Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop running rough! not sure what to do possible virus? [Closed]

Started by Spruce_9 , Jan 05 2014 11:04 PM

  • This topic is locked This topic is locked

#1
Spruce_9
Posted 05 January 2014 - 11:04 PM

Spruce_9

    New Member

  • Member
  • Pip
  • 7 posts
Laptop runs pretty slow randomly! on startup especially typing is a hassle because of the lag. I have an asus g73s so a pretty good laptop not sure what to do running malwarebytes right now. any ideas what i can do to get to the bottom of this?
  • 0

Advertisements

#2
zep516
Posted 05 January 2014 - 11:20 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to geekstogo
I'll do the best I can to resolve your computer issue
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

First

Please download OTL to your Desktop
  • Double click on the Posted Image to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Next

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click AdwCleaner.exe to run the tool.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • Click the Scan button.
  • AdwCleaner will begin. Be patient as the scan may take some time to complete.
  • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

In your next reply please post:

  • OTL.txt
  • Extras.txt
  • AdwCleaner[R0].txt

Please also include the Malwarebytes log that you have.

Thanks
Joe :)
  • 0

#3
Spruce_9
Posted 06 January 2014 - 06:58 PM

Spruce_9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
adw cleaner
# AdwCleaner v3.016 - Report created 06/01/2014 at 17:49:33
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - JAROD
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found C:\Program Files (x86)\Ask.com
Folder Found C:\Program Files (x86)\RegClean Pro
Folder Found C:\Program Files (x86)\Vid-Saver
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\Owner\AppData\Local\apn
Folder Found C:\Users\Owner\AppData\Local\eSupport.com
Folder Found C:\Users\Owner\AppData\Local\Temp\AskSearch
Folder Found C:\Users\Owner\AppData\Local\Vid-Saver
Folder Found C:\Users\Owner\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Owner\AppData\Roaming\Systweak
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\FLEXnet
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Ask.com
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\FLEXnet
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_logosmartz-logo-maker-software_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_logosmartz-logo-maker-software_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7521 octets] - [06/01/2014 17:49:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7581 octets] ##########

OTL Extras logfile created on: 1/6/2014 5:48:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
7.98 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 57.91% Memory free
15.95 Gb Paging File | 12.06 Gb Available in Paging File | 75.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 178.15 Gb Free Space | 38.25% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 20.99 Gb Free Space | 4.51% Space Free | Partition Type: NTFS
 
Computer Name: JAROD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (All) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- C:\Windows\SysWow64\rundll32.exe C:\Windows\system32\shell32.dll,OpenAs_RunDLL %1 (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
"C:\Program Files (x86)\xchat\xchat.exe" = C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client -- ()
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0042232B-084C-4E19-BE49-3F35CE9314CC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{004F6BFA-15A6-45F8-90D8-AA3E45D21FFD}" = lport=138 | protocol=17 | dir=in | app=system | 
"{03E63A43-4F6D-4399-8899-FD1E32452AD0}" = lport=139 | protocol=6 | dir=in | app=system | 
"{05CBA244-2354-4226-8AFB-C7B2D99AABC6}" = lport=445 | protocol=6 | dir=in | app=system | 
"{16E5A259-3C6A-46CD-AD0F-04DAE06186DC}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
"{19CF1F4C-EF06-4C10-A2E5-9C70A1BE4BB1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1AD22CED-8BA9-46B8-B747-40C0655E61DC}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{3189BC2A-A226-48E7-B237-A0B8342429B8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3F4C0F90-5277-4F6F-B6F6-F20976CD5B85}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{4AA42189-F17E-4B50-BB6E-07979978AAC8}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{4E0E1C19-BA66-4DAC-BEF1-AF2A72F7C046}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{6BE50387-27CE-48C8-BB69-B8AD56DA4DE8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{71F03C81-16DD-4E2F-9F29-A0AE81DFF478}" = rport=139 | protocol=6 | dir=out | app=system | 
"{768CDB2D-2D82-49E5-8A1B-DD0B21DAF1C1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{77302088-479B-4EF5-B72D-88B456A76EA5}" = rport=80 | protocol=6 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\tools\remotecrashsender.exe | 
"{7A576BB3-D6EE-4D7A-9A32-12213DBC7FDB}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{814BA1DE-D8FA-44C6-81B5-E93C9B3E3872}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{98AA3C4D-5156-4296-8B18-4506560ADC08}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{997AF1F7-B162-476C-9477-1476387DBD90}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9E61F55C-3A16-4E68-869A-AB00124AFABB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A7760D31-1EAB-47BA-9027-4239912C6E3D}" = rport=80 | protocol=6 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\tools\launcher.exe | 
"{AC836818-6B15-41EC-B3B3-D0B2512F9ADC}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{BF5E71CC-1342-48E5-98EC-70CCB4851736}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{C0E9CF55-D7EC-43C1-BCE3-0A59F084F068}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CA41C29B-115B-4B28-AD57-0CFFD7F21070}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CEACF7C4-F0EE-45EF-BBD7-EB6365BBEB45}" = rport=137 | protocol=17 | dir=out | app=system | 
"{DA7508E4-12FE-4BF3-8C32-551F4EB1C8AA}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{DE422E35-9F5D-4527-B22B-D9951F7488AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DF8303FF-15F5-42B5-9883-CE716491CC00}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E28BAECF-9FAF-4E1C-903A-7D31C4C92B5B}" = rport=80 | protocol=6 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.exe | 
"{E7783A46-5406-4325-AFAE-0DD16E48BF70}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
"{ECD5007D-3E12-4F7B-AE33-BB63B0FB83A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F36087BE-1F8C-45A7-951F-61B711CBBFBF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F82B1298-B03E-4146-8A33-E01099FC2190}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FAA3D8C6-2993-46C6-88CF-A2FC77A01E0C}" = rport=80 | protocol=6 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.x64.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097BC7D2-B615-4C58-962C-4A460093866E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0DF7230E-78FF-4727-BAA9-3C1CCEC4EE25}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{160432B6-B1F4-42B5-8EF6-D701B447AEA1}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{1A88A277-1DDC-4C0B-82CD-C812E6E363FF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{215CF5CE-4AAE-40D7-B06E-774401EE736A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{21751C11-59ED-4270-AE7E-8B0775A3D4DC}" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | 
"{2236FA10-1FF5-49CF-9A80-41A3DD623225}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{273D0028-D8E1-4C12-B28B-3C3F83868FC4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{28722AF2-85DD-4702-A6B3-BF80F7A63FFF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 
"{2BBEABF7-300D-48A5-83E4-B1A67D1038F4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{2BD9B1BB-E177-4876-AF84-E6BE2FBB696D}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{2D204A8B-6542-4E94-95FB-ED2C2D197263}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
"{2D6094E1-9EC8-46B0-8AF2-B740AD527138}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2DAD764A-B410-4882-A3C9-49D91CF00B54}" = protocol=6 | dir=in | app=c:\program files (x86)\x-chat 2\xchat.exe | 
"{2E9BDE9F-2E20-430B-85EA-84AA8DCD0205}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{320DC528-F55B-4E64-8A6C-BAF22BF95787}" = protocol=58 | dir=out | [email protected],-503 | 
"{359D2969-0D54-42AE-9400-10B9FB2D1D85}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe | 
"{36A7459A-D1A3-4938-B31B-FAFD2F5D46C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{38713055-40D4-45B0-A2B3-88D583A2AD20}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"{390B1891-8261-412B-B7CD-3916B06B4A2E}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe | 
"{3BBDF58D-CED1-48BD-9449-B0308E8B5A41}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{3CC31782-BAD8-4D6B-95CD-004BBBD40CDB}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe | 
"{3F4BB7FB-37E3-4009-AB39-9B7643E23592}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{4014AE34-DB79-45AC-83F6-CC164B98AB93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{42277530-0B9D-46D4-A0FF-A678533E40FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4E85822F-25EA-43B8-9B01-C777C83AF69A}" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | 
"{4EFB6E81-5E2E-4B2F-9D1F-07A4EC66EDA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{52DE2602-F49E-4D71-8B48-DB352F48AE0D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{53CFB84C-A1E2-4F6B-860F-C0ADB1F318D4}" = protocol=17 | dir=in | app=c:\program files (x86)\x-chat 2\xchat.exe | 
"{5410F8F1-C123-47B9-B8E7-82C2DFED76AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{54225C37-663A-4EC0-87C7-B5FEF97C367E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{58658473-82F5-40FD-A729-8C54F978C495}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{5E632C86-3031-4835-A08C-7EF696FF2504}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{5FCEC27F-DC7A-4FA6-9D65-BE0CDDADFD0F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{5FFFF6B5-E74E-4EA4-8DBF-EEA807BC2863}" = protocol=58 | dir=in | [email protected],-28545 | 
"{646AF360-1798-405C-9EB9-253C85810EAF}" = protocol=17 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.exe | 
"{6C6D9DE3-98E8-4CB7-8C5C-0243B56CD0AA}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{7074412C-6418-443F-9454-295930423025}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.x64.exe | 
"{7605183E-2E0F-4577-BF71-B5AF228A547E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{783FEB79-9570-4A87-A8E1-02566323B6B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7A5F5EE0-3321-4D38-A4EE-8466410D4DFA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe | 
"{7C2F3366-E605-4898-A08B-C2746E4F2E75}" = protocol=17 | dir=out | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.x64.exe | 
"{7C858FA3-3CD9-4546-AA4A-293B27541034}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{826E4C30-1868-42D7-9C0E-32426B7E8B71}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8B801AAA-9170-4791-9865-87E152E66CBB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8EF00E0A-1290-412C-B4BB-ACDFDE672112}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe | 
"{8F594D5C-C7A0-4668-B92B-FB3324614615}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{90D037C2-D4DA-49B5-A55B-717DB51513D1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{9250CFEA-8B38-4FD9-A005-3D77556E3A80}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | 
"{927F2CC5-99FD-4CEB-AAA2-9A61D1D62F31}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{93F05FBE-9DB8-466F-AEBA-EE9A98DDF76C}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{99547373-B14A-422B-992A-726C63D289AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\warzlauncher.exe | 
"{9979861E-67C0-4096-9D6A-B5E6A88D08FC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{9A6BF34E-D65C-439A-86E4-F46C3BD865D1}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{A50D84CC-565A-49BD-BA3C-4BF79A0C4FDD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"{A7216035-D854-464D-ACD5-7171E3BA4B53}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{A9DC6A78-2708-485E-8120-8849BFD335C4}" = dir=in | app=c:\brickforce\bflauncher.exe | 
"{AB315249-8AA6-4720-A798-96257C3152B9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BE2DC674-B38D-4EFC-9D22-36785F907BF7}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\warframe\downloaded\public\warframe.exe | 
"{C1D2B924-EDF9-482E-9A46-907BCE1312B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C8AA28AC-A13B-4304-8CE2-75980CAA11D5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{CD9BC283-6B57-4133-81F7-E2FCA78B5706}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{CECD6400-2CA6-4BF0-BAB1-A75392EE87A3}" = protocol=17 | dir=in | app=c:\program files (x86)\xchat\xchat.exe | 
"{CF32E939-5F0A-48F5-BE6D-7740FBAE6CC7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CFBF50B1-5D6D-4024-96B5-05169C8C5E92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D07EF743-F660-43B7-9F18-313CFAB7404A}" = protocol=1 | dir=out | [email protected],-28544 | 
"{D0FF8C0C-9EF4-44CD-B9FE-5387775B6F23}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{D33F28E6-91D1-4BE6-9A3A-7DF691E79201}" = protocol=58 | dir=out | [email protected],-28546 | 
"{D5800638-761F-4D5B-86DD-C1CA0081C0A6}" = dir=in | app=c:\brickforce\brickforce.exe | 
"{D5DD5102-04D0-4A40-BDD5-8CB99DB2590A}" = protocol=1 | dir=in | [email protected],-28543 | 
"{D67C667C-221D-4945-9612-27BEA359F4E1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{D7FF9315-2322-4217-9C2F-B21D6AB8A597}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_launcher.exe | 
"{DE1DB91B-ABE4-46B5-88A7-5249FF344028}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{E329A769-FFFA-4644-9C9F-990666E0EAAB}" = protocol=58 | dir=in | app=system | 
"{E3C31308-B7A4-4A1E-8A3E-DE1DA411B10D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"{E4995B0D-1386-4A8A-B3A0-F8306A60C2C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{E4B4E678-99DB-44C6-8EE1-2D9BD003D831}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E8ED619B-BE35-461E-A9B6-2ECB8FBD4169}" = protocol=6 | dir=out | app=system | 
"{EFFA499D-5A59-4F39-A387-C4BC425F741B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{F29A152A-86C0-49A0-8944-0AEE19A374D1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe | 
"{F4B41331-4236-476F-BAF5-2D1C5BE844AB}" = protocol=6 | dir=in | app=c:\program files (x86)\xchat\xchat.exe | 
"{FC10E52E-408C-4CA8-ACF4-B082CE41D7E0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"{FEEF5E46-348C-4064-BF56-B5E9668D0D06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\warzlauncher.exe | 
"TCP Query User{0DAF89A4-8FF6-495C-9301-B7C4236BD997}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\infestation.exe | 
"TCP Query User{10E1533F-3070-45D3-9D80-D48093966654}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe | 
"TCP Query User{24292EC5-6947-4661-85BB-8781D9CE65A2}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{2D1B991C-D67F-45A9-9880-9DCEC756E074}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"TCP Query User{4394284A-2627-46C7-8033-8976F4BED30B}C:\users\owner\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\google\chrome\application\chrome.exe | 
"TCP Query User{469109B4-CFCC-4082-9E55-BCCC8DADC8A6}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"TCP Query User{48D0F160-DAD7-4133-8220-9B9F806E101B}C:\program files (x86)\xchat\xchat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xchat\xchat.exe | 
"TCP Query User{497A735D-4076-44EE-AC11-7B0CCD15DBFD}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{6859386B-2D6E-4EAE-9EF3-D2CF0122052E}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 
"TCP Query User{72494889-65B4-46F6-8A31-3AEF613943E1}C:\users\owner\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\utorrent.exe | 
"TCP Query User{83EAF7A2-805B-46B2-8A15-763B50340B5A}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"TCP Query User{8A3CAE85-86E1-41AF-9908-7B92598E2670}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{9CB132E4-3046-4037-B175-CE6E045B160B}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"TCP Query User{A919FD99-2DCA-4C23-87B5-6ECED80BDC9C}C:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=6 | dir=in | app=c:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe | 
"TCP Query User{AF34EB8D-89E6-49ED-9EA4-B98C56040957}C:\program files (x86)\x-chat 2\xchat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\x-chat 2\xchat.exe | 
"TCP Query User{B40FCF15-5ED1-4F75-8B89-29BF74344631}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"TCP Query User{B42F545B-F336-476D-A35C-9B10F11660D7}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | 
"TCP Query User{B4320739-8735-492B-B405-C517F95F1E17}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"TCP Query User{B83FCA3B-FA0B-44E5-BDEE-F1D15A9738D0}C:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=6 | dir=in | app=c:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe | 
"TCP Query User{DF0B9D8B-7F3D-4B85-8BF9-0FD9FC3AE96A}C:\users\owner\downloads\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=6 | dir=in | app=c:\users\owner\downloads\sledsimulator 0.1.1_win\sledsimulator.exe | 
"UDP Query User{01385FFA-C795-4327-A626-2A7C1096C6EA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{2A353404-88AE-4B7F-BBEA-D2953415D58A}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"UDP Query User{444C3990-2148-4541-A4FD-E2328FF39BA0}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{501015BB-E439-4AE7-8F9D-84E6A147435F}C:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine 2\trine2_32bit.exe | 
"UDP Query User{598F5B9F-6261-4DBB-AE82-F792815214E8}C:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=17 | dir=in | app=c:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe | 
"UDP Query User{5C56CD0D-3682-4332-A2AA-9CB988022C11}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe | 
"UDP Query User{7074764E-C427-4AD5-83A0-84D24EED890B}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 
"UDP Query User{8250B9BD-C97F-4E6F-ABD2-4DDA06C887DE}C:\users\owner\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{997D1215-EE35-4ADF-BCBC-5D5EB21A6A08}C:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe | 
"UDP Query User{C134A77E-711B-4D0C-A964-AA01007CF8A7}C:\users\owner\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\utorrent.exe | 
"UDP Query User{C660638A-AF5F-421F-869A-2D90E2687E3B}C:\program files (x86)\xchat\xchat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xchat\xchat.exe | 
"UDP Query User{C7E9BD1C-8F7C-498F-B230-A6C282AE1534}C:\program files (x86)\x-chat 2\xchat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\x-chat 2\xchat.exe | 
"UDP Query User{CC43800C-75FB-4E07-8052-9B9FB0D325BB}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 
"UDP Query User{CCF52376-0837-4588-8DB1-E0DB110F800B}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe | 
"UDP Query User{CE3B1B7D-563F-4720-898B-731E78B4B92F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{CFE2E542-1395-4F54-8A8F-584E2C78BB74}C:\users\owner\downloads\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=17 | dir=in | app=c:\users\owner\downloads\sledsimulator 0.1.1_win\sledsimulator.exe | 
"UDP Query User{DA7BF672-AB67-4B5B-A227-E8EC43816C53}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"UDP Query User{E46AE11A-0863-4A39-B87C-ACCD00F91EDA}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe | 
"UDP Query User{F35634E3-3FBA-4B23-8A19-1DF0092F19A6}C:\program files (x86)\steam\steamapps\common\the war z\infestation.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the war z\infestation.exe | 
"UDP Query User{FB98023A-B412-4141-B8BA-5A2D002055D7}C:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe" = protocol=17 | dir=in | app=c:\users\owner\desktop\sledsimulator 0.1.1_win\sledsimulator.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{02E5BCCA-317C-418F-9E06-42526E050829}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416032FF}" = Java(TM) 6 Update 32 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0003
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{45C1C61B-9DA9-4B61-8C89-C76B1746C3AA}" = Fresco Logic USB3.0 Host Controller
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety
"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)
"7341A1B43E7FE58942EB1E820A17C18305DFBCE6" = Windows Driver Package - Broadcom Bluetooth  (01/19/2010 6.2.0.1417)
"85CE3A3657FAE5FD305B143E90E6FC89BA53001C" = Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (02/25/2010 6.2.0.9419)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B74EC0B-2A85-4542-A167-3DE2132E7DAA}" = DayZ Commander
"{0C4FF2FE-9E75-4DBF-B2DA-11CE1F10C4B5}" = Roxio AACS Certificate
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}" = Synaptics Gesture Suite featuring SYNAPTICS | Scrybe
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}" = Complemento Messenger
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions ŕ distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7F061FA8-5A87-4758-876B-17EE28B358D0}" = Messenger 浏览器插件
"{833D97B9-AC16-45C1-AD44-0A32198956F8}" = Gimp Themes v1.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = ooVoo toolbar, powered by Ask.com
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{939C80FA-96C9-44A6-B318-8E7D8BD8481B}" = Messenger Companion
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7DEE877-3031-4313-B235-96FDEB16EF7E}" = Roxio CinePlayer
"{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}" = RuneScape Launcher 1.2.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B11AB9C8-18A6-41DC-98B4-4988CC030136}" = THX TruStudio
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{C03F3D5B-0D83-4F81-A324-32F4E7F1BF6A}" = Roxio CinePlayer
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}" = Messenger 分享元件
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E0955568-4353-4C85-8988-285A8C0F5E87}" = Mumble 1.2.4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligaçőes Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7EADE2C-2A5C-44D7-9A2B-995CDDC20295}" = Warframe
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"Asus_G73_Screensaver" = Asus_G73_Screensaver
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"Blacklight Retribution" = Blacklight Retribution
"Bookworm Deluxe" = Bookworm Deluxe
"BrickForce" = BrickForce 1.4.40
"Connection Manager" = Connection Manager
"Cooking Dash" = Cooking Dash
"DiskAid_is1" = DiskAid 5.09
"GhostMouse_is1" = GhostMouse
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"iFunbox_is1" = iFunbox (v1.98.948.666), iFunbox DevTeam
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}" = ExpressGate Cloud
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Jewel Quest 3" = Jewel Quest 3
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"mIRC" = mIRC
"Mobile Internet Key" = Mobile Internet Key
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PkHonor_0" = PkHonor
"Plants vs Zombies" = Plants vs Zombies
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"San Andreas Mod Installer1.1" = San Andreas Mod Installer
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 22380" = Fallout: New Vegas
"Steam App 224580" = Arma 2: DayZ Mod
"Steam App 226700" = Infestation: Survivor Stories
"Steam App 33900" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35720" = Trine 2
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 7" = TeamViewer 7
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.4 beta
"World of Goo" = World of Goo
"xchat" = XChat 2 (remove only)
"X-Chat 2_is1" = X-Chat 2.8.6-2
"YTdetect" = Yahoo! Detect
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = ooVoo toolbar, powered by Ask.com Updater
"Google Chrome" = Google Chrome
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 1/5/2014 2:57:32 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 26726060
 
Error - 1/5/2014 2:57:32 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 26726060
 
Error - 1/6/2014 6:09:41 AM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 1/6/2014 6:09:41 AM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 998
 
Error - 1/6/2014 6:09:41 AM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 998
 
Error - 1/6/2014 8:43:17 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 1/6/2014 8:43:17 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 52417287
 
Error - 1/6/2014 8:43:17 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 52417287
 
Error - 1/6/2014 8:43:18 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 1/6/2014 8:43:18 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 52418286
 
Error - 1/6/2014 8:43:18 PM | Computer Name = Jarod | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 52418286
 
[ System Events ]
Error - 1/3/2014 4:35:39 PM | Computer Name = Jarod | Source = NetBT | ID = 4321
Description = The name "WORKGROUP      :1d" could not be registered on the interface
 with IP address 192.168.1.101.  The computer with the IP address 192.168.1.1 did 
not allow the name to be claimed by  this computer.
 
Error - 1/3/2014 7:44:14 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Connection
 Manager. OUC service to connect.
 
Error - 1/3/2014 7:44:14 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7000
Description = The Connection Manager. OUC service failed to start due to the following
 error:   %%1053
 
Error - 1/3/2014 7:44:15 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
 due to the following error:   %%2
 
Error - 1/4/2014 3:02:35 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Connection
 Manager. OUC service to connect.
 
Error - 1/4/2014 3:02:35 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7000
Description = The Connection Manager. OUC service failed to start due to the following
 error:   %%1053
 
Error - 1/4/2014 3:02:35 PM | Computer Name = Jarod | Source = Service Control Manager | ID = 7000
Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start
 due to the following error:   %%2
 
Error - 1/5/2014 2:35:21 AM | Computer Name = Jarod | Source = DCOM | ID = 10010
Description = 
 
Error - 1/5/2014 2:57:36 PM | Computer Name = Jarod | Source = DCOM | ID = 10010
Description = 
 
Error - 1/5/2014 3:04:56 PM | Computer Name = Jarod | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
Extra ^^^^^


otl
OTL logfile created on: 1/6/2014 5:48:36 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
 
7.98 Gb Total Physical Memory | 4.62 Gb Available Physical Memory | 57.91% Memory free
15.95 Gb Paging File | 12.06 Gb Available in Paging File | 75.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 178.15 Gb Free Space | 38.25% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 20.99 Gb Free Space | 4.51% Space Free | Partition Type: NTFS
 
Computer Name: JAROD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014/01/06 17:47:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/12/11 12:40:36 | 001,823,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013/12/11 12:40:36 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013/12/03 15:02:01 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/11/23 08:01:28 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/07/24 23:19:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/16 07:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/16 07:38:28 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/04/30 10:57:12 | 001,721,480 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2013/04/26 11:12:36 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2013/04/04 13:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/06 11:14:42 | 000,056,416 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/09/14 12:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/09/11 15:06:52 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/09/11 10:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/07/17 15:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/05/28 09:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/02/23 11:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/08/31 14:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/08/23 02:48:44 | 000,655,712 | ---- | M] () -- C:\ProgramData\Connection Manager\OnlineUpdate\ouc.exe
PRC - [2011/05/27 15:23:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011/03/29 09:01:08 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/14 08:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/10/15 01:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 18:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/12 17:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2010/03/11 20:13:56 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/11/02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/31 09:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/12/11 12:40:38 | 001,135,016 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2013/12/03 19:48:04 | 000,399,312 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 19:48:02 | 004,055,504 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 19:47:11 | 000,702,416 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 19:47:11 | 000,099,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 19:47:08 | 001,619,408 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/13 10:51:14 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/11/13 10:50:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/11/13 10:50:52 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/11/13 10:50:44 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/11/13 10:50:41 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/11/06 14:48:12 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/11/06 14:48:10 | 000,691,200 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/08/14 20:13:19 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 20:13:02 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 20:12:56 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 20:05:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 20:04:41 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/14 16:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 16:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 16:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/31 14:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011/03/31 18:29:46 | 000,066,856 | ---- | M] () -- C:\Windows\SysWOW64\SynTPEnhPS.dll
MOD - [2010/10/15 01:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 17:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 14:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 14:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013/11/26 02:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:[b]64bit:[/b] - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:[b]64bit:[/b] - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:[b]64bit:[/b] - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:[b]64bit:[/b] - [2010/03/11 20:13:54 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2013/12/19 18:36:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/11 12:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/24 23:19:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/07/16 14:02:51 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/04/26 11:12:36 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/11 10:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/23 02:48:44 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Connection Manager\UpdateDog\ouc.exe -- (Connection Manager. RunOuc)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011/03/29 09:01:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/03/29 09:01:20 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/03/14 08:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/20 18:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:[b]64bit:[/b] - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:[b]64bit:[/b] - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:[b]64bit:[/b] - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:[b]64bit:[/b] - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:[b]64bit:[/b] - [2013/05/13 14:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2013/03/25 13:41:46 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2013/02/24 22:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/11/08 00:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:[b]64bit:[/b] - [2012/11/08 00:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:[b]64bit:[/b] - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/12/15 18:38:17 | 000,422,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:[b]64bit:[/b] - [2011/09/08 20:51:01 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:[b]64bit:[/b] - [2011/08/16 02:17:45 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:[b]64bit:[/b] - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:[b]64bit:[/b] - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:[b]64bit:[/b] - [2011/03/31 18:32:00 | 001,424,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:[b]64bit:[/b] - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/10/21 15:11:04 | 000,097,552 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:[b]64bit:[/b] - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2010/09/13 03:24:25 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010/08/03 03:43:13 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:[b]64bit:[/b] - [2010/07/26 18:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:[b]64bit:[/b] - [2010/06/22 18:31:11 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2010/03/19 21:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:[b]64bit:[/b] - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2010/01/15 13:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2010/01/15 13:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2010/01/15 13:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/12/30 09:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:[b]64bit:[/b] - [2009/12/14 01:03:49 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009/11/17 16:11:59 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:[b]64bit:[/b] - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:[b]64bit:[/b] - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009/04/07 14:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:[b]64bit:[/b] - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:[b]64bit:[/b] - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:[b]64bit:[/b] - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 08:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 16:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://oldschool.runescape.com/oldschool_index
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Assassin's Creed IV Black Flag = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance\1.2_0\
CHR - Extension: Google Drive = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Adblock Plus = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Ghostery = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows (R) Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED File not found
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [PlayNC Launcher]  File not found
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [uTorrent] C:\Users\Owner\Downloads\utorrent.exe (BitTorrent Inc.)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14BAB037-E4DB-4DCA-AFAF-BAC70FDDCAAE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{354C7317-E5EB-4BC6-8116-EA4F4B63A03E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA7F80C5-12E4-4120-B3EF-DB4C39BF6503}: NameServer = 209.91.107.11 209.121.225.11
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell - "" = AutoRun
O33 - MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell - "" = AutoRun
O33 - MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\Shell - "" = AutoRun
O33 - MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014/01/06 17:49:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/06 00:07:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Broadcom
[2014/01/06 00:05:42 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2014/01/06 00:05:42 | 000,098,344 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
[2014/01/06 00:05:42 | 000,035,104 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
[2014/01/06 00:05:42 | 000,021,288 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
[2014/01/06 00:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2014/01/05 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Cheat Tables
[2014/01/05 15:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMouse
[2014/01/05 15:30:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AutomaticSolution Software
[2014/01/05 15:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GhostMouse
[2014/01/04 12:03:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1F1B0B2F-3F33-461B-9D7B-237ABB7A5030}
[2014/01/03 13:03:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C126F4DF-A5DC-442F-B329-1DCEA7C6A4B8}
[2014/01/02 17:37:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\notes
[2014/01/02 13:11:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CE837015-6386-470C-9538-CA4D9BA5AE7E}
[2013/12/31 21:58:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\server structures
[2013/12/31 14:01:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\mods for hekkit
[2013/12/31 12:11:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4703905A-C274-4BC7-8AF2-2E390FFB0D49}
[2013/12/30 10:16:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7F2FD2EC-AC3B-48C6-8032-F66E2F315540}
[2013/12/29 15:08:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CFF02DD4-BBE9-4750-9E6B-593D92656BAB}
[2013/12/28 15:18:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{29C78FB1-96C1-4F68-B7F0-DC32581296EE}
[2013/12/21 18:38:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5B7BB992-533C-4BFB-86A1-E837FFFC9BED}
[2013/12/21 18:33:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013/12/21 18:33:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/12/21 18:33:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/12/21 18:33:28 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013/12/21 18:33:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013/12/21 18:33:22 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013/12/21 18:33:22 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013/12/21 18:33:22 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/12/21 18:33:22 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/12/21 18:33:22 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013/12/21 18:33:22 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013/12/21 18:33:22 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013/12/21 18:33:22 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013/12/21 18:33:22 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013/12/21 18:33:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013/12/21 18:33:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/12/21 18:33:22 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013/12/21 18:33:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/12/21 18:33:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013/12/21 18:33:22 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013/12/21 18:33:21 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/12/21 18:33:21 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/12/21 18:33:21 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013/12/21 18:33:21 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013/12/21 18:32:39 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013/12/21 18:32:39 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013/12/21 16:59:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FBB7D0D0-701D-4717-9DF4-459B45CE694D}
[2013/12/20 16:04:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Jarod Speight Iphone Picutres
[2013/12/20 11:15:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5CB1B8D1-2DC0-41E1-B47E-364B127D32F5}
[2013/12/19 21:53:04 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/19 21:53:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/19 21:53:03 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/19 21:53:02 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/19 21:52:00 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/19 21:51:59 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/19 21:51:59 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/19 21:51:59 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/19 21:51:59 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/19 21:51:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/19 21:51:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/19 21:51:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/19 21:51:58 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/19 21:51:58 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/19 21:51:58 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/19 21:51:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/19 21:51:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/19 21:51:56 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/19 21:51:56 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/19 21:51:54 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/19 18:36:18 | 009,293,192 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/12/19 18:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/19 17:41:37 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/19 17:41:37 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/19 17:41:35 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/19 17:41:35 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/19 17:41:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/19 17:41:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/19 17:41:05 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/19 17:41:04 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/19 17:41:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/19 17:41:04 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/19 17:41:04 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/19 17:41:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/19 17:41:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/19 17:31:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{46D60C02-037C-4D81-A160-6A44D55091E1}
[2013/12/10 08:26:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B7C28D43-EFE1-403D-ABB0-596DFE6FE131}
[2013/12/09 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EE546457-E0EC-4BF6-AEBA-D5C271A753E8}
[2013/12/09 07:46:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{99CB70B7-9272-4199-88DE-335668C9BE99}
[2013/12/08 10:21:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{70A8F644-22D4-4B1D-8A6F-21D10F4F6242}
[15 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/01/06 17:44:21 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/06 17:44:11 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000Core.job
[2014/01/06 17:44:10 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000UA.job
[2014/01/06 17:44:07 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/06 17:43:44 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2014/01/06 17:43:40 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000UA.job
[2014/01/06 01:43:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000Core.job
[2014/01/06 00:05:47 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/01/05 15:30:29 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\GhostMouse Free.lnk
[2014/01/05 15:07:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/05 14:34:04 | 000,000,044 | ---- | M] () -- C:\Users\Owner\jagex_cl_oldschool_LIVE.dat
[2014/01/05 12:00:43 | 000,780,196 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/05 12:00:43 | 000,665,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/05 12:00:43 | 000,125,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/04 15:46:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 15:46:45 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 12:02:46 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2014/01/04 12:02:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/04 12:00:58 | 2129,526,783 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/03 13:02:02 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013/12/30 15:24:45 | 002,304,092 | ---- | M] () -- C:\Users\Owner\Desktop\TechnicLauncher.exe
[2013/12/30 13:20:32 | 000,000,044 | ---- | M] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2013/12/20 16:21:56 | 000,001,484 | ---- | M] () -- C:\Users\Owner\.recently-used.xbel
[2013/12/20 11:14:51 | 000,301,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/19 21:03:28 | 000,283,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013/12/19 21:03:28 | 000,283,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/12/19 18:36:29 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/19 18:36:29 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/19 18:36:19 | 009,293,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[15 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014/01/06 00:05:29 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/01/05 15:30:29 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\GhostMouse Free.lnk
[2013/12/20 16:21:56 | 000,001,484 | ---- | C] () -- C:\Users\Owner\.recently-used.xbel
[2013/12/05 19:28:43 | 000,000,011 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\win.dat
[2013/07/09 17:25:38 | 000,000,044 | ---- | C] () -- C:\Users\Owner\jagex_cl_oldschool_LIVE.dat
[2013/06/29 16:27:39 | 000,283,032 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/06/29 16:27:38 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2013/06/29 16:27:38 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/06/26 18:35:55 | 000,000,049 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE_BETA.dat
[2012/05/06 13:41:09 | 000,000,037 | ---- | C] () -- C:\Users\Owner\.gtk-bookmarks
[2012/05/06 12:52:18 | 000,000,163 | ---- | C] () -- C:\Users\Owner\.gtkrc-2.0
[2012/04/18 18:56:05 | 000,008,192 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/09 13:26:05 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/04/01 12:39:52 | 000,000,000 | ---- | C] () -- C:\Users\Owner\dementhium_runescape_preferences.dat
[2012/03/18 15:41:00 | 000,000,004 | ---- | C] () -- C:\Users\Owner\cache.dat
[2012/02/12 12:02:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/12/11 14:51:59 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE2.dat
[2011/11/06 13:42:13 | 000,000,024 | R--- | C] () -- C:\Users\Owner\random.dat
[2011/11/06 10:15:08 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
[2011/10/25 19:05:15 | 000,000,044 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2011/08/09 13:59:12 | 000,000,034 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\RSBot_Accounts.ini
[2011/06/22 22:56:55 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/06/20 15:22:15 | 000,000,024 | ---- | C] () -- C:\Users\Owner\jagexappletviewer.preferences
[2011/06/15 20:40:42 | 000,000,129 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2011/06/15 20:37:53 | 000,000,037 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2011/03/29 08:33:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:981884E7
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D458568
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC

< End of report >

malware
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Owner :: JAROD [administrator]

05/01/2014 9:22:09 PM
mbam-log-2014-01-05 (21-22-09).txt

Scan type: Full scan (C:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 557558
Time elapsed: 1 hour(s), 28 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Owner\AppData\Local\Temp\is-F8ACC.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

(end)

  • 0

#4
zep516
Posted 06 January 2014 - 07:22 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi Spruce_9

Thanks for the scans, I will look over these and get a fix ready for you.

In the future could you just paste the logs in, don't put them in code thanks.

Thanks
Joe :)
  • 0

#5
Spruce_9
Posted 06 January 2014 - 08:21 PM

Spruce_9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
sorry i thought putting them in codes would be better my bad :) but thanks for the help!! :D
  • 0

#6
zep516
Posted 06 January 2014 - 08:50 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi Spruce_9

No problem, it's just the one OTL Log is hard to read cause you have to scroll it, no biggie :)

I will not have a complete fix till Early Tomorrow.

Please refrain from making any changes, installs, uninstalls etc, now that we have a base line to work with.

Thanks
Joe :)
  • 0

#7
Spruce_9
Posted 06 January 2014 - 09:14 PM

Spruce_9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
also there is a random application opening up on the task bar for a second and closes not sure what it is
  • 0

#8
zep516
Posted 06 January 2014 - 09:21 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Noted.

Lets see if it goes away after we employ my fix Tomorrow.

Thanks for letting me know that.

Joe...
  • 0

#9
zep516
Posted 07 January 2014 - 08:56 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi spruce_9


First

Lets remove those programs listed below.
==> Click > Start > Control Panel > Programs & Features

  • ooVoo toolbar, powered by Ask.com
  • Java™ 6 Update 31
  • Java™ 7 Update 5
  • JavaFX 2.1.1
  • Java™ 6 Update 32 (64-bit)


PunkBuster Advice:

There are some issues with infections in relation to PunkBuster...

Your computer has installed gaming tools. Some of these, like Punkbuster, use spyware techniques to engage in the anti-piracy battle.
In the process, they take control of much of your PC, and they actually meet the definition of spyware/malware.
They are sometimes designed to prevent orderly removal or modification, and they have only limited respect for retaining the overall security and integrity of your machine.

My advice would be to download the removal tool from here. Use this to uninstall PunkBuster Services. Then when I give the all clear use it again to reinstall PunkBuster Services if you so wish.


Next

We need to do a fix using OTL

  • Double click on the Posted Image to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
[createrestorepoint]

:OTL

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED File not found
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1000..\Run: [PlayNC Launcher]  File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3655729246-1999482135-2326276757-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O33 - MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell - "" = AutoRun
O33 - MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell - "" = AutoRun
O33 - MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\Shell - "" = AutoRun
O33 - MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\Shell - "" = AutoRun
O33 - MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:981884E7
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:5D458568
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC

:reg

[HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" =-

:Files

ipconfig /flushdns /c

:Commands

[resethosts]
[emptytemp]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.


Next

Removing what adwCleaner found

Double-click AdwCleaner.exe to run the tool again.
  • Click the Scan button.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Next

Checking for additional browser Hijacks


Please download Junkware Removal Tool to your desktop.

  • Disable your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Next

Checking security and up dates.

Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Please post the following logs in your next reply:

  • OTL Fix log located here-->C:\_OTL\Moved Files
  • OTL.txt after quick scan
  • AdwCleaner after clean was run[S0].txt
  • JRT.txt
  • checkup.txt

Tell me how the computer is running

Thanks
Joe :)
  • 0

#10
Spruce_9
Posted 07 January 2014 - 07:52 PM

Spruce_9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files (x86)\Ask.com\Updater\Updater.exe not found.
Registry value HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PlayNC Launcher deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1006\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1006\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57f62660-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57f62666-0c2a-11e3-bcca-cfed4c6b0cfb}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5a98d1b4-5c02-11e1-b1b9-f46d04169779}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686c03ac-68b5-11e1-a9da-f46d04169779}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{686c03ac-68b5-11e1-a9da-f46d04169779}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{686c03ac-68b5-11e1-a9da-f46d04169779}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{882a698e-3d7e-11e1-8d68-f46d04169779}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{882a698e-3d7e-11e1-8d68-f46d04169779}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{882a698e-3d7e-11e1-8d68-f46d04169779}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{882a699f-3d7e-11e1-8d68-f46d04169779}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{882a699f-3d7e-11e1-8d68-f46d04169779}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{882a699f-3d7e-11e1-8d68-f46d04169779}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eefea14-6985-11e1-962c-f46d04169779}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eefea14-6985-11e1-962c-f46d04169779}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8eefea14-6985-11e1-962c-f46d04169779}\ not found.
File H:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{caef42a7-0c0e-11e3-912f-5404a6366123}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{caef42a7-0c0e-11e3-912f-5404a6366123}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{caef42a7-0c0e-11e3-912f-5404a6366123}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H\ not found.
File H:\AutoRun.exe not found.
ADS C:\ProgramData\Temp:41099CE9 deleted successfully.
ADS C:\ProgramData\Temp:981884E7 deleted successfully.
ADS C:\ProgramData\Temp:5D458568 deleted successfully.
ADS C:\ProgramData\Temp:3E7393FC deleted successfully.
========== REGISTRY ==========
Registry value HKEY_USERS\S-1-5-21-3655729246-1999482135-2326276757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{79A765E1-C399-405B-85AF-466F52E918B0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79A765E1-C399-405B-85AF-466F52E918B0}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Owner\Downloads\cmd.bat deleted successfully.
C:\Users\Owner\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jarod
->Temp folder emptied: 39806 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Owner
->Temp folder emptied: 1038370214 bytes
->Temporary Internet Files folder emptied: 197502573 bytes
->Java cache emptied: 214940993 bytes
->Google Chrome cache emptied: 352391212 bytes
->Apple Safari cache emptied: 32768 bytes
->Flash cache emptied: 1050 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 4784 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1064050235 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4574735 bytes
RecycleBin emptied: 12789205278 bytes

Total Files Cleaned = 14,936.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01072014_170341

Files\Folders moved on Reboot...
C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...






OTL logfile created on: 1/7/2014 6:37:32 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.98 Gb Total Physical Memory | 5.37 Gb Available Physical Memory | 67.34% Memory free
15.95 Gb Paging File | 12.97 Gb Available in Paging File | 81.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.76 Gb Total Space | 181.38 Gb Free Space | 38.94% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 32.14 Gb Free Space | 6.90% Space Free | Partition Type: NTFS

Computer Name: JAROD | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/07 14:00:22 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014/01/07 14:00:20 | 001,815,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/01/06 17:47:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.exe
PRC - [2013/12/03 15:02:01 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/11/23 08:01:28 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/05/16 07:44:05 | 001,012,000 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/05/16 07:38:28 | 001,213,216 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
PRC - [2013/04/26 11:12:36 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/14 12:14:16 | 000,328,064 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2012/09/11 15:06:52 | 000,184,704 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2012/09/11 10:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2012/07/17 15:54:20 | 000,178,848 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2012/05/28 09:04:48 | 000,113,312 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2012/03/25 15:29:30 | 001,609,728 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe
PRC - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/02/23 11:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2011/08/31 14:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011/08/23 02:48:44 | 000,655,712 | ---- | M] () -- C:\ProgramData\Connection Manager\OnlineUpdate\ouc.exe
PRC - [2011/05/27 15:23:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011/03/29 09:01:08 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011/03/14 08:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2010/10/15 01:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/20 18:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010/08/12 17:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2009/11/02 14:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/07/31 09:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 09:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008/12/22 16:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/07 14:00:22 | 001,138,088 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/01/06 21:05:53 | 000,399,640 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppgooglenaclpluginchrome.dll
MOD - [2014/01/06 21:05:49 | 004,055,320 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
MOD - [2014/01/06 21:04:47 | 000,715,544 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\libglesv2.dll
MOD - [2014/01/06 21:04:46 | 000,100,120 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\libegl.dll
MOD - [2014/01/06 21:04:42 | 001,634,584 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll
MOD - [2013/12/12 15:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013/12/12 15:04:18 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013/12/12 15:04:14 | 000,716,800 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/11/13 10:51:14 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/11/13 10:50:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/11/13 10:50:52 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/11/13 10:50:44 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/11/13 10:50:41 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/11/04 18:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013/08/14 20:13:19 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 20:13:02 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 20:12:56 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 20:05:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 20:04:41 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/14 16:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 16:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 16:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/21 13:46:28 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
MOD - [2011/08/31 14:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011/07/18 14:07:28 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
MOD - [2011/03/31 18:29:46 | 000,066,856 | ---- | M] () -- C:\Windows\SysWOW64\SynTPEnhPS.dll
MOD - [2010/10/15 01:24:38 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
MOD - [2010/09/23 16:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/12 17:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2009/11/02 14:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 14:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 02:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/16 16:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/03/11 20:13:54 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2014/01/07 14:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/19 18:36:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/16 14:02:51 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/21 04:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/05/16 07:38:39 | 001,826,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/04/26 11:12:36 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/11 10:41:14 | 000,106,880 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2012/03/19 04:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/08/23 02:48:44 | 000,655,712 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Connection Manager\UpdateDog\ouc.exe -- (Connection Manager. RunOuc)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011/03/29 09:01:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011/03/29 09:01:20 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/03/14 08:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe)
SRV - [2010/11/20 04:21:38 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/08/20 18:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005/03/09 19:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/13 14:36:06 | 000,050,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2013/04/04 13:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/25 13:41:46 | 000,076,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2013/02/24 22:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/08 00:52:06 | 000,077,040 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2012/11/08 00:42:06 | 000,249,584 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 18:38:17 | 000,422,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb)
DRV:64bit: - [2011/09/08 20:51:01 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/08/16 02:17:45 | 000,223,232 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/06/27 00:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/03/31 18:32:00 | 001,424,944 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/21 15:11:04 | 000,097,552 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/13 03:24:25 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/03 03:43:13 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/26 18:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010/06/22 18:31:11 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/16 16:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/03/19 21:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/01/15 13:23:20 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/01/15 13:23:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/01/15 13:23:10 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/12/30 09:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/12/14 01:03:49 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/17 16:11:59 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/20 02:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 13:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 14:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/04/07 14:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/05/23 17:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011/09/07 08:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/02 16:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://oldschool.run...oldschool_index
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\32.0.1700.72\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Owner\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Assassin's Creed IV Black Flag = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance\1.2_0\
CHR - Extension: Google Drive = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Adblock Plus = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Ghostery = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0\
CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/07 17:03:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [FLxHCIm] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Users\Owner\Downloads\utorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus....k_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14BAB037-E4DB-4DCA-AFAF-BAC70FDDCAAE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{354C7317-E5EB-4BC6-8116-EA4F4B63A03E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA7F80C5-12E4-4120-B3EF-DB4C39BF6503}: NameServer = 209.91.107.11 209.121.225.11
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/07 17:37:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/07 17:03:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/06 17:49:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/06 00:07:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Broadcom
[2014/01/06 00:05:20 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2014/01/05 20:16:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Cheat Tables
[2014/01/05 15:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GhostMouse
[2014/01/05 15:30:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\AutomaticSolution Software
[2014/01/05 15:30:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GhostMouse
[2014/01/02 17:37:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\notes
[2013/12/31 21:58:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\server structures
[2013/12/31 14:01:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\mods for hekkit
[2013/12/20 16:04:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\Jarod Speight Iphone Picutres
[2013/12/19 18:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 30 Days ==========

[2014/01/07 18:36:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/07 18:32:41 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/07 18:32:41 | 000,014,816 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/07 18:24:06 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/07 18:23:43 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2014/01/07 18:23:41 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2014/01/07 18:23:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/07 18:22:39 | 2129,526,783 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/07 18:14:51 | 000,987,410 | ---- | M] () -- C:\Users\Owner\Desktop\SecurityCheck.exe
[2014/01/07 18:07:20 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/07 18:06:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000UA.job
[2014/01/07 17:14:47 | 000,002,365 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2014/01/07 17:08:25 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2014/01/07 17:03:59 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/01/07 16:43:04 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000UA.job
[2014/01/06 18:04:33 | 000,000,044 | ---- | M] () -- C:\Users\Owner\jagex_cl_oldschool_LIVE.dat
[2014/01/06 17:44:11 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000Core.job
[2014/01/06 01:43:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3655729246-1999482135-2326276757-1000Core.job
[2014/01/06 00:05:47 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/01/05 15:30:29 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\GhostMouse Free.lnk
[2014/01/05 12:00:43 | 000,780,196 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/05 12:00:43 | 000,665,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/05 12:00:43 | 000,125,906 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/30 15:24:45 | 002,304,092 | ---- | M] () -- C:\Users\Owner\Desktop\TechnicLauncher.exe
[2013/12/30 13:20:32 | 000,000,044 | ---- | M] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2013/12/20 16:21:56 | 000,001,484 | ---- | M] () -- C:\Users\Owner\.recently-used.xbel
[2013/12/20 11:14:51 | 000,301,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/19 21:03:28 | 000,283,032 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

========== Files Created - No Company Name ==========

[2014/01/07 18:11:54 | 000,987,410 | ---- | C] () -- C:\Users\Owner\Desktop\SecurityCheck.exe
[2014/01/06 00:05:29 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/01/05 15:30:29 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\GhostMouse Free.lnk
[2013/12/20 16:21:56 | 000,001,484 | ---- | C] () -- C:\Users\Owner\.recently-used.xbel
[2013/12/05 19:28:43 | 000,000,011 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\win.dat
[2013/07/09 17:25:38 | 000,000,044 | ---- | C] () -- C:\Users\Owner\jagex_cl_oldschool_LIVE.dat
[2013/06/29 16:27:38 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
[2012/06/26 18:35:55 | 000,000,049 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE_BETA.dat
[2012/05/06 13:41:09 | 000,000,037 | ---- | C] () -- C:\Users\Owner\.gtk-bookmarks
[2012/05/06 12:52:18 | 000,000,163 | ---- | C] () -- C:\Users\Owner\.gtkrc-2.0
[2012/04/18 18:56:05 | 000,008,192 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/09 13:26:05 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012/04/01 12:39:52 | 000,000,000 | ---- | C] () -- C:\Users\Owner\dementhium_runescape_preferences.dat
[2012/03/18 15:41:00 | 000,000,004 | ---- | C] () -- C:\Users\Owner\cache.dat
[2012/02/12 12:02:03 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/12/11 14:51:59 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE2.dat
[2011/11/06 13:42:13 | 000,000,024 | R--- | C] () -- C:\Users\Owner\random.dat
[2011/11/06 10:15:08 | 000,000,045 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE1.dat
[2011/10/25 19:05:15 | 000,000,044 | ---- | C] () -- C:\Users\Owner\jagex_cl_runescape_LIVE.dat
[2011/08/09 13:59:12 | 000,000,034 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\RSBot_Accounts.ini
[2011/06/22 22:56:55 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\winscp.rnd
[2011/06/20 15:22:15 | 000,000,024 | ---- | C] () -- C:\Users\Owner\jagexappletviewer.preferences
[2011/06/15 20:40:42 | 000,000,129 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences2.dat
[2011/06/15 20:37:53 | 000,000,037 | ---- | C] () -- C:\Users\Owner\jagex_runescape_preferences.dat
[2011/03/29 08:33:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/06 21:14:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.minecraft
[2012/06/06 16:00:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.Nitrous
[2013/12/31 12:20:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.technic
[2012/05/24 13:19:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\.techniclauncher
[2012/04/09 13:21:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Asus WebStorage
[2013/06/12 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DiskAid
[2012/04/09 13:19:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EeeStorageUploader
[2012/02/19 09:44:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Garmin
[2013/07/01 19:53:24 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\gtk-2.0
[2012/04/08 21:23:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\IObit
[2012/05/19 13:17:29 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MotioninJoy
[2013/12/30 15:36:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mumble
[2012/04/21 12:43:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nico Mak Computing
[2012/04/01 20:12:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Notepad++
[2011/09/26 15:29:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nuance
[2012/01/26 18:31:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
[2012/04/25 11:57:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2012/06/26 19:41:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\redsn0w
[2011/08/11 17:15:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Research In Motion
[2013/11/24 01:53:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SoftGrid Client
[2012/04/09 13:28:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Synaptics
[2012/04/09 13:06:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SystemRequirementsLab
[2012/04/09 11:17:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TeamViewer
[2012/04/09 13:20:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\temp
[2011/12/11 16:50:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TP
[2013/07/28 07:32:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Trine2
[2013/08/01 10:37:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2013/07/22 17:49:28 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\X-Chat 2
[2011/09/26 15:29:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Zeon

========== Purity Check ==========



< End of report >




# AdwCleaner v3.016 - Report created 06/01/2014 at 17:58:24
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - JAROD
# Running from : C:\Users\Owner\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Vid-Saver
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Owner\AppData\Local\apn
Folder Deleted : C:\Users\Owner\AppData\Local\eSupport.com
Folder Deleted : C:\Users\Owner\AppData\Local\Vid-Saver
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Owner\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_logosmartz-logo-maker-software_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_logosmartz-logo-maker-software_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\systweak
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7729 octets] - [06/01/2014 17:49:33]
AdwCleaner[S0].txt - [7490 octets] - [06/01/2014 17:58:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7550 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Owner on 07/01/2014 at 17:37:08.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{00762707-CD2E-4678-86A9-71999080B6CC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{011A75DD-D887-4115-934D-FC7F27C6419A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{016B9B43-704D-45F1-8A8E-52C11E630B78}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{024417E8-6408-4672-865D-0E336D5F15E3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{03CE019D-50EB-4614-81F6-9406B83FBA6F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{03E05A3A-8A93-4BF8-9E77-C23EB1BC3CC7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{04815B05-1602-460E-910B-055A80771C27}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0488AF84-F38A-4F4F-9C46-93A5D6F82DB1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{04B6EEA9-428A-43D8-A0AC-DF0531F9AF63}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{05F0AE41-651C-48A6-A3A1-D1F362B563A9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{08BCC7CA-1C57-4EE1-A915-77C1E0E318CD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{096EAE68-161C-4FC0-BEF5-3CD10C0C2567}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0A5AFC74-F71C-40F9-BD60-2F9FA48E5603}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0AF436B6-7286-456F-B739-B03C727C1BD8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0B636FA4-CFE0-4406-8D72-B341DE552035}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0B8D4A87-7CF0-4EC9-A4F4-6EAFC9E6D731}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0BA31405-B434-4FB5-9E18-2EBA0F3B32B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0BBAABA9-E14A-4545-9C44-B5E5BF9AA6CA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0BE5CFDA-10EB-4C34-ADDD-2AE7A4604BFE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0CC450E5-B12C-4CE8-A390-0F0992A4924D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0DBC9DCD-230A-4150-8D67-D368B070D644}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0E7AF07B-0816-446C-8A82-94185820CDBF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0ECB070A-D375-495A-A0E6-F72272CEA71A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0FBCFE85-D456-4E7D-B3B4-1E649D8C53BB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{125B0E4E-63E2-4579-AE18-4DD4BF8CE745}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{132BF5A1-A4AE-4B70-9B40-65B85CE6BD83}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{134898D4-7286-4691-9C54-1B551FD3E7E4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1390061C-D482-486F-A977-9AD5C419552E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{14B526DB-B18F-4AAC-B255-445520518D7C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1543E6DF-1B57-4060-9906-F31994ABC4D0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{15C4B9C4-3316-4DEF-9B28-5CE796C21963}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{15D778B0-333B-4832-8148-235E04F65F84}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{16054C88-52C0-47AC-A192-4EBFB018E35E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{16FEC48F-4A67-4E48-93EA-94269F31AFE1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{170B583C-597C-4375-846D-9EA6B3AD0207}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{189BC9BD-DD31-4477-9F7A-30F257DE822F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18D3BB1F-400D-49C7-90D1-03EF9989A8B6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{19684717-A17B-4334-8833-168A4B081642}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1AB4CB0C-FDF8-43B7-9B68-90D9D63F1CD6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1ACCED10-82A2-440D-A1C6-DBC61FAF3572}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1AFA2365-B190-4CB2-94D2-FDE1BB520322}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1BFD20A0-52F0-4A0A-97E8-55154D2C8827}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1C58139A-D05D-4045-89BF-6C47E9CD755D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1CB909DB-4AF4-426C-BAD2-3BB0D34146E7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1D0AE1D5-9132-4513-BEB3-E2F4488CFE53}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1D778F0F-A9F5-4100-86CC-228C266AE37B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1DA87710-80B2-4F5A-AE23-F954C9CEDFED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1EC22214-45B4-407C-BD3C-2213A275E217}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1F1B0B2F-3F33-461B-9D7B-237ABB7A5030}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1FE1F875-F395-4BD6-85A7-44A385E015B7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{202410AB-3B2C-4DDD-BC16-0D7E2BB6A7DA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{20AAEC46-61C1-4B80-AA9D-D8B2670CC08A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2374776D-197E-411E-BE72-A8161D8CC0F5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{245B9990-8F75-4190-8C6B-E3E593177B83}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{24C4C897-DEBA-4F6D-B70E-BF7C7E963110}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{26B8402A-70E4-416B-A83A-E08E4F447747}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{27AC646B-D3EF-48A5-A039-D18F5885909A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{292FF212-928E-4CB0-B691-40478C4A24EF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{29704C4D-1D5E-484E-B04F-27B35A31E56D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{297ED13A-1D53-4508-81A9-41DD218836E3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{29C78FB1-96C1-4F68-B7F0-DC32581296EE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{29CDC090-D01F-4182-A2ED-18234E63313E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2A3F8903-2F84-4BD0-BE4F-189BA52217D6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2AD324A3-0A7B-4729-9B03-A389EB1B7452}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2B1C7CFE-5363-4E03-BB3E-6AD64C7FBAA6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2BB40F73-6093-40DC-BA28-B78CCFD0571E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2C7E31E1-B4D2-4936-B516-BE9CB88072AA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2E5667D9-E372-4BAF-B82D-E1954C0E8B4A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2E93492C-F653-4359-9E07-ABC5E2D17C35}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2EBAC49F-F67C-403B-B84F-C93574FDC4AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2FC5BCB6-04C9-4499-9824-42BECDE31AFB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2FE484E6-4C03-423C-9811-6C0918B5B3AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{303E7DFD-6730-4EE9-B2A6-E395FD10C761}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{31A23FD2-8C86-46AE-BFB2-18EA34EDE0A6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{31C7C9D5-1E63-45C9-B64D-2498A59F137E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{36BFB7DA-4A44-4F18-A03E-C8449A2A0FD8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3703F845-C9C1-428C-98D9-92A98B300B29}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{37542003-6667-4321-9DB2-F43FF20C620A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{37A12E07-EB1B-4068-A171-32847AEE5E6D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{38052FD0-176E-4C1C-A6D1-924E4137EBB9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{38FBD907-77BF-4166-A1F0-9B8A7ECCB761}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3BB5FF1C-1EE7-4193-8B3C-73E12F8F8EED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3D312706-4CAC-4525-B8FA-AA8402231FFD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3F9A7020-6131-4286-867F-D279515D8B30}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{41849C02-8E64-4252-9B8C-BCA66C4D8D51}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{41E838F6-8850-47CD-B0A5-CFB9B18F8F59}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{427ED68A-DD73-40C3-926E-C8F74F62E75A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{42C911AB-0521-42C2-A2E9-ECA076132371}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{433573C5-4B0B-4E1B-8C29-9F58F3E7660D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{44C374E6-06FD-4E46-97E1-446002FE6D24}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4534477D-544D-49FB-BF83-36D2D6DF5BF9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{454FCEA0-A672-4FF3-9D8E-7742D3A430B1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{458AC7CE-B38E-41FC-ABB4-21B112F7E8E3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{45DB12FE-9047-4F62-8359-DFDE634F5B77}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4601A29B-D8DB-45B3-B7FB-714BDCD4BE7B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{46D60C02-037C-4D81-A160-6A44D55091E1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{46E5E52E-9D6B-454F-9A79-3C673AAAEE92}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4703905A-C274-4BC7-8AF2-2E390FFB0D49}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4777B270-CE94-4F24-B50F-6FF459090529}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{47C35394-9334-439E-98AF-B17473088975}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{480B39E4-FF36-4723-8058-E5203835BC74}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4AEB2E0C-4292-4F7E-8B6D-E6A1C9CA651B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4C1B6272-F868-4E8C-99A8-4B16855D322E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4C8955D3-B0FF-4037-82DE-04C56A3F6C66}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E1154AF-ADAC-44A4-8DD7-EA259E318A36}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4EC16D3E-BB53-4A6D-8809-A01071D23E62}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4EEE26D8-9318-4F8F-9336-AFB02CDB6769}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{50BC21B3-7DE8-4CD1-9DB7-F6DB05B89658}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{515511D7-D5C3-4DE8-9D09-177D73402EB3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5221FF6A-86A1-4EA5-9CCF-E83B26225041}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{53D3CDAD-E94A-4616-A14E-3D11CE2F01A5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{53F77E97-91FF-43C0-B7DE-EA88EBE3B2F5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{559AE6A5-6B8F-41EC-BDC3-68CE58E0E8E5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{55EFD0BF-74B5-4516-A250-CDCCF9D9D20A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{56121F13-3789-4DEA-B576-2B5F6ACEC17C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{57024393-E56C-4E0D-87F6-1505282F1AEC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{57D01803-4173-44F1-A644-DD45AFCA16A5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{587E0D73-72A2-4F4A-AE4D-65FBF90363B7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{589DB0E6-E7A6-4712-82D7-3911392E8456}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5962BC82-ECA1-496E-AAC8-3523A38AAE29}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5969AFC1-2D79-4F13-BB1B-2CB1F7617F78}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5A8ADF40-3E8E-44D5-8D79-C0AB3D6384AA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5B3C7F87-21A6-48E3-8612-3FF8A36E7E10}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5B7BB992-533C-4BFB-86A1-E837FFFC9BED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5B7D57AB-319A-40E1-9388-9260EB5F2FAF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5BB13275-90C0-41DF-8AAE-1D43B0F9684B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5CB1B8D1-2DC0-41E1-B47E-364B127D32F5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5CCE9D31-E04A-4E8F-8FB7-9EB4018A12F2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5CE25CF1-20A0-4C29-8FC7-851AF6961365}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D01B0D9-5C0C-4EA2-8CAE-BDF58FFF210C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D3D4ECF-71C8-47EE-8FAE-58AB774B3745}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5E61AFAD-5D39-4823-910B-4839DD1225E6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5F9FDB3B-35B3-44AB-8CD9-EA4B2138B2BF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5FA4C296-AB58-4903-9B27-DD6839AC31CE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5FEBBA24-C83F-41ED-9FB2-AED3D7C73B62}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6025108E-35F3-4A04-948F-4641505A72C3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{63125FA3-B23B-4D4B-8671-4BB3639DA855}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6631340B-9BB2-496E-B393-33185C996A62}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{663D8B20-D975-49E0-8495-967D9F5C02B5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6641E628-8C7C-4234-A78E-86757CB89EE8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6662421D-FAAB-4D4D-A303-E529CDC71595}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{66F333B0-B63E-402F-85DF-04D0300E2C66}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{672D84E3-3BF3-4E58-94D5-28E99DED632B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{679678AF-7C5E-40C0-9653-83A8661DA001}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{67F9F61F-D254-43BE-A8FF-3E9C70BFB27E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68B66F97-8CA9-472A-A1A7-FD9365018D8B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68EF23EF-D8A8-48E1-B5E3-68A4424B3BFB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{69EAEDB9-3BCB-4179-9A04-2D1921644E2C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A5AE747-FEE5-4375-877B-87BFA2AC2109}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6BD8435C-B939-4C10-8493-AD3D7DAE7493}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C6EDDF5-D9BA-4D05-AB65-C5566C73B743}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6D15FD64-B5E1-45F8-91F4-0D86656FB5A3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6EFAD8B4-0F01-4637-9660-E2CDC9E10369}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6F2F3B1D-112E-431B-B17E-B85CA02DB81D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7051D438-CBAE-4B5E-8115-84E0218CA9B0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{70A8F644-22D4-4B1D-8A6F-21D10F4F6242}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{712DB145-4CB6-490E-A969-1CA9FC88517B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{713FB4DB-DBFE-46F5-BE6F-2574A7D0D8F6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{71C52DC8-F54E-47AC-A3BA-65C4292E7544}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{72E1883F-5FEB-4C48-AF49-D6259954FF44}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7319B3D9-90F5-4381-8ED1-9D4777B39CC6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{747C9BC0-01C4-4CBD-9210-D59DB800F98C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{75BFB774-3D3E-4933-AC9D-F43DEE45908A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{77CE6832-6D01-495D-AD53-DE1D0888C8A0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{79615C67-9F65-4401-9211-631FBA33DAE2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7C6DF33A-A4B2-47DB-A81E-15B2566D0704}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7EAF6C5E-783C-49A2-BF8E-065F2A64FA91}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7F2FD2EC-AC3B-48C6-8032-F66E2F315540}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8048AA63-99A9-4332-A9F8-060A292572A2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{80FA0209-6A65-4223-8B8D-B57E0029DC47}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{83078F4E-D764-4AFA-8708-2590BA6C0802}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{84C747A7-2DA1-4189-8B4D-D07E08FB027C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8628119D-4EF8-4F0F-9ADB-2FC144F224ED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{874CFF28-DDE1-474F-888B-FC7788FC9027}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{877E42CD-1F45-47CD-ADFA-8D3AC6039271}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{87C8C82F-B5AD-41A3-8D70-2F602FF3CFE0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{884596D9-A02A-4460-B84A-243AEEE9BD8D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{88A1395E-AEB5-4C0E-A5BD-C0AC734DD31A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8A1A7CF7-144B-4078-96C6-548B6789F9AE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8A84846F-A129-49E5-BD2B-95950B4B269B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8B22867B-5D4A-42D8-A3AB-0899FEF0AEE4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8B720F65-D7AF-4CE5-8B9E-641E9EBD463C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8C55449A-AD34-46AC-957E-32435A5FC69B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8CE0EDD6-79F9-47F4-8205-94F99F45F603}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8CE4AF6E-5E12-49B1-A908-44AA0452BC8E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8D5C20AC-6A6A-459E-824C-CF08F1D3DD3F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8E76B5F9-9DA1-4475-B7D1-1CC2B4B9F971}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8F93A768-BB77-490F-89FA-14E46BD276E6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9072C7DD-32AC-45AB-8F83-8186EB15937E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9233B8C6-60D3-45C9-85C5-EEFF393382D6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9345F9E3-BF41-40D7-BEAD-FFF81FB2464D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{936346B0-C118-4C72-99BC-16D6030204C5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95CA2135-DB80-41EC-9C9B-935E607B7859}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95CECC05-FB54-4E32-BEAD-B3A59C9E4184}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{96B83A0B-0477-4269-A7D2-DD7FEF9325FF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{972A146B-2D04-4C79-A4B4-9E044429B00A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9830EAE9-1CD4-4F3F-A9A2-22B5BAA491FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{98DDE965-EFCA-48F4-9564-D7553EB6A2D6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{99AD8428-6B72-4DD8-A4C3-3B5D63CE429B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{99CB70B7-9272-4199-88DE-335668C9BE99}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9A14BBFC-405B-4E56-8D25-AC70DE551DEB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9AED0E2F-FD78-406D-9069-7D684B4CA88B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9B9E42BB-8CAB-415C-9247-66E537D3182C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9BD42D01-5B7F-45F2-BDB7-055DAD05BC4B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9C4F28DA-6D0E-4F82-837D-5B57E9ED0C6C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9CEE99E3-C795-4727-9152-F25866D46B9E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9E80221F-2577-4B03-B1E0-7942F845E78D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9EE8BF8F-08E4-4521-AE1C-822CAEAB97A7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9EF1425C-87C4-4F43-A64C-CBABBD4D74E9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A0A22A0F-1D30-4257-ABD4-89921B790AA9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A0C1120F-ECCE-42E8-8F4B-92E8EFD3D332}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A3250A6E-6BDC-4832-9335-C643306C0003}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A33D7AB9-803D-4F21-9E8A-060347F6AD9A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A36F8F0F-CE37-4539-A144-F59824EAFBCF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A3C989CD-622E-4FD4-B2D9-7FD241978B2B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A3E03A55-B086-4DDD-9558-7C4F2B214133}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A3FF44F4-63CC-483B-981F-84B40F848BE3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A4A89313-4261-40B6-BC83-1E3E68D0E030}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A532BB5C-1282-4DCF-81DB-69B74E0166F3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A55A8E0B-D1A8-4506-B2E7-2A56FE09B0B5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A6A5D0D1-3C8B-4E84-86E2-7EFDF5851166}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A762742C-46F3-41CC-9E3F-4CE9C885DDDD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A7CC3AA5-4E98-44A6-B6EE-73162B7F440D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A7D75FFD-7DF9-410D-850F-027BCF710CA9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A82CA289-56E5-4A33-A9E8-084809B33A12}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A8805B75-408B-4372-AC31-8A1B39D3364E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{ABFFBDA8-6B3C-4A13-AAB4-EAD4A88BA212}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AC1E4EEB-0300-49BA-955C-311A4171BB97}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{ADEA7AB7-92ED-444D-B909-83CEF3C5507C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AE1E799D-7F5B-4606-B834-B5CBA64FB434}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AE360E52-5964-4BEC-94F2-FFBB19E456DA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AEA18BD1-397E-4F99-9C9E-3E45DA2E72B0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AFD0AECB-84BE-4104-BBFB-9CE717F79C42}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B03E491B-3F7D-4724-863D-5E6D727127D1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B0877746-88B6-4607-A82A-FBA9EB75D678}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B20DECD2-2D2E-4A06-A4E5-FCD7F91AB866}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B2464E5C-CCA5-4ED8-89AA-32FEDC82125A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B3E96BC4-837E-47D8-ACDE-FB355BC2D926}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B4A59AA6-4682-4B35-B918-0B4777874984}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B4B1BB9E-6038-4B90-8FCE-7AEE01F65BC5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B50058DD-2202-45CC-852A-A8BCACA4E906}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B55A430F-BB34-4422-B41A-4DAB0FBF6341}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B577C96E-7CDD-47F9-81A4-B2D9EA45FD28}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B782FF76-02E9-493D-BC50-A011CAA7C990}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7861C7E-E40A-4A1E-8750-D0618890576F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B78F1325-341C-4F72-A317-5F7C76A35824}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7AC0C64-AC22-405B-9DB7-CE0515A3595E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7C28D43-EFE1-403D-ABB0-596DFE6FE131}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B87F79F9-070E-4156-9C55-160D9F56E9CE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BAAB514A-56AA-496C-9568-5FA631A1DE2B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD83D64D-A70E-44AD-8C26-DAB76D87D930}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BE4A4925-6FA3-4567-9F8D-7A7AE662C91E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BF3B17BD-B8DE-4EDC-BE14-03629B861595}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C0B8FF04-0DA2-4E5C-AB84-A4C909FEAC5A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C126F4DF-A5DC-442F-B329-1DCEA7C6A4B8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C163B07A-E149-4715-B8E4-15D3159F5462}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C20A0A63-1E82-45B9-85B6-E08B225BB328}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C3547968-E679-40FF-9618-24772B76CD1C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C37DD550-1200-4A19-B34E-EEF48BBC5408}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C3B64782-71E8-4998-B49A-F88CC0FB3603}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C5697F72-CC57-4E88-810F-F8DAAB28256B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C6716CF6-E59E-4820-90A6-7115BFA3542C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C6BE5FD9-9FE0-4BD4-B9D5-693276254511}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C80C8479-B08E-4420-8E7C-64CE10B27990}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C9407D63-44E1-4E33-A96B-64C7D28E52DF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CACBBDFB-AA38-443F-9D99-4D24E4882CC9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CAFE0B3E-BA17-4F3B-9A0E-C6DD0B7ED211}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CBC1851E-AFC1-4C23-A9D4-EE981867CB8C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CBCD8F8B-EFAC-445C-AD37-8841812CC40F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE837015-6386-470C-9538-CA4D9BA5AE7E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CEB83B5C-8DD0-4804-8399-7CF9BE6335A8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CEE7E316-03C5-42E2-8341-E3B76F7E599F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CF4F8670-C5A1-4219-89CF-CF493127EF83}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CFF02DD4-BBE9-4750-9E6B-593D92656BAB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D03DCB0D-21ED-439B-A6CE-C0ED1AAC2BDF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D076A3AC-3BEE-4343-ACA7-7353F71AA0E4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D13131B5-813B-4AE5-8686-CBE760C2A8C1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D1BB2ABA-AEF1-4208-BFD9-6A9883044B78}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D2EE2727-F523-48DC-A0FA-B5DE9D79BA8B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D4111D14-A3E1-42A5-A2DC-90FF125BB1BA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D6BFEE94-88BC-41BF-B75A-370889419013}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D6C7FEAD-C48F-4197-BC92-A95B195DB896}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D7CD5CC1-7728-42D8-BC23-29C2F4ADDDBD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D7F5933C-67DE-42B0-A5D2-28255E981F9A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D82AA18C-2633-4A26-877C-D3DC136338F0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DAF68CE7-FC9C-4B95-A643-02696B219936}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DB7B509A-8916-42CA-952A-104A719B758D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DBAD7CE8-BCDB-4966-B94D-47DEDA510A0E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DC59B4EE-03D0-45B1-B931-75E0BB6591FA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DCACBDBF-0B74-4CEF-8885-73F2677F1640}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DCAE0F44-7BBE-4A37-88D9-BA60F1F1AEE5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE80E2FA-FC91-4AC7-894E-CC77801D5B90}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE877056-1923-40D4-82CF-0AD0EDB1E161}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DF12188A-38B8-45B1-B663-37B937CC4369}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DF2A6989-50AE-4C17-9010-67C7C0D968E0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DFE97AFC-1052-49E7-B653-1F8D54513703}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E0876684-1281-45A0-87E8-48707C7E7C63}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E10D8974-B128-4422-997D-1B620628920C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E1E85587-B616-48BB-B1E4-99F66B758663}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E26C3BB1-AEF2-4CEB-87EF-E050D83A9F2C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E3920A6D-2778-4EE5-ADE8-670D26BE58C7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E4876B44-F859-432C-A2E7-A56A7F81F7E5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E4ED0CD8-B9A2-453B-9B60-CF76CF014C49}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E58B8CD5-8101-4CA7-8C16-95010BDBE12B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E5B21E2C-DD2A-42F6-8228-5ECCABBAE966}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E63A1E7E-F820-49BF-A2F8-DA11D2D715A6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E6966E5E-F96A-4485-80E3-8B56507687C4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E7965722-D254-483D-8DDE-3721F0DD6851}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E8297ACF-DCCC-47D6-A304-3BA4C408047A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E8B7BF5E-073F-42A2-AFBF-5E90CFE9A1DA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EA593BA7-B232-4906-8499-67963379AF73}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EE1CD957-DFAC-410F-AE46-1ADAA5018F7E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EE546457-E0EC-4BF6-AEBA-D5C271A753E8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EED54E8A-C828-42B5-8340-1A761403F167}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EFAA4E28-A7BC-4A9F-B865-7E0E1B76BF20}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F06A85DE-3562-4D4C-8D2B-A6F4AA1EB533}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F11F3E9B-F116-4A53-B1F4-BF10D07B6AEC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F1A5AE06-E29C-4B90-8705-603670D75232}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F1EC3F63-E5A2-4698-8281-80D121F1D9FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F2555392-9B18-400B-B2E5-4B542005CB8C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F2C515BD-F2FC-4F68-AA06-38F0E80B29DB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F32394D8-DF95-4624-A6C8-5408882DFCD7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F38E2F94-14BA-4249-82FE-9C6B654D9C6D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F39B49D0-8A67-4CF7-98BE-9489DD36C1A0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F520DF52-2EB9-41FA-BB69-8FBFD0013FC1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F5EFFEC5-4BDA-49AD-83F4-649B97BE92B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F5FEBAED-6773-41C2-A141-488E6CF5629C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F81603CD-A809-471B-A896-020BDB091E56}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F8D6AF91-7412-48E2-AACD-654B42AC12E3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F9E768B7-2846-4F26-93A6-43EF7522BF69}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FA60A82B-0AAB-416B-AAA8-8F2E5C2861D6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FA875236-3EC3-4D62-BDA2-03E98793ABFC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB239535-E7BF-4EBF-80E3-696F43225AD1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB71B575-7DCA-4D68-9D04-642FE44A8F8D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB9D7EBA-8633-4BE7-831C-B3E3BB4243CD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBAAECB5-3C38-45C6-A6B6-B05798A11F8E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBB7D0D0-701D-4717-9DF4-459B45CE694D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBEF9F8B-1321-4038-9CBA-367850631387}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FC84FB4B-AF6B-4299-A896-26DB388175C0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FFB53ABA-3075-483D-9CDE-C9749B9E578A}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/01/2014 at 17:42:37.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







Results of screen317's Security Check version 0.99.78
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java™ 6 Update 31
Java version out of Date!
Adobe Flash Player 11.9.900.170
Google Chrome 31.0.1650.63
Google Chrome 32.0.1700.72
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Connection Manager OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````


My computer has been running better less lag on startup and such.
As for Java when will I be able to reinstall Java I usually play games requiring java such as minecraft.

Edited by Spruce_9, 07 January 2014 - 07:55 PM.

  • 0

Advertisements

#11
zep516
Posted 07 January 2014 - 08:37 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
OK.

Thanks for the reports, I'll review them and we will start to clean up, so stick with me till the end.

I don't think it's going to hurt to install Java if you need it.

Get Java---> https://www.java.com/en/

***Note: Un-Check any pre-checked software before downloading Java, sometimes it includes things, so remove the check mark from those items or item.

I'll be back with you, Tomorrow with additional instructions.

Thanks
Joe :)
  • 0

#12
zep516
Posted 09 January 2014 - 05:00 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Sorry for delay,

Hello Spruce_9,

Almost done...

Next

Just a few left overs to clean up

  • Double click on the Posted Image to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :COMMANDS
[createrestorepoint]

:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll File not found
O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O1364bit: - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

:commands
[emptytemp]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files

Next

ESET Online Scanner Remember to right click and "Run as Adminstrator."

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the Posted Image icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt").
  • Copy and paste that log as a reply to this topic.
  • Now click on: Posted Image
    (Selecting Uninstall application on close if you so wish)
  • OTL Fix Log Located here--> C:\_OTL\Moved Files
  • OTL.txt After quick scan.
  • Eset Log report

Thanks
Joe :)
  • 0

#13
Spruce_9
Posted 09 January 2014 - 11:15 PM

Spruce_9

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
hey thanks going on vacation tomorrow ill try to do this before i leave for the night!
  • 0

#14
Dakeyras
Posted 14 January 2014 - 03:14 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#15
Dakeyras
Posted 18 January 2014 - 02:38 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Topic re-opened per OP's request...
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP