
  • Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:


    :Commands
    [CreateRestorePoint]
    
    :OTL
    [2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.scr
    [2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.pif
    [2013/11/18 13:36:18 | 001,397,113 | ---- | M] () -- C:\Users\DanTheMan\Desktop\zoek.com
    [2013/11/24 09:09:08 | 004,182,609 | ---- | C] () -- C:\Users\DanTheMan\Desktop\zoek.rar
    [2013/11/24 09:11:59 | 000,000,000 | ---D | C] -- C:\zoek_backup
    
    :Files
    C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll
    C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll
    C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Desktop\Install
    
    :Commands
    [EMPTYTEMP]
    
  • Click the Run Fix button.
  • After your computer has rebooted, run OTL and click Quick Scan.
  • Copy and paste the contents of the log that it produces into your next post.

Control Scan with Adwarecleaner

  • Start Adwarecleaner again (when you use Vista/Win7/Win8 please run it as Administrator)
  • Click Scan and let the scan run.
  • Then click on the Button Report
  • A logfile will open - please post the content of this file in your next answer

  • 0

#20
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Sorry for the late response. Here are the reports.::


All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
File C:\Users\DanTheMan\Desktop\zoek.scr not found.
File C:\Users\DanTheMan\Desktop\zoek.pif not found.
File C:\Users\DanTheMan\Desktop\zoek.com not found.
File C:\Users\DanTheMan\Desktop\zoek.rar not found.
C:\zoek_backup folder moved successfully.
========== FILES ==========
File\Folder C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll not found.
Invalid Switch: PriamNPAPI.dll
File\Folder C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Desktop\Install not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: DanTheMan
->Temp folder emptied: 3048116 bytes
->Temporary Internet Files folder emptied: 9948862 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 38290 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 13.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11252013_172402

Files\Folders moved on Reboot...
C:\Users\DanTheMan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\DanTheMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


# AdwCleaner v3.012 - Report created 25/11/2013 at 17:29:15
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : DanTheMan - DANTHEMAN-PC
# Running from : C:\Users\DanTheMan\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\DynConIE

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v16.0.2 (en-US)

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\DanTheMan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [22986 octets] - [23/11/2013 09:01:11]
AdwCleaner[R1].txt - [794 octets] - [25/11/2013 17:29:15]
AdwCleaner[S0].txt - [22263 octets] - [23/11/2013 09:02:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [914 octets] ##########
  • 0

#21
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Your PC is clean now. If you are cool and nice you could create a feedback here. Well done.

- FIRST -

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :Reg
    HKEY_CURRENT_USER\Software\AppDataLow\Software\DynConIE

    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

- NEXT -

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Posted Image

- NEXT -

I want you to uninstall following programs (Start > Control Panel > Add/Remove Programs):

  • ESET

What's with MBAM?

Malwarebytes is a very good free scanner! It isn't a one demand scanner so it won't have any problems with your AntiVirus! It would be good if you scan your PC after Malware every 1-2 months (of course with Malwarebytes).
But if you like to uninstall it, then make that:

I want you to uninstall following programs (Start > Control Panel > Add/Remove Programs):

  • Malwarebytes

- NEXT -

Download File-Hippo Updatechecker http://www.filehippo.../updatechecker/ Please run it monthly - it will scan your Updatestatus. For example a program is out dated the UpdateChecker will give you a link where you can download the newest version of the respective program.

How to update programs with FileHippo Updatechecker?

  • Start FileHippo Updatechecker
  • You get redirected to a Website
  • You probably see a list of updates (if not then are probably all programs up to date)
  • Click on the first item of the list, download the Update , after that reboot the Computer and take the next item of the list!


- NEXT -


Exercise common sense

Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.

Keep up on Windows updates

Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.

Slow computer?

If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide (http://www.geekstogo...g-your-machine/) written by tech expert Artellos.

Keep safe! :thumbsup:
  • 0

#22
281RMJ

281RMJ

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Thank you so much for your help. I hope you graduate soon. I left a post on the feedback site as well. You are awesome.
  • 0

#23
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Thanks. I've posted in the feedback thread - thanks again for the nice feedback! :thumbsup:
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP