Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HJT LOG - Had malware on my computer so I need reassurance that its go

Started by KiwiProbie , Jan 06 2014 01:38 AM

This topic is locked

#1
KiwiProbie

Posted 06 January 2014 - 01:38 AM

Member

Member
464 posts

Ok so here is the story, I had malware on my laptop, and I used AVG, Spybot sd, and Malware bytes. I am sure that I removed it and i have checked my HJT logs from what I know and so far it seems good. I just need an expert to double check this and hopefully get back to me about it, so with out futher ado, here is my HJT Log (I might have put notes next to some so you know what I did my self and not sure of):

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:25:17 PM, on 06 January 2014
Platform: Windows 8.1 <-- My windows version that I'm using
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Users\[bleep]\Documents\HJT\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank <- not sure and cannot remember what to do with this one
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank <- not sure and cannot remember what to do with this one
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank <- not sure and cannot remember what to do with this one
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = <- not sure and cannot remember what to do with this one and not sure if that was part of Search Protection
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = <- not sure and cannot remember what to do with this one and not sure if that was part of Search Protection
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SoundFrost - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\PROGRA~2\DOWNLO~1\SOUNDF~1.DLL (disabled by BHODemon) <- I want this gone
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [AppEx Accelerator UI] "C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present <- I placed this
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present <- I placed this
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) <- not sure and cannot remember what to do with this one
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) <- not sure and cannot remember what to do with this one
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)<- not sure what to do with this one at all
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) <- not sure what to do
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) <- not sure what to do
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) <- not sure what to do
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) <- not sure what to do
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) <- not sure what to do
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) <- not sure what to do
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) <- not sure what to do
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) <- not sure what to do
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) <- not sure what to do
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) <- not sure what to do as I dont use windows Defender
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8440 bytes

#2
Pyxis

Posted 06 January 2014 - 04:52 AM

Trusted Helper

Malware Removal
1,228 posts

Greetings,

Welcome to Geeks to Go--the friendliest online community dedicated to the sole goal of helping people from all around the world!

I am Pyxis and I will be assisting you with the problem at hand. Whilst I am taking the time to analyse your set of provided logs, I would like to stress the following reminders:

I am a student that is currently undergoing training. As such, my responses have to be checked by a professional before I present them to you to ensure you get the best quality help. If you deem I have overlooked your thread, which is in a matter of more than 24 hours, please send me a PM and I will get back to you shortly.
It is important that you do not install anything unless asked while the process is ongoing. Doing so may hinder or even complicate the cleaning of your system. You will get the chance to install things as you would like after the process has been completed.
Ensure you take extra caution to precisely follow my instructions. It is important that you only use the tools I have asked you to. The instructions for your computer are unique and should therefore only apply to your system.

I hope you keep in mind these reminders. I will be right back with a full response! :thumbsup:

Thank you.

Step 1

If you haven't already, download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.
Simply double-click the program icon to run it. It will ask for administrator privileges.
Ensure that the following settings are followed. Make sure all other windows are closed and let it run uninterrupted.
Click Run Scan.
After a short while, two Notepad windows will appear, named OTL.txt and Extras.txt. Alternatively, you can also find these at your desktop.
Copy and paste (CTRL + A and CTRL + C) the content of these logs in your next reply.

Logs to Post

In summary of the above, I will need you to post the following log(s):

Extras.txt (OTL)
OTL.txt (OTL)

#3
KiwiProbie

Posted 06 January 2014 - 11:50 AM

Member

Topic Starter
Member
464 posts

OTL logfile created on: 07 January 2014 6:30:51 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\[bleep]\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: dd MMMM yyyy

3.44 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 56.89% Memory free
4.13 Gb Paging File | 2.17 Gb Available in Paging File | 52.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.48 Gb Total Space | 404.54 Gb Free Space | 90.00% Space Free | Partition Type: NTFS

Computer Name: KIWI | User Name: Tony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014 01 07 06:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\[bleep]\Desktop\OTL.exe
PRC - [2014 01 06 21:37:04 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014 01 06 21:37:04 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013 12 31 09:09:58 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013 12 17 23:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2013 12 06 08:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013 11 10 23:52:12 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE
PRC - [2013 10 15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013 09 20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013 09 06 03:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013 07 25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

========== Modules (No Company Name) ==========

MOD - [2014 01 06 21:37:10 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013 12 06 08:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013 05 16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013 05 16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

========== Services (SafeList) ==========

SRV:64bit: - [2014 01 06 21:37:04 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014 01 01 16:04:19 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013 12 13 10:23:32 | 000,239,616 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013 11 14 20:29:02 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013 11 14 20:29:02 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013 11 14 20:29:01 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013 11 14 20:28:59 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013 11 14 20:25:27 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013 11 14 20:25:27 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013 11 14 20:25:26 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013 11 14 20:25:26 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013 11 02 00:48:44 | 001,907,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013 10 30 23:27:00 | 000,042,808 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013 08 23 01:32:01 | 000,346,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2013 08 23 01:32:00 | 000,023,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013 08 23 01:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013 08 23 00:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013 08 23 00:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013 08 23 00:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013 08 23 00:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013 08 23 00:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013 08 22 23:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013 08 22 23:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013 08 22 23:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013 08 22 23:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013 08 22 22:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013 08 22 22:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013 08 22 22:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013 08 22 22:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013 08 22 22:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013 08 22 22:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013 08 22 22:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013 08 22 22:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013 08 22 22:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013 08 22 22:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013 08 22 22:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013 08 22 22:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013 05 01 12:16:28 | 000,470,056 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2013 04 26 13:04:46 | 000,431,656 | ---- | M] (Acer Incorporate) [Disabled | Stopped] -- C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe -- (LMSvc)
SRV:64bit: - [2013 03 15 18:00:12 | 000,662,088 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2013 12 17 23:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013 12 12 11:30:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013 12 06 08:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013 11 14 20:25:25 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013 11 10 23:52:12 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013 11 10 23:52:12 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BBSvc.EXE -- (BBSvc)
SRV - [2013 11 01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013 10 30 23:27:06 | 002,099,000 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013 10 30 23:27:00 | 000,035,640 | ---- | M] (AVG) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2013 09 06 03:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013 08 23 01:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013 08 22 16:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013 08 22 15:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013 04 15 14:25:28 | 000,228,480 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013 02 27 17:21:30 | 002,615,368 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014 01 06 21:37:56 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014 01 06 21:37:15 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014 01 06 21:37:15 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014 01 06 21:37:15 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014 01 06 21:37:15 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014 01 06 21:37:15 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014 01 06 21:37:14 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014 01 01 16:04:19 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014 01 01 16:04:19 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014 01 01 16:04:19 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014 01 01 16:04:19 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014 01 01 16:04:19 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013 12 13 10:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013 12 13 10:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013 11 14 20:28:58 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013 11 14 20:25:25 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013 11 14 20:25:25 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013 11 14 20:25:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013 11 14 20:23:24 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013 11 14 20:16:57 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013 11 14 20:16:54 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013 10 14 22:32:10 | 000,583,272 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013 08 23 02:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013 08 23 02:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013 08 23 01:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013 08 23 01:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013 08 23 01:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013 08 23 01:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013 08 23 01:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013 08 23 01:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013 08 23 01:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013 08 23 01:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013 08 23 01:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013 08 23 01:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013 08 23 01:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013 08 23 01:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013 08 23 01:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013 08 23 01:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013 08 23 01:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013 08 23 01:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013 08 23 01:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013 08 23 01:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013 08 23 01:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013 08 23 01:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013 08 23 01:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013 08 23 01:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013 08 23 01:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013 08 23 01:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013 08 23 01:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013 08 23 01:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013 08 23 01:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013 08 23 01:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013 08 23 01:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013 08 23 01:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013 08 23 01:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013 08 23 01:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013 08 23 01:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013 08 23 01:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013 08 23 01:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013 08 23 01:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013 08 23 00:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013 08 23 00:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013 08 23 00:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013 08 23 00:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013 08 23 00:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013 08 23 00:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013 08 23 00:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013 08 23 00:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013 08 23 00:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013 08 23 00:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013 08 23 00:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013 08 23 00:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013 08 23 00:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013 08 23 00:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013 08 23 00:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013 08 23 00:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013 08 23 00:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013 08 23 00:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013 08 23 00:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013 08 23 00:36:37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013 08 23 00:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013 08 23 00:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013 08 23 00:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013 08 23 00:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013 08 22 21:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013 08 13 12:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013 08 10 13:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013 07 31 07:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013 07 26 08:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013 06 19 03:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013 06 19 03:44:59 | 000,129,224 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2013 05 22 18:51:48 | 000,377,160 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013 04 24 00:38:24 | 000,098,744 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013 04 18 10:04:28 | 000,219,360 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2013 04 15 14:06:14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013 04 15 14:06:14 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013 04 15 14:06:14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013 04 15 14:06:12 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013 04 15 14:06:12 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013 04 15 14:06:12 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013 04 15 14:06:12 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013 02 21 14:44:56 | 000,029,616 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\klelam.sys -- (klelam)
DRV:64bit: - [2013 01 10 16:23:14 | 000,021,360 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMDriver.sys -- (LMDriver)
DRV:64bit: - [2013 01 10 16:23:14 | 000,015,704 | ---- | M] (Acer Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RadioShim.sys -- (RadioShim)
DRV:64bit: - [2012 12 01 12:40:16 | 000,048,760 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrsd.sys -- (AthrSdSrv)
DRV:64bit: - [2012 08 29 01:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV - [2013 09 18 11:14:34 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes\{E53253FE-7978-4462-9030-6C812CF4E7B8}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7BF53C93F1-07D5-430c-86D4-C9531B27DFAF%7D:1.0.0.2
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014 01 06 21:37:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Download Free Music\SoundFrost.xpi [2014 01 02 08:46:20 | 000,033,761 | ---- | M] ()

[2013 12 11 18:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\[bleep]\AppData\Roaming\mozilla\Extensions
[2014 01 04 14:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\[bleep]\AppData\Roaming\mozilla\Firefox\Profiles\e2ko4i4s.default\extensions
[2014 01 02 22:20:49 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\Users\[bleep]\AppData\Roaming\mozilla\Firefox\Profiles\e2ko4i4s.default\extensions\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}
[2014 01 04 14:15:01 | 000,446,395 | ---- | M] () (No name found) -- C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi
[2013 12 11 18:27:28 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014 01 02 11:23:26 | 000,007,911 | ---- | M] () -- C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\searchplugins\Google.xml
[2013 12 11 18:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013 12 11 18:23:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014 01 06 21:37:19 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2014 01 05 17:54:04 | 000,450,639 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2:64bit: - BHO: (SoundFrost) - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\Program Files (x86)\Download Free Music\SoundFrost64.dll (SoundFrost Company)
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SoundFrost) - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\Program Files (x86)\Download Free Music\SoundFrost.dll (SoundFrost Company)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (AppEx Networks Corporation)
O4 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SafeModeBlockNonAdmins = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7F9D1C9A-BA0B-4580-94E3-FB3B2EFFC36C}: DhcpNameServer = 10.1.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6707874-2CED-42E3-A0AD-F251A6F504EE}: DhcpNameServer = 10.1.1.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\acpanel_win.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\updater.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\acpanel_win.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\updater.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014 01 07 06:29:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\[bleep]\Desktop\OTL.exe
[2014 01 06 21:38:25 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\AVAST Software
[2014 01 06 21:38:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014 01 06 21:37:22 | 001,034,464 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014 01 06 21:37:22 | 000,422,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014 01 06 21:37:22 | 000,092,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014 01 06 21:37:22 | 000,079,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys
[2014 01 06 21:37:22 | 000,078,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014 01 06 21:37:20 | 000,334,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014 01 06 21:37:12 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014 01 06 21:35:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014 01 06 20:59:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014 01 06 19:33:23 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Opera Software
[2014 01 06 19:33:22 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Opera Software
[2014 01 06 16:58:31 | 000,029,496 | ---- | C] (AVG) -- C:\WINDOWS\SysNative\authuitu.dll
[2014 01 06 16:58:30 | 000,025,400 | ---- | C] (AVG) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014 01 06 16:58:25 | 000,042,808 | ---- | C] (AVG) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014 01 06 16:58:24 | 000,035,640 | ---- | C] (AVG) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014 01 06 16:52:18 | 000,040,248 | ---- | C] (AVG) -- C:\WINDOWS\SysNative\TURegOpt.exe
[2014 01 06 16:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2014 01 06 14:20:30 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\ProcAlyzer Dumps
[2014 01 06 13:18:16 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Malwarebytes
[2014 01 06 13:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014 01 06 12:54:25 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\skydrive-2014-01-05
[2014 01 05 16:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014 01 05 16:14:39 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\SysNative\sdnclean64.exe
[2014 01 05 16:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014 01 05 16:14:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014 01 05 09:02:01 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Searches
[2014 01 05 09:00:06 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Favorites
[2014 01 05 08:56:42 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Remove and Add User Switching
[2014 01 03 22:43:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2014 01 03 16:23:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Origin
[2014 01 03 16:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014 01 03 15:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\iWin
[2014 01 03 13:57:35 | 000,000,000 | ---D | C] -- C:\Games
[2014 01 03 13:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PogoDGC
[2014 01 03 12:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PassShow
[2014 01 03 08:11:13 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Security
[2014 01 02 21:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014 01 02 21:47:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysWow64\Microsoft
[2014 01 02 21:00:06 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014 01 02 20:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014 01 02 20:14:02 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014 01 02 11:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2014 01 02 11:33:26 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Anti-Malware
[2014 01 02 11:11:27 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\eCyber
[2014 01 02 10:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014 01 02 10:55:26 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2014 01 02 10:55:26 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSSTDFMT.DLL
[2014 01 02 10:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2014 01 02 08:46:17 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Users\[bleep]\AppData\Local\msvcr100.dll
[2014 01 02 08:46:16 | 008,581,632 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\[bleep]\AppData\Local\QtGui4.dll
[2014 01 02 08:46:16 | 002,598,912 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\[bleep]\AppData\Local\QtCore4.dll
[2014 01 02 08:46:16 | 001,053,696 | ---- | C] (Digia Plc and/or its subsidiary(-ies)) -- C:\Users\[bleep]\AppData\Local\QtNetwork4.dll
[2014 01 02 08:46:16 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Users\[bleep]\AppData\Local\msvcp100.dll
[2014 01 02 08:46:16 | 000,274,432 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\[bleep]\AppData\Local\ssleay32.dll
[2014 01 02 08:46:15 | 001,122,304 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Users\[bleep]\AppData\Local\libeay32.dll
[2014 01 02 08:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Download Free Music
[2014 01 02 08:41:07 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\SoulseekQt
[2014 01 02 00:36:15 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Fax
[2014 01 02 00:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2014 01 01 21:25:49 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\ElevatedDiagnostics
[2014 01 01 17:51:13 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\WINDOWS\SysWow64\wbocx.ocx
[2014 01 01 17:51:13 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unicows.dll
[2014 01 01 17:51:13 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\WINDOWS\SysWow64\wbhelp2.dll
[2014 01 01 17:51:13 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\WINDOWS\SysWow64\anim.dll
[2014 01 01 17:51:13 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\W95INF32.DLL
[2014 01 01 17:51:13 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\W95INF16.DLL
[2014 01 01 17:50:06 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\cache
[2014 01 01 17:50:03 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Mobogenie
[2014 01 01 17:50:03 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\genienext
[2014 01 01 17:40:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2014 01 01 17:40:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014 01 01 16:08:21 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014 01 01 16:08:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014 01 01 16:06:56 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014 01 01 16:06:40 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014 01 01 16:06:40 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014 01 01 16:06:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014 01 01 16:06:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014 01 01 16:06:23 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014 01 01 16:06:23 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014 01 01 16:06:23 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014 01 01 16:05:40 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014 01 01 16:05:40 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014 01 01 16:05:40 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014 01 01 16:05:40 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014 01 01 16:05:40 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014 01 01 16:05:40 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014 01 01 16:04:47 | 004,105,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014 01 01 16:04:47 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014 01 01 16:04:19 | 013,177,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014 01 01 16:04:19 | 011,674,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014 01 01 16:04:19 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014 01 01 16:04:19 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014 01 01 16:04:19 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014 01 01 16:04:19 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014 01 01 16:04:19 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014 01 01 16:04:19 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014 01 01 16:04:19 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014 01 01 16:04:19 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014 01 01 16:04:19 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014 01 01 16:04:19 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014 01 01 16:04:19 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014 01 01 16:04:19 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014 01 01 16:04:19 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014 01 01 16:04:19 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014 01 01 16:04:19 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014 01 01 16:04:19 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014 01 01 16:04:19 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014 01 01 16:04:19 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014 01 01 16:04:19 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014 01 01 16:04:19 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014 01 01 16:04:19 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014 01 01 16:04:19 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014 01 01 16:04:19 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014 01 01 16:04:19 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014 01 01 16:04:19 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014 01 01 16:04:19 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014 01 01 16:04:19 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014 01 01 16:04:19 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014 01 01 16:04:19 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014 01 01 16:04:19 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014 01 01 16:04:19 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014 01 01 16:04:19 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014 01 01 16:04:19 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014 01 01 16:04:19 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014 01 01 16:04:19 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014 01 01 16:04:19 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014 01 01 16:04:19 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014 01 01 16:04:19 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014 01 01 16:04:19 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014 01 01 16:04:19 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014 01 01 16:04:19 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014 01 01 16:04:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014 01 01 16:04:19 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014 01 01 15:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014 01 01 15:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014 01 01 15:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014 01 01 15:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014 01 01 15:55:30 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014 01 01 15:55:29 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014 01 01 15:55:29 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014 01 01 15:55:28 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014 01 01 15:55:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014 01 01 15:55:27 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2014 01 01 14:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014 01 01 13:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2014 01 01 13:16:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2014 01 01 12:21:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013 12 31 23:49:35 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\TweakNow PowerPack
[2013 12 31 22:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2013 12 31 22:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013 12 31 22:57:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2013 12 31 22:26:41 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\SecurityScans
[2013 12 31 21:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Atheros
[2013 12 31 21:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013 12 31 19:19:59 | 000,000,000 | --SD | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft
[2013 12 31 19:19:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013 12 31 19:19:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Documents
[2013 12 31 19:19:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Desktop
[2013 12 31 19:19:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013 12 31 19:19:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\AppData\Local\Temporary Internet Files
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Templates
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Start Menu
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\SendTo
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Recent
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\PrintHood
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\NetHood
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Documents\My Videos
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Documents\My Pictures
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Documents\My Music
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\My Documents
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Local Settings
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\AppData\Local\History
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Cookies
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\Application Data
[2013 12 31 19:19:59 | 000,000,000 | -HSD | C] -- C:\Users\[bleep]\AppData\Local\Application Data
[2013 12 31 19:19:59 | 000,000,000 | -H-D | C] -- C:\Users\[bleep]\AppData
[2013 12 31 19:19:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Temp
[2013 12 31 19:19:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Microsoft
[2013 12 31 19:19:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013 12 31 19:11:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013 12 31 19:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2013 12 31 19:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013 12 31 19:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013 12 31 19:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2013 12 31 19:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2013 12 31 19:10:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013 12 31 15:52:07 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\QuickScan
[2013 12 26 09:06:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013 12 26 09:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013 12 26 09:04:16 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Google
[2013 12 25 13:18:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\AxInstSV
[2013 12 25 12:59:58 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\SolSuite
[2013 12 25 12:56:34 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2013 12 25 12:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
[2013 12 25 12:56:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SolSuite
[2013 12 25 12:26:30 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\SpinTop
[2013 12 23 08:37:56 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\AVG
[2013 12 23 08:36:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013 12 23 08:36:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013 12 23 08:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Privacyware
[2013 12 23 07:51:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ioloGovernor
[2013 12 23 07:51:15 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\ioloGovernor
[2013 12 23 07:48:25 | 000,000,000 | ---D | C] -- C:\iolo
[2013 12 22 19:23:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Diagnostics
[2013 12 21 17:15:35 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\MusicPlayer
[2013 12 21 09:24:55 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Firewall Backup
[2013 12 21 08:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2013 12 21 08:24:42 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013 12 20 20:43:27 | 000,000,000 | --SD | C] -- C:\Users\[bleep]\Documents\My Data Sources
[2013 12 20 16:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2013 12 20 16:00:47 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\WinZip
[2013 12 20 16:00:34 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2013 12 20 16:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2013 12 20 15:52:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\log
[2013 12 20 15:52:02 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\iSafe
[2013 12 20 10:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\RealVNC
[2013 12 20 10:41:21 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\RealVNC
[2013 12 20 10:05:15 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\HJT
[2013 12 19 20:53:38 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Spotify
[2013 12 19 20:53:38 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Spotify
[2013 12 17 12:10:12 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013 12 17 10:05:27 | 000,000,000 | ---D | C] -- C:\history
[2013 12 17 10:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2013 12 17 10:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013 12 16 19:50:09 | 000,090,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\drivers\klflt.sys
[2013 12 16 14:23:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\TeamViewer
[2013 12 16 13:10:34 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_7.dll
[2013 12 16 13:10:34 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_7.dll
[2013 12 16 13:10:34 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_5.dll
[2013 12 16 13:10:34 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_5.dll
[2013 12 16 13:10:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_7.dll
[2013 12 16 13:10:31 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_7.dll
[2013 12 16 13:10:30 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_43.dll
[2013 12 16 13:10:28 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_43.dll
[2013 12 16 13:10:26 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_43.dll
[2013 12 16 13:10:25 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_43.dll
[2013 12 16 13:10:22 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_43.dll
[2013 12 16 13:10:19 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_6.dll
[2013 12 16 13:10:19 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_6.dll
[2013 12 16 13:10:19 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_4.dll
[2013 12 16 13:10:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_4.dll
[2013 12 16 13:10:17 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_6.dll
[2013 12 16 13:10:17 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_6.dll
[2013 12 16 13:10:14 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_7.dll
[2013 12 16 13:10:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_7.dll
[2013 12 16 13:10:10 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_5.dll
[2013 12 16 13:10:10 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_5.dll
[2013 12 16 13:10:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_5.dll
[2013 12 16 13:10:06 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_5.dll
[2013 12 16 13:10:04 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_42.dll
[2013 12 16 13:10:04 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_42.dll
[2013 12 16 13:10:01 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dcsx_42.dll
[2013 12 16 13:10:01 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dcsx_42.dll
[2013 12 16 13:10:00 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx11_42.dll
[2013 12 16 13:10:00 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx11_42.dll
[2013 12 16 13:09:59 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_42.dll
[2013 12 16 13:09:59 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_42.dll
[2013 12 16 13:09:56 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_42.dll
[2013 12 16 13:09:56 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_42.dll
[2013 12 16 13:09:54 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_41.dll
[2013 12 16 13:09:54 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_41.dll
[2013 12 16 13:09:54 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_41.dll
[2013 12 16 13:09:54 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_41.dll
[2013 12 16 13:09:52 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_41.dll
[2013 12 16 13:09:52 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_41.dll
[2013 12 16 13:09:50 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_4.dll
[2013 12 16 13:09:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_4.dll
[2013 12 16 13:09:50 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_3.dll
[2013 12 16 13:09:50 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_3.dll
[2013 12 16 13:09:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_4.dll
[2013 12 16 13:09:48 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_4.dll
[2013 12 16 13:09:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_6.dll
[2013 12 16 13:09:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_6.dll
[2013 12 16 13:09:43 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_40.dll
[2013 12 16 13:09:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_40.dll
[2013 12 16 13:09:43 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_40.dll
[2013 12 16 13:09:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_40.dll
[2013 12 16 13:09:41 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_40.dll
[2013 12 16 13:09:41 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_40.dll
[2013 12 16 13:09:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_3.dll
[2013 12 16 13:09:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_3.dll
[2013 12 16 13:09:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_2.dll
[2013 12 16 13:09:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_2.dll
[2013 12 16 13:09:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_3.dll
[2013 12 16 13:09:38 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_3.dll
[2013 12 16 13:09:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_5.dll
[2013 12 16 13:09:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_5.dll
[2013 12 16 13:09:33 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_2.dll
[2013 12 16 13:09:33 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_2.dll
[2013 12 16 13:09:33 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_1.dll
[2013 12 16 13:09:33 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_1.dll
[2013 12 16 13:09:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_2.dll
[2013 12 16 13:09:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_2.dll
[2013 12 16 13:09:28 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_39.dll
[2013 12 16 13:09:28 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_39.dll
[2013 12 16 13:09:28 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_39.dll
[2013 12 16 13:09:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_39.dll
[2013 12 16 13:09:24 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_39.dll
[2013 12 16 13:09:24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_39.dll
[2013 12 16 13:09:21 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_1.dll
[2013 12 16 13:09:21 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_1.dll
[2013 12 16 13:09:21 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAPOFX1_0.dll
[2013 12 16 13:09:21 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAPOFX1_0.dll
[2013 12 16 13:09:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_1.dll
[2013 12 16 13:09:19 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_1.dll
[2013 12 16 13:09:17 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_4.dll
[2013 12 16 13:09:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_4.dll
[2013 12 16 13:09:15 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_38.dll
[2013 12 16 13:09:15 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_38.dll
[2013 12 16 13:09:15 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_38.dll
[2013 12 16 13:09:15 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_38.dll
[2013 12 16 13:09:11 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_38.dll
[2013 12 16 13:09:11 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_38.dll
[2013 12 16 13:09:07 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XAudio2_0.dll
[2013 12 16 13:09:07 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XAudio2_0.dll
[2013 12 16 13:09:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine3_0.dll
[2013 12 16 13:09:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine3_0.dll
[2013 12 16 13:09:03 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_3.dll
[2013 12 16 13:09:03 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_3.dll
[2013 12 16 13:09:01 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_37.dll
[2013 12 16 13:09:01 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_37.dll
[2013 12 16 13:09:01 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_37.dll
[2013 12 16 13:09:01 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_37.dll
[2013 12 16 13:08:57 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DX9_37.dll
[2013 12 16 13:08:57 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DX9_37.dll
[2013 12 16 13:08:55 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_10.dll
[2013 12 16 13:08:55 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_10.dll
[2013 12 16 13:08:51 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_36.dll
[2013 12 16 13:08:51 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_36.dll
[2013 12 16 13:08:51 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_36.dll
[2013 12 16 13:08:51 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_36.dll
[2013 12 16 13:08:47 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_36.dll
[2013 12 16 13:08:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_36.dll
[2013 12 16 13:08:44 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll
[2013 12 16 13:08:44 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2013 12 16 13:08:41 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll
[2013 12 16 13:08:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2013 12 16 13:08:40 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll
[2013 12 16 13:08:40 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2013 12 16 13:08:36 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll
[2013 12 16 13:08:36 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2013 12 16 13:08:33 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll
[2013 12 16 13:08:33 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2013 12 16 13:08:33 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\X3DAudio1_2.dll
[2013 12 16 13:08:33 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\X3DAudio1_2.dll
[2013 12 16 13:08:29 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll
[2013 12 16 13:08:29 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2013 12 16 13:08:29 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll
[2013 12 16 13:08:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2013 12 16 13:08:25 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll
[2013 12 16 13:08:25 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2013 12 16 13:08:23 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll
[2013 12 16 13:08:23 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2013 12 16 13:08:19 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll
[2013 12 16 13:08:19 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2013 12 16 13:08:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll
[2013 12 16 13:08:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2013 12 16 13:08:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll
[2013 12 16 13:08:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2013 12 16 13:08:12 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll
[2013 12 16 13:08:12 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2013 12 16 13:08:06 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll
[2013 12 16 13:08:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2013 12 16 13:08:03 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll
[2013 12 16 13:08:03 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2013 12 16 13:08:01 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll
[2013 12 16 13:08:01 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll
[2013 12 16 13:07:59 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2013 12 16 13:07:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2013 12 16 13:07:55 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll
[2013 12 16 13:07:55 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2013 12 16 13:07:55 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll
[2013 12 16 13:07:55 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2013 12 16 13:07:53 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll
[2013 12 16 13:07:53 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2013 12 16 13:07:50 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll
[2013 12 16 13:07:50 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2013 12 16 13:07:46 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll
[2013 12 16 13:07:46 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2013 12 16 13:07:40 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll
[2013 12 16 13:07:40 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2013 12 16 13:07:37 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll
[2013 12 16 13:07:37 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2013 12 16 13:07:33 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll
[2013 12 16 13:07:33 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2013 12 16 13:07:20 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll
[2013 12 16 13:07:20 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2013 12 16 13:07:16 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll
[2013 12 16 13:07:16 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2013 12 16 13:07:15 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll
[2013 12 16 13:07:15 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2013 12 16 13:07:12 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll
[2013 12 16 13:07:12 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2013 12 16 13:07:09 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll
[2013 12 16 13:07:09 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2013 12 16 13:07:06 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll
[2013 12 16 13:07:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2013 12 16 13:07:02 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll
[2013 12 16 13:07:02 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2013 12 16 13:07:00 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll
[2013 12 16 13:07:00 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2013 12 16 13:06:50 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll
[2013 12 16 13:06:50 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2013 12 16 13:05:18 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013 12 16 12:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013 12 16 12:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013 12 16 12:58:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013 12 16 12:58:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013 12 16 12:58:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013 12 16 12:58:27 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013 12 16 12:58:27 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013 12 16 12:58:27 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013 12 16 12:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013 12 16 09:34:45 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Firefox
[2013 12 16 08:36:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\TuneUp Software
[2013 12 16 08:28:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013 12 15 22:00:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013 12 15 21:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013 12 15 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Adobe
[2013 12 15 20:37:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013 12 15 19:28:26 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Unity
[2013 12 15 15:13:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Letters
[2013 12 15 12:23:30 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Law Suit against Kiwibank
[2013 12 14 13:16:17 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Identities
[2013 12 14 10:25:42 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Crap Cleaner backups
[2013 12 14 10:12:44 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\(D8-90-E8-31-E9-05)
[2013 12 14 10:08:09 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Qualcomm Atheros
[2013 12 14 09:26:34 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\AppEx Networks
[2013 12 13 21:37:27 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Win7UI
[2013 12 13 12:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2013 12 13 10:24:06 | 000,129,536 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.dll
[2013 12 13 10:24:06 | 000,099,840 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OpenVideo64.dll
[2013 12 13 10:24:06 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OVDecode64.dll
[2013 12 13 10:24:06 | 000,083,968 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OpenVideo.dll
[2013 12 13 10:24:06 | 000,073,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OVDecode.dll
[2013 12 13 10:23:54 | 008,287,008 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdva.dll
[2013 12 13 10:23:54 | 000,143,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiuxp64.dll
[2013 12 13 10:23:54 | 000,126,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiuxpag.dll
[2013 12 13 10:23:50 | 008,927,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiumd6a.dll
[2013 12 13 10:23:50 | 006,630,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdag.dll
[2013 12 13 10:23:48 | 007,751,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiumd64.dll
[2013 12 13 10:23:46 | 022,157,824 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atioglxx.dll
[2013 12 13 10:23:46 | 000,190,976 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2013 12 13 10:23:46 | 000,115,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiu9p64.dll
[2013 12 13 10:23:46 | 000,098,496 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiu9pag.dll
[2013 12 13 10:23:46 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atisamu64.dll
[2013 12 13 10:23:46 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atisamu32.dll
[2013 12 13 10:23:42 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\ATIODE.exe
[2013 12 13 10:23:42 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\ATIODCLI.exe
[2013 12 13 10:23:40 | 026,352,128 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atio6axx.dll
[2013 12 13 10:23:36 | 013,207,552 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys
[2013 12 13 10:23:36 | 000,626,176 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys
[2013 12 13 10:23:36 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atimpc64.dll
[2013 12 13 10:23:36 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll
[2013 12 13 10:23:36 | 000,031,232 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2013 12 13 10:23:34 | 000,100,352 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6txx.dll
[2013 12 13 10:23:34 | 000,096,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atigktxx.dll
[2013 12 13 10:23:34 | 000,074,752 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6pxx.dll
[2013 12 13 10:23:34 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiglpxx.dll
[2013 12 13 10:23:34 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiglpxx.dll
[2013 12 13 10:23:32 | 009,753,752 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atidxx64.dll
[2013 12 13 10:23:32 | 008,406,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atidxx32.dll
[2013 12 13 10:23:32 | 000,588,288 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2013 12 13 10:23:32 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atidemgy.dll
[2013 12 13 10:23:32 | 000,239,616 | ---- | C] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2013 12 13 10:23:30 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticaldd64.dll
[2013 12 13 10:23:30 | 001,318,552 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\aticfx64.dll
[2013 12 13 10:23:30 | 001,100,216 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\aticfx32.dll
[2013 12 13 10:23:30 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalrt64.dll
[2013 12 13 10:23:30 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalrt.dll
[2013 12 13 10:23:28 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticaldd.dll
[2013 12 13 10:23:28 | 000,368,640 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiapfxx.exe
[2013 12 13 10:23:28 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atibtmon.exe
[2013 12 13 10:23:28 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalcl64.dll
[2013 12 13 10:23:28 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalcl.dll
[2013 12 13 10:23:26 | 001,144,320 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiadlxx.dll
[2013 12 13 10:23:26 | 000,825,344 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll
[2013 12 13 10:23:26 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdpcom64.dll
[2013 12 13 10:23:26 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll
[2013 12 13 10:23:26 | 000,063,488 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2013 12 13 10:23:26 | 000,057,344 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2013 12 13 10:23:26 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\ati2erec.dll
[2013 12 13 10:23:24 | 029,382,144 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\amdocl64.dll
[2013 12 13 10:23:20 | 024,860,160 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\amdocl.dll
[2013 12 13 10:23:14 | 000,157,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\amdhcp64.dll
[2013 12 13 10:23:14 | 000,142,304 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\amdhcp32.dll
[2013 12 13 10:23:14 | 000,096,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdave64.dll
[2013 12 13 10:23:14 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdave32.dll
[2013 12 13 09:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GameHouse
[2013 12 13 08:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013 12 13 08:32:53 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2013 12 13 08:32:53 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2013 12 13 08:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2013 12 13 08:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2013 12 13 08:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameHouse
[2013 12 13 08:03:10 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\WinRAR
[2013 12 13 06:38:33 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\CyberLink
[2013 12 13 06:38:18 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Software
[2013 12 13 06:38:18 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\CyberLink
[2013 12 13 06:38:15 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Cyberlink
[2013 12 12 19:09:18 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Nero_AG
[2013 12 12 19:06:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Nero
[2013 12 12 17:37:18 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Custom Office Templates
[2013 12 12 15:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\TreeCardGames
[2013 12 12 14:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Pokki
[2013 12 12 13:12:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\TreeCardGames
[2013 12 12 11:35:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013 12 12 11:35:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013 12 12 11:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013 12 12 11:31:32 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Macromedia
[2013 12 12 11:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013 12 12 11:27:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013 12 12 11:27:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013 12 12 11:26:51 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Adobe
[2013 12 12 11:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kyodai Mahjongg 2006
[2013 12 12 11:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kyodai Mahjongg 2006
[2013 12 12 11:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire
[2013 12 12 11:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\123 Free Solitaire
[2013 12 12 10:44:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\CrashDumps
[2013 12 12 08:42:24 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Microsoft Help
[2013 12 12 00:57:05 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\FrostWire
[2013 12 12 00:57:03 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\.frostwire5
[2013 12 12 00:43:16 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\ATI
[2013 12 12 00:43:16 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\ATI
[2013 12 12 00:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013 12 12 00:30:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\BMExplorer
[2013 12 12 00:28:49 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Bluetooth Folder
[2013 12 12 00:02:32 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Text Tones
[2013 12 11 23:42:02 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\CV
[2013 12 11 23:40:25 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\Documents\Mobile Backups
[2013 12 11 23:29:24 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\WildTangent
[2013 12 11 23:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013 12 11 23:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013 12 11 23:25:02 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Winamp
[2013 12 11 23:25:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013 12 11 23:22:06 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\CrashRpt
[2013 12 11 23:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013 12 11 23:19:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2013 12 11 23:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrostWire 5
[2013 12 11 23:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
[2013 12 11 23:16:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free
[2013 12 11 23:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013 12 11 23:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013 12 11 23:15:56 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Programs
[2013 12 11 23:00:36 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\PicStream
[2013 12 11 23:00:03 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\clear.fi
[2013 12 11 18:27:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SkyDrive
[2013 12 11 18:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013 12 11 18:23:46 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Mozilla
[2013 12 11 18:23:46 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Mozilla
[2013 12 11 18:23:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013 12 11 18:23:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013 12 11 18:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013 12 11 18:20:33 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Macromedia
[2013 12 11 18:18:54 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Apps
[2013 12 11 18:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013 12 11 18:17:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2013 12 11 17:55:07 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_YAHOO
[2013 12 11 17:55:01 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Atheros
[2013 12 11 17:54:36 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013 12 11 17:54:36 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Contacts
[2013 12 11 17:54:36 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013 12 11 17:54:36 | 000,000,000 | -H-D | C] -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013 12 11 17:54:34 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Roaming\Adobe
[2013 12 11 17:53:17 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\VirtualStore
[2013 12 11 17:53:08 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Packages
[2013 12 11 17:52:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Videos
[2013 12 11 17:52:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Pictures
[2013 12 11 17:52:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Music
[2013 12 11 17:52:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Links
[2013 12 11 17:52:59 | 000,000,000 | R--D | C] -- C:\Users\[bleep]\Downloads
[2013 12 11 17:52:59 | 000,000,000 | ---D | C] -- C:\Users\[bleep]\AppData\Local\Pokki
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014 01 07 06:29:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\[bleep]\Desktop\OTL.exe
[2014 01 07 06:21:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014 01 07 06:15:03 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014 01 07 06:10:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014 01 07 06:08:56 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014 01 06 22:40:31 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014 01 06 22:40:29 | 2956,984,320 | -HS- | M] () -- C:\hiberfil.sys
[2014 01 06 21:37:56 | 000,079,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswstm.sys
[2014 01 06 21:37:15 | 001,034,464 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2014 01 06 21:37:15 | 000,422,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2014 01 06 21:37:15 | 000,334,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2014 01 06 21:37:15 | 000,207,904 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014 01 06 21:37:15 | 000,078,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2014 01 06 21:37:15 | 000,065,776 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014 01 06 21:37:14 | 000,092,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2014 01 06 21:37:12 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014 01 06 18:41:20 | 000,474,904 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014 01 06 17:40:18 | 000,074,703 | ---- | M] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2014 01 05 18:24:04 | 000,000,046 | ---- | M] () -- C:\WINDOWS\SysWow64\_WKERNEL.SYL
[2014 01 05 17:54:04 | 000,450,639 | R--- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2014 01 05 14:24:29 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014 01 05 14:24:29 | 000,731,650 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014 01 05 14:24:29 | 000,135,726 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014 01 03 23:54:05 | 000,000,948 | ---- | M] () -- C:\Users\[bleep]\AppData\Roaming\burnaware.ini
[2014 01 03 23:00:17 | 000,189,248 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014 01 03 23:00:12 | 000,189,248 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014 01 03 23:00:09 | 000,075,136 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2014 01 02 16:17:13 | 000,000,856 | RHS- | M] () -- C:\Users\[bleep]\ntuser.pol
[2014 01 01 16:06:56 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014 01 01 16:06:40 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014 01 01 16:06:40 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014 01 01 16:06:32 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014 01 01 16:06:32 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014 01 01 16:06:23 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014 01 01 16:06:23 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014 01 01 16:06:23 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014 01 01 16:05:40 | 005,769,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014 01 01 16:05:40 | 001,995,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014 01 01 16:05:40 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014 01 01 16:05:40 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014 01 01 16:05:40 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014 01 01 16:05:40 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014 01 01 16:04:47 | 004,105,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014 01 01 16:04:47 | 000,568,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014 01 01 16:04:19 | 013,177,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014 01 01 16:04:19 | 011,674,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014 01 01 16:04:19 | 007,399,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014 01 01 16:04:19 | 002,896,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014 01 01 16:04:19 | 002,570,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014 01 01 16:04:19 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014 01 01 16:04:19 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014 01 01 16:04:19 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014 01 01 16:04:19 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014 01 01 16:04:19 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014 01 01 16:04:19 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014 01 01 16:04:19 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014 01 01 16:04:19 | 001,756,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014 01 01 16:04:19 | 001,642,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014 01 01 16:04:19 | 001,506,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014 01 01 16:04:19 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014 01 01 16:04:19 | 001,391,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014 01 01 16:04:19 | 001,345,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014 01 01 16:04:19 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014 01 01 16:04:19 | 000,922,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014 01 01 16:04:19 | 000,840,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014 01 01 16:04:19 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014 01 01 16:04:19 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014 01 01 16:04:19 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014 01 01 16:04:19 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014 01 01 16:04:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014 01 01 16:04:19 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014 01 01 16:04:19 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014 01 01 16:04:19 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014 01 01 16:04:19 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014 01 01 16:04:19 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014 01 01 16:04:19 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014 01 01 16:04:19 | 000,358,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014 01 01 16:04:19 | 000,325,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014 01 01 16:04:19 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014 01 01 16:04:19 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014 01 01 16:04:19 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014 01 01 16:04:19 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014 01 01 16:04:19 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014 01 01 16:04:19 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014 01 01 16:04:19 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014 01 01 16:04:19 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014 01 01 16:04:19 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014 01 01 16:04:19 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014 01 01 16:04:19 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014 01 01 14:01:06 | 000,097,045 | ---- | M] () -- C:\ProgramData\1388538030.bdinstall.bin
[2014 01 01 14:00:29 | 000,036,560 | ---- | M] () -- C:\ProgramData\1388538020.bdinstall.bin
[2014 01 01 13:52:01 | 000,082,125 | ---- | M] () -- C:\ProgramData\1388537449.bdinstall.bin
[2014 01 01 13:21:27 | 000,115,752 | ---- | M] () -- C:\ProgramData\1388535413.bdinstall.bin
[2014 01 01 12:22:08 | 000,033,129 | ---- | M] () -- C:\ProgramData\1388531897.bdinstall.bin
[2014 01 01 12:00:14 | 000,000,824 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts.20140105-175404.backup
[2014 01 01 11:15:40 | 000,000,497 | ---- | M] () -- C:\Users\[bleep]\Desktop\Firewall.lnk
[2013 12 31 19:57:47 | 000,059,058 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2013 12 31 19:57:47 | 000,059,058 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2013 12 31 19:56:52 | 000,022,744 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013 12 31 19:11:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013 12 31 19:11:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2013 12 23 09:08:24 | 000,000,028 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013 12 23 07:56:09 | 000,000,406 | ---- | M] () -- C:\WINDOWS\SysNative\ioloBootDefrag.cfg
[2013 12 20 17:50:51 | 000,001,056 | ---- | M] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013 12 17 09:25:31 | 000,000,569 | -H-- | M] () -- C:\WINDOWS\SysWow64\BTImages.dat
[2013 12 16 12:57:56 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013 12 16 12:57:54 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013 12 16 12:57:54 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013 12 16 12:57:54 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013 12 15 08:12:16 | 000,000,000 | -H-- | M] () -- C:\Users\[bleep]\Documents\Default.rdp
[2013 12 14 09:20:11 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013 12 13 13:34:40 | 000,000,493 | ---- | M] () -- C:\Users\[bleep]\Desktop\Windows Update.lnk
[2013 12 13 10:24:06 | 000,230,912 | ---- | M] () -- C:\WINDOWS\SysNative\clinfo.exe
[2013 12 13 10:24:06 | 000,129,536 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\coinst_13.251.dll
[2013 12 13 10:24:06 | 000,099,840 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OpenVideo64.dll
[2013 12 13 10:24:06 | 000,086,528 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\OVDecode64.dll
[2013 12 13 10:24:06 | 000,083,968 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OpenVideo.dll
[2013 12 13 10:24:06 | 000,073,728 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\OVDecode.dll
[2013 12 13 10:23:56 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013 12 13 10:23:56 | 000,204,952 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2013 12 13 10:23:54 | 008,287,008 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdva.dll
[2013 12 13 10:23:54 | 000,234,036 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2013 12 13 10:23:54 | 000,233,776 | ---- | M] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2013 12 13 10:23:54 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013 12 13 10:23:54 | 000,157,144 | ---- | M] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2013 12 13 10:23:54 | 000,143,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiuxp64.dll
[2013 12 13 10:23:54 | 000,126,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiuxpag.dll
[2013 12 13 10:23:54 | 000,083,552 | ---- | M] () -- C:\WINDOWS\SysNative\ativce02.dat
[2013 12 13 10:23:52 | 003,461,040 | ---- | M] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2013 12 13 10:23:50 | 008,927,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiumd6a.dll
[2013 12 13 10:23:50 | 006,630,232 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiumdag.dll
[2013 12 13 10:23:48 | 007,751,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiumd64.dll
[2013 12 13 10:23:48 | 003,426,688 | ---- | M] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2013 12 13 10:23:46 | 022,157,824 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atioglxx.dll
[2013 12 13 10:23:46 | 000,190,976 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atitmm64.dll
[2013 12 13 10:23:46 | 000,115,512 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiu9p64.dll
[2013 12 13 10:23:46 | 000,098,496 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiu9pag.dll
[2013 12 13 10:23:46 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atisamu64.dll
[2013 12 13 10:23:46 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atisamu32.dll
[2013 12 13 10:23:46 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013 12 13 10:23:46 | 000,003,917 | ---- | M] () -- C:\WINDOWS\SysNative\atipblag.dat
[2013 12 13 10:23:42 | 000,332,800 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\ATIODE.exe
[2013 12 13 10:23:42 | 000,051,200 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\ATIODCLI.exe
[2013 12 13 10:23:42 | 000,047,887 | ---- | M] () -- C:\WINDOWS\atiogl.xml
[2013 12 13 10:23:40 | 026,352,128 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atio6axx.dll
[2013 12 13 10:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys
[2013 12 13 10:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys
[2013 12 13 10:23:36 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atimpc64.dll
[2013 12 13 10:23:36 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atimpc32.dll
[2013 12 13 10:23:36 | 000,031,232 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atimuixx.dll
[2013 12 13 10:23:34 | 000,721,296 | ---- | M] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2013 12 13 10:23:34 | 000,100,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6txx.dll
[2013 12 13 10:23:34 | 000,096,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atigktxx.dll
[2013 12 13 10:23:34 | 000,074,752 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atig6pxx.dll
[2013 12 13 10:23:34 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atiglpxx.dll
[2013 12 13 10:23:34 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atiglpxx.dll
[2013 12 13 10:23:32 | 009,753,752 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\atidxx64.dll
[2013 12 13 10:23:32 | 008,406,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\atidxx32.dll
[2013 12 13 10:23:32 | 000,588,288 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atieclxx.exe
[2013 12 13 10:23:32 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atidemgy.dll
[2013 12 13 10:23:32 | 000,239,616 | ---- | M] (AMD) -- C:\WINDOWS\SysNative\atiesrxx.exe
[2013 12 13 10:23:30 | 015,716,352 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticaldd64.dll
[2013 12 13 10:23:30 | 001,318,552 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\aticfx64.dll
[2013 12 13 10:23:30 | 001,100,216 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\aticfx32.dll
[2013 12 13 10:23:30 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalrt64.dll
[2013 12 13 10:23:30 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalrt.dll
[2013 12 13 10:23:28 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticaldd.dll
[2013 12 13 10:23:28 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiapfxx.exe
[2013 12 13 10:23:28 | 000,118,784 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atibtmon.exe
[2013 12 13 10:23:28 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\aticalcl64.dll
[2013 12 13 10:23:28 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\aticalcl.dll
[2013 12 13 10:23:26 | 001,144,320 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\atiadlxx.dll
[2013 12 13 10:23:26 | 000,825,344 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\atiadlxy.dll
[2013 12 13 10:23:26 | 000,550,456 | ---- | M] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2013 12 13 10:23:26 | 000,550,456 | ---- | M] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2013 12 13 10:23:26 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdpcom64.dll
[2013 12 13 10:23:26 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdpcom32.dll
[2013 12 13 10:23:26 | 000,063,488 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2013 12 13 10:23:26 | 000,057,344 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2013 12 13 10:23:26 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\ati2erec.dll
[2013 12 13 10:23:24 | 029,382,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysNative\amdocl64.dll
[2013 12 13 10:23:24 | 001,187,342 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2013 12 13 10:23:24 | 001,061,902 | ---- | M] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2013 12 13 10:23:24 | 000,995,342 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013 12 13 10:23:24 | 000,798,734 | ---- | M] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013 12 13 10:23:20 | 024,860,160 | ---- | M] (Advanced Micro Devices Inc.) -- C:\WINDOWS\SysWow64\amdocl.dll
[2013 12 13 10:23:16 | 000,412,672 | ---- | M] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2013 12 13 10:23:16 | 000,134,656 | ---- | M] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2013 12 13 10:23:14 | 000,157,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\amdhcp64.dll
[2013 12 13 10:23:14 | 000,142,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysWow64\amdhcp32.dll
[2013 12 13 10:23:14 | 000,123,392 | ---- | M] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013 12 13 10:23:14 | 000,096,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysNative\amdave64.dll
[2013 12 13 10:23:14 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\SysWow64\amdave32.dll
[2013 12 13 09:04:43 | 000,168,111 | ---- | M] () -- C:\MyXML.xml
[2013 12 12 16:17:52 | 000,000,489 | ---- | M] () -- C:\Users\[bleep]\Desktop\User Accounts.lnk
[2013 12 12 16:17:46 | 000,000,489 | ---- | M] () -- C:\Users\[bleep]\Desktop\Family Safety.lnk
[2013 12 12 07:36:45 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013 12 12 01:04:30 | 000,000,017 | ---- | M] () -- C:\Users\[bleep]\AppData\Local\resmon.resmoncfg
[2013 12 11 23:45:15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013 12 11 23:26:18 | 000,001,007 | ---- | M] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013 12 11 23:19:54 | 000,001,249 | ---- | M] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.lnk
[2013 12 11 18:13:55 | 000,001,428 | ---- | M] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013 12 11 18:13:55 | 000,000,223 | -HS- | M] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014 01 06 21:37:22 | 000,207,904 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2014 01 06 21:37:22 | 000,065,776 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2014 01 06 18:41:07 | 000,474,904 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014 01 06 17:40:17 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2014 01 06 16:51:49 | 000,002,231 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2014 01 05 16:14:47 | 000,001,407 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014 01 03 23:00:12 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2014 01 03 23:00:12 | 000,189,248 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.ex0
[2014 01 03 23:00:09 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2014 01 01 17:51:55 | 000,000,046 | ---- | C] () -- C:\WINDOWS\SysWow64\_WKERNEL.SYL
[2014 01 01 17:51:12 | 000,000,439 | ---- | C] () -- C:\WINDOWS\SysWow64\shfolder.inf
[2014 01 01 14:01:06 | 000,097,045 | ---- | C] () -- C:\ProgramData\1388538030.bdinstall.bin
[2014 01 01 14:00:29 | 000,036,560 | ---- | C] () -- C:\ProgramData\1388538020.bdinstall.bin
[2014 01 01 13:52:01 | 000,082,125 | ---- | C] () -- C:\ProgramData\1388537449.bdinstall.bin
[2014 01 01 13:21:27 | 000,115,752 | ---- | C] () -- C:\ProgramData\1388535413.bdinstall.bin
[2014 01 01 12:22:03 | 000,033,129 | ---- | C] () -- C:\ProgramData\1388531897.bdinstall.bin
[2014 01 01 11:15:40 | 000,000,497 | ---- | C] () -- C:\Users\[bleep]\Desktop\Firewall.lnk
[2013 12 31 20:10:43 | 000,001,446 | ---- | C] () -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013 12 31 20:10:22 | 000,000,856 | RHS- | C] () -- C:\Users\[bleep]\ntuser.pol
[2013 12 31 19:56:52 | 000,022,744 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2013 12 31 19:30:28 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013 12 31 19:19:59 | 000,000,352 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013 12 31 19:19:59 | 000,000,334 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013 12 31 19:17:40 | 000,059,058 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2013 12 31 19:17:40 | 000,059,058 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2013 12 31 19:11:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013 12 31 19:11:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2013 12 26 09:04:32 | 000,000,904 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013 12 26 09:04:31 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013 12 25 12:56:34 | 000,000,919 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk
[2013 12 23 08:34:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013 12 23 07:56:09 | 000,000,406 | ---- | C] () -- C:\WINDOWS\SysNative\ioloBootDefrag.cfg
[2013 12 20 17:50:51 | 000,001,056 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013 12 19 21:11:55 | 000,000,357 | ---- | C] () -- C:\Users\[bleep]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
[2013 12 17 09:25:31 | 000,000,569 | -H-- | C] () -- C:\WINDOWS\SysWow64\BTImages.dat
[2013 12 15 08:12:16 | 000,000,000 | -H-- | C] () -- C:\Users\[bleep]\Documents\Default.rdp
[2013 12 14 09:20:11 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013 12 13 13:34:40 | 000,000,493 | ---- | C] () -- C:\Users\[bleep]\Desktop\Windows Update.lnk
[2013 12 13 10:24:06 | 000,230,912 | ---- | C] () -- C:\WINDOWS\SysNative\clinfo.exe
[2013 12 13 10:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013 12 13 10:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsvl.dat
[2013 12 13 10:23:54 | 000,234,036 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik.dat
[2013 12 13 10:23:54 | 000,233,776 | ---- | C] () -- C:\WINDOWS\SysNative\ativvaxy_cik_nd.dat
[2013 12 13 10:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013 12 13 10:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysNative\ativvsva.dat
[2013 12 13 10:23:54 | 000,083,552 | ---- | C] () -- C:\WINDOWS\SysNative\ativce02.dat
[2013 12 13 10:23:52 | 003,461,040 | ---- | C] () -- C:\WINDOWS\SysWow64\atiumdva.cap
[2013 12 13 10:23:48 | 003,426,688 | ---- | C] () -- C:\WINDOWS\SysNative\atiumd6a.cap
[2013 12 13 10:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013 12 13 10:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysNative\atipblag.dat
[2013 12 13 10:23:42 | 000,047,887 | ---- | C] () -- C:\WINDOWS\atiogl.xml
[2013 12 13 10:23:34 | 000,721,296 | ---- | C] () -- C:\WINDOWS\SysNative\atiicdxx.dat
[2013 12 13 10:23:26 | 000,550,456 | ---- | C] () -- C:\WINDOWS\SysWow64\atiapfxx.blb
[2013 12 13 10:23:26 | 000,550,456 | ---- | C] () -- C:\WINDOWS\SysNative\atiapfxx.blb
[2013 12 13 10:23:24 | 001,187,342 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_as64.exe
[2013 12 13 10:23:24 | 001,061,902 | ---- | C] () -- C:\WINDOWS\SysNative\amdocl_ld64.exe
[2013 12 13 10:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013 12 13 10:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013 12 13 10:23:16 | 000,412,672 | ---- | C] () -- C:\WINDOWS\SysNative\amdmiracast.dll
[2013 12 13 10:23:16 | 000,134,656 | ---- | C] () -- C:\WINDOWS\SysNative\amdhdl64.dll
[2013 12 13 10:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013 12 13 08:37:51 | 000,168,111 | ---- | C] () -- C:\MyXML.xml
[2013 12 12 16:17:52 | 000,000,489 | ---- | C] () -- C:\Users\[bleep]\Desktop\User Accounts.lnk
[2013 12 12 16:17:46 | 000,000,489 | ---- | C] () -- C:\Users\[bleep]\Desktop\Family Safety.lnk
[2013 12 12 11:36:22 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013 12 12 11:30:23 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013 12 12 11:19:35 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire.lnk
[2013 12 12 07:36:45 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013 12 12 01:04:30 | 000,000,017 | ---- | C] () -- C:\Users\[bleep]\AppData\Local\resmon.resmoncfg
[2013 12 11 23:45:15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013 12 11 23:26:18 | 000,001,007 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2013 12 11 23:20:06 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2013 12 11 23:19:54 | 000,001,249 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.lnk
[2013 12 11 23:18:10 | 000,000,948 | ---- | C] () -- C:\Users\[bleep]\AppData\Roaming\burnaware.ini
[2013 12 11 18:23:39 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013 12 11 18:13:55 | 000,001,428 | ---- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013 12 11 17:52:59 | 000,000,223 | -HS- | C] () -- C:\Users\[bleep]\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini
[2013 08 23 04:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013 08 23 04:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013 08 23 03:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013 08 22 20:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013 08 22 16:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013 08 22 16:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013 08 22 12:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013 08 22 12:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012 11 27 04:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013 11 14 20:38:19 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013 11 14 20:38:19 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013 08 22 22:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013 08 22 15:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013 08 22 22:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

#4
KiwiProbie

Posted 06 January 2014 - 12:01 PM

Member

Topic Starter
Member
464 posts

OTL Extras logfile created on: 07 January 2014 6:30:51 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\[bleep]\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00001409 | Country: New Zealand | Language: ENZ | Date Format: dd MMMM yyyy

3.44 Gb Total Physical Memory | 1.96 Gb Available Physical Memory | 56.89% Memory free
4.13 Gb Paging File | 2.17 Gb Available in Paging File | 52.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.48 Gb Total Space | 404.54 Gb Free Space | 90.00% Space Free | Partition Type: NTFS

Computer Name: KIWI | User Name: Tony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1829F9DA-17B5-4762-9130-A46B3BD3A8D6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28DB5040-04BF-4E05-A8AC-8015CE810689}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2D286325-ADBE-4A78-BDC6-1640600E5AAF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3BA2B226-D6B8-48B2-AC99-0D9D86056529}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{50AF31E3-9DDF-4AD7-ADAE-4614A1CBAE02}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{731586A4-C4AA-4B93-A06F-FFE18DDFE1B4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87B555A4-DD30-4315-BAD2-1F05857B3D98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8ABE7BD9-744C-4B89-A8CA-8DCA05537493}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94333F89-E85B-402A-863E-42371D809974}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2A3FE6E-0A24-412D-B182-F09C9471C1B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00228C1F-E7C5-4E88-B4AA-D4E85D3499F9}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{0097F01B-E261-4A1A-8F02-48ED3FCD0F53}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{010C9974-9107-41F0-BB60-C2431D98913D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{01490995-75A6-42B7-8CF6-823B715A640E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{031696F6-D895-4465-BD5B-8FA6B2E35300}" = dir=out | name=sonicwall mobile connect |
"{041EEC33-B269-4026-981D-2691B70F7CC1}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0610FCC9-2B88-4BA0-8171-78972736F69E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{0638AC12-DDE0-467D-86FE-FD1256ACB217}" = dir=out | name=weatherbug.a |
"{065D198A-BBA6-40D4-8619-7BB6215888AF}" = dir=out | name=nz post |
"{06F372D5-C3D1-43D7-9B3B-7FDD056ED234}" = dir=out | name=f5 vpn |
"{071427F5-E118-4322-8950-2E76C9A5423F}" = dir=out | name=f5 vpn |
"{080F69F5-F7E8-45B3-BE1B-969ACE6C6C13}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{08AEDCA6-79FE-4B40-9860-1AF36F5A8C72}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{09BC8925-6B2D-4DFA-A110-4C843246C5B4}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{09CF69B1-5285-433A-94D5-8D07B215F5E9}" = dir=out | name=sonicwall mobile connect |
"{09FAA66B-2C26-417C-9562-EB1642B0E276}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{0A091324-96FD-4D65-B914-66BA07544D78}" = dir=in | name=music maker jam |
"{0BBDB865-543C-4FEE-868C-5E1E40EA3361}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{0C54057C-CD8E-4B43-B87B-59F437A5A44B}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0C9A26DB-8E90-4A50-AE16-4B0BB61C9E6E}" = dir=out | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{100FAFA6-85B8-491A-9653-40BF32E24131}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{10B18AB8-2600-4470-8C42-B0ED09874EF1}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{11D4FF75-287A-456B-B53E-15F77EAEEB5F}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{134FE92D-5A53-42E2-B625-513EE73D2151}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{13BFA83F-0A95-4DBD-8E97-1080587C573B}" = dir=out | name=dictionary. |
"{1501EBBC-FBB5-4404-A93F-5CDC138D1F2F}" = dir=out | name=check point vpn |
"{15AC3A20-F9BD-4825-9F01-FE71C41C8F19}" = dir=out | name=3dmark |
"{15EDE6DA-48D6-4E63-9BAF-3F52334A4B7E}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{183ECD1A-712B-4423-83B9-78A2BB330C3A}" = dir=out | name=amazon |
"{1AF5B81A-0535-47DC-943A-95FCD580E5E5}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{1ED7FD1B-C904-43C6-8752-A5A8B935AC07}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{1F690BED-B85A-43DC-A828-AE078A75D387}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{20E7EC1C-185C-4C38-9256-1DEA544ED89C}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{221A5FE6-2C44-427A-AB97-F6A611172EF1}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{224F56EF-127D-49FA-980D-8C04D30F5A0F}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{23154AD6-C3B6-4805-9AEE-A6F6D1FDCADD}" = dir=in | name=sonicwall mobile connect |
"{231DFC88-FA72-4230-81FD-0B78D73E525F}" = dir=in | name=check point vpn |
"{2346B1A4-7517-45CF-A311-B440B3B1E5EA}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{241D85E5-C0BA-45F8-9CA6-13051E73FFA7}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2613D0DA-606F-4B4E-93A0-BA5AA8C7AEF2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2616DD6A-0FFC-4BE8-9074-7CDB91C880E9}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{26D46E71-9A9C-4F0A-9BE3-26467627EC62}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{275D90DA-C17A-4ED0-A889-E78D41A9DDE8}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{28B00F10-FFD4-4250-B43C-6E642E925927}" = dir=out | name=bubble blast 2 |
"{29069ED6-C4AC-4ED0-8C3A-910A237ED7FE}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{2A30FDB4-A270-4923-963B-82AA5DD95162}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{2A64BE1C-FF05-401F-B599-34C0536BF2CF}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2AC7C504-953F-4740-9A11-EA2C3FC1119A}" = dir=out | name=juniper networks junos pulse |
"{2C88B60D-0ECD-44E1-9881-707E381C4A3D}" = dir=in | name=skype |
"{2E730A2E-0D12-4095-ACD4-2CCCF88B5077}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{2EBF58D9-EE10-4695-8F04-42AA394FE28C}" = dir=out | name=f5 vpn |
"{2EE44F80-4BCC-46EB-A90A-6F9176FD10D3}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{2F2E066A-A09E-48EB-8C73-C0E0F841FB81}" = dir=in | name=juniper networks junos pulse |
"{2F67862E-3692-4806-BFD6-455B5B8FF05F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{2FC82F9F-061F-4031-9863-22DF88D6AEB3}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{2FE5E958-05D0-48FB-9E81-0C23B5AE088A}" = dir=out | name=@{microsoft.zunevideo_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3026707F-23F9-48D7-A088-AA4E0B4B799C}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{31238FFF-A508-4028-BE8D-EC93EBF03D95}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{326A8195-3578-4F44-8DD1-DE5E2A04E8B8}" = dir=in | name=f5 vpn |
"{3469AEC3-2C56-438B-B7B1-EA8891763C86}" = dir=in | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{3567E8C5-4B52-4BB0-B547-490FA6290106}" = dir=out | name=network speed test |
"{38232C26-7D96-432A-AFC1-27D61F781F55}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{38AE6A27-238F-44C9-A920-DE7DDF13754C}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{3990A8F4-258D-40D6-AC66-58A95CB4BD42}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3A5F3D7B-4040-4F59-A53B-836CF1DD54D2}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{3B3AE1BB-C5C1-48C7-A85D-0D110B71192F}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{3B9A2248-F758-42C1-9B73-B3158A84A40E}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3CEB2A14-7FA1-4A54-925B-64DD21FA7040}" = dir=in | name=juniper networks junos pulse |
"{3ED7196D-A2C7-47EC-BCC8-22FAE8CBC573}" = dir=in | name=skype |
"{3F50F07D-98C3-4E50-8960-1F31B3FA24BB}" = dir=out | name=microsoft solitaire collection |
"{4061C4A0-1381-47D7-99B2-227306B98833}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{4161AAE9-CE03-46AB-B380-F3EEE9A07F85}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{416978FD-FE2F-4435-930A-ACCC1C6FBA34}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{41815C27-74E9-4B03-A5A6-E195E05BE863}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{41D72EBE-4984-4A13-91A6-87756FCE0D3D}" = dir=out | name=music maker jam |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{435BEB40-BB2E-4C4D-9084-5CC619D6154D}" = dir=in | name=jetpack joyride |
"{44C20078-EFAF-4624-9F00-4BA81B91B1B6}" = dir=out | name=newsxpresso |
"{45A18BB8-F230-4953-9D95-2554137120F8}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{45CABD1E-D3C7-46C4-AE36-088CE59C1BDB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{466462F0-8A5B-4B8E-9430-C31A7F258C32}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{46AB5DA4-C116-4067-A68B-B0CD43A041BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46BA4952-D9EF-4FEA-9EC0-0B1A2983FD46}" = dir=out | name=skype |
"{475F9633-6659-4BD4-BF35-B03F0B0CE803}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{48073EC3-7017-4243-B283-E13A6DFA7947}" = dir=out | name=windows_ie_ac_001 |
"{48B17989-CCAC-4F1C-A00A-E30548109578}" = dir=out | name=check point vpn |
"{4AE369A3-3AEC-4778-AB62-C02241D80EC3}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{4AEEE9C1-F5B8-41CF-92A8-F7306F797F33}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{4B8AFB07-8BF5-43A4-804B-E5054202E23D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4F7F9999-76B6-4FEF-80E1-18AE57E2FD63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{514D2102-117A-426C-80C9-89568A027FF0}" = dir=out | name=skype |
"{5159BE30-5D91-4BF0-ABAF-3A8475F9E958}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{52C01511-42D4-4998-9391-4A877B3B3ED3}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{5340AF6F-9C78-490D-95D1-E0ACA89AA335}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{552514A4-B4BB-466F-BCC6-EB4F85E1E973}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{560CD96F-5A01-46C8-B2D5-424C2F748519}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{563527DE-B4B2-481C-ACB9-8DD45D02098B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{56E02F97-2DB7-470C-883D-E868F5EAF06E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{56EA82A4-1C3A-449E-8361-57AC81FFD13E}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{573810FE-3FA2-461B-840E-77B4EB6757EC}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{596E35C3-B556-4D07-8C2F-017E4266AC95}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{5E11E6C3-3B58-46C6-9FE3-E7F251610A1C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{5F1374E8-9D1B-4288-9072-7A4CBC66CF07}" = dir=in | name=f5 vpn |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5FF6B48C-A638-4C0E-8133-61F3AE094C7B}" = dir=out | name=acer explorer |
"{60FCFEBF-BE6D-42AB-9486-DD9F93D3A061}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{61B22920-9875-4F07-831B-0CDC2E39013C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{62FC9E7E-8111-4B4C-BF69-929E4657BE45}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{630114D0-B70C-48D8-A3AE-3BC17552E04A}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{63817D51-37B9-480B-92E0-231387B925F9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{662A6B6A-45D5-45F5-8609-5494C452C626}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{68D0F272-7F02-4723-B9EC-C90A82687F3A}" = dir=in | name=check point vpn |
"{694B5532-ED87-4EEF-AFF5-47021EAA90BE}" = dir=out | name=check point vpn |
"{69907913-8FCF-44D2-86F8-54DDAFEC208D}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{6CFFD092-4902-4234-BF51-273BA7C83774}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{6DFAFA61-925C-46D0-B338-9762B66BEA8C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{6E7EEEED-74AD-48E1-A394-233410E091A2}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{6EF12937-DDF4-441B-BA8C-131D23894296}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{6FD1EF13-CDB5-40FA-B057-73FA1A67D53B}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{71514578-EAAB-403C-A24A-B63377760D14}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{71F2F429-9F2F-4489-942D-AC3474110527}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{74EE7F7F-9558-47CD-AFAB-75C45FC77ABC}" = dir=in | name=juniper networks junos pulse |
"{753788B0-6FA4-48DD-995C-CF6C99A00713}" = dir=out | name=7digital music store |
"{756C7357-BDE6-48E5-A71B-9E0AA891E582}" = dir=in | name=acer explorer |
"{7639DF99-C7B7-4C64-B122-30E4C77D1990}" = dir=in | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{76DB1392-E48A-427E-843D-7CFD658FAD62}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{7B55BAFA-3F35-4994-9A5F-0D115E5E21CE}" = dir=in | name=despicable me: minion rush |
"{7E210B56-1BD8-40E3-90A4-C47D582FF0A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7EEE6EC1-98AD-4C4F-804A-D56B29274CDF}" = dir=out | name=sonicwall mobile connect |
"{80412F71-6541-4FC6-8789-06E39384D40D}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{817CBA2C-32FD-43AB-87EE-4773E2F2ABFE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8239B7C1-2686-494E-A14D-6DBDFE0D90B4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{82C87E8D-ABB3-4BD9-BC61-B976A611E754}" = dir=out | name=juniper networks junos pulse |
"{84B19B57-0751-4FAF-98D3-07AB2C222B4D}" = dir=out | name=jetpack joyride |
"{84D839B8-7762-47C3-AEE2-B73CA0EDBEE4}" = dir=in | name=skype |
"{8570EA03-525C-4928-956F-6D905FE445BB}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{85C47D63-A3FB-409C-8500-3D9D6FC75453}" = dir=out | name=@{microsoft.zunemusic_1.2.150.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{872AD7AC-FB57-44E5-9451-ADB02E2EED30}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{8B907030-D470-405C-A106-E23C1AA62A72}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8D0ACF44-1217-43C1-8463-36FDEF0EE4F0}" = dir=in | name=dictionary. |
"{8DA54DC7-D174-49A6-BC18-20092A7F64CD}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8E52879D-D01C-478B-9F0F-97670EF0FAFF}" = dir=in | name=sonicwall mobile connect |
"{8EF6BF8F-36FB-491A-A4F1-8790BA756003}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{9159FE53-6984-4595-A501-5449B47B82BA}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{916652FA-0421-42E2-95BE-AA032A436E7A}" = dir=out | name=skype |
"{938A48EE-8C82-4247-8444-68D1B936B37E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{9558103E-DE80-49F4-86FF-630BB225D72D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{959B228A-F063-4C9B-A2EB-AB917570442E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{95A0794B-59D7-4308-8291-CC4F635F3E1A}" = dir=out | name=newsxpresso |
"{986AEA80-78B1-47E6-A202-2031E4B33EE7}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9B13BDB1-F3A8-4C44-887A-3E67B77BC1BB}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9D2194B7-6D0C-42FD-BACE-510336A28C16}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9D2FD21E-A80D-481C-9DF3-5DDEA4374994}" = dir=out | name=orcon usage meter |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E3FB216-856B-417D-AE6F-BAF6674A8CBA}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A0DB18F2-A307-4295-A495-B48D630F5225}" = dir=in | name=taptiles |
"{A188A04C-CFC0-4AB3-BBED-365C2520C067}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{A212A0AD-46EB-43BA-9401-93A128529410}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A2699127-FB22-4512-B0B0-E560F9612CA3}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{A435DB49-FE65-4964-B675-054D03AA066B}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A43C199D-2F87-47F4-A0B7-2016D34A4181}" = dir=out | name=acer explorer |
"{A63605F1-7968-40CF-9942-B81F82B33972}" = dir=out | name=kindle |
"{A6D0FF8B-766C-4195-AF0E-042F780FB52D}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{A7A0DFAB-FFA1-471F-AFB0-A5EF1DC6ED41}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{A7AB088B-70A3-4938-BF7D-D4FE18D69AEE}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A7F8EE81-2FD2-425B-A4AD-49835EE823E6}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A878FF89-8AD6-4117-8643-9D97582C0AE5}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{A889301C-9EEE-4B53-9BA9-8F8494C94230}" = dir=in | name=acer explorer |
"{A924F04E-57DF-46B4-A061-C627A0E6F436}" = dir=out | name=sonicwall mobile connect |
"{A96A04B1-63E7-4E27-852B-1448FFD1AA1A}" = dir=out | name=7digital music store |
"{AB837864-9EE7-4245-A030-D95CDBBC08F9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AD23BFA4-BB94-4E29-9A68-66804E357C3F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{ADC8FA27-5478-4695-847A-B4581AECDD71}" = protocol=6 | dir=out | app=system |
"{B013B4E2-7771-4D54-8261-8694C9814B51}" = dir=in | name=acer explorer |
"{B36D2682-BCB5-4D27-92F7-8443A7049AC7}" = dir=out | name=despicable me: minion rush |
"{B41C5A10-9976-4BA6-ADE6-AFD7A01BE2A7}" = dir=in | name=3dmark |
"{B4245483-DE2A-405B-8416-F6BBD1B582C6}" = dir=in | name=sonicwall mobile connect |
"{B48B68D0-B2C7-498B-AAEE-50BED32F9066}" = dir=out | name=juniper networks junos pulse |
"{B506A6F3-3754-41A8-AFDE-DDB12D0702F1}" = dir=in | name=music maker jam |
"{B615A753-C143-4834-922C-1B73FF6B2AB4}" = dir=out | name=- games app - |
"{B7498A35-A393-4804-B6B9-9E7CD6E8F149}" = dir=out | name=taptiles |
"{BCD42E3E-011D-4F11-B2E8-F33DEB07990E}" = dir=out | name=windows_ie_ac_001 |
"{BDE372BE-692A-497B-A0FC-CC1ED1C8F8CD}" = dir=out | name=amazon |
"{BF755495-3367-4306-9504-004A9E770122}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BFA563E2-1F90-46BA-BEF2-E3A575B63BC5}" = dir=in | name=@{828b5831.standofood3_1.2.3.0_x86__ytsefhwckbdv6?ms-resource://828b5831.standofood3/resources/kd_app_name} |
"{C09BB050-D7E3-492C-8034-A477A2977E1C}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C45ABFF1-18CF-4545-A34D-97EFE1F514DB}" = dir=out | name=@{magix.musicmakerjam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{C628E8AE-3A49-4FEE-BC02-D93D48ED46BE}" = dir=out | name=candy fun |
"{C736FF73-4B5F-40BC-8A14-13EEB8E78D65}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{C8631BE6-E93F-450A-BA82-2F3775C547AF}" = dir=out | name=juniper networks junos pulse |
"{C8746293-A6A1-4181-919A-F90F32601713}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C9C9C493-98A5-4961-BF60-DBBD12701762}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CA54A6FF-37CB-47B4-B8C5-94225D3ED956}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{CB0D397D-C91F-46E5-BF4F-E2C5648BDCAA}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{CBBFB154-9CC4-4B5B-9A4B-BCE570B832ED}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{CEBA2B77-8B42-44A4-828A-F4E962EB2F5E}" = dir=out | name=music maker jam |
"{CEFB5D54-BFC0-46DA-8518-C075F10E6246}" = dir=in | name=newsxpresso |
"{D07AF4D1-2EC3-439B-96F5-14D176C3C8F2}" = dir=in | name=check point vpn |
"{D09140B9-5591-4BCD-992A-26451E0A71EC}" = dir=in | name=sonicwall mobile connect |
"{D23D88DB-BB08-438D-955D-78EBA450E3DA}" = dir=out | name=acer explorer |
"{D30177A7-6A8F-4B1E-A761-AE1EDAFC9353}" = dir=out | name=bubblebreaker |
"{D51025D3-B48F-45CC-AAFD-625F5612BAF8}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{D636490C-E31D-41E7-82C5-904CBEB025A1}" = dir=in | name=check point vpn |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D7353BE4-6AAF-462F-B200-9BA90BA7CD2D}" = dir=in | name=skype |
"{D93C3279-BB14-4DB4-860A-A990A49F948C}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{DA49DE99-0EF2-40DF-AB47-91B9480FEBA8}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{DAAF52DC-608D-432F-9C3E-2B2A7840B308}" = dir=out | name=f5 vpn |
"{DAD5F696-AD99-4AE3-88AB-29B47CB26874}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC74B87C-8FA6-4838-BCC0-184E8A06D4C8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{DD735DA8-0BC7-49C8-AB60-0C5AC87AB9B3}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E114283C-9542-4AA7-9594-04CD27D8DD4B}" = dir=out | name=newsxpresso |
"{E1D3F6E3-27A2-4B92-AE96-EE87C6FABA30}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{E20E2C7C-6B47-4B07-8B8A-09B4F7861438}" = dir=in | name=microsoft solitaire collection |
"{E5855B2A-53BE-4D19-A6A5-87FD2DD55999}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E59E36D6-BBA4-4BB6-9C23-39F66A18D415}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E6475135-539D-4630-9B5A-5F5409369E8A}" = dir=out | name=check point vpn |
"{E6E75CC8-9F43-4382-8AA1-83052E27C163}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8169CB8-2B4F-4027-8D3B-5E35D7DE4349}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{E8644AE4-A545-47EC-88A8-EA88501E51E9}" = dir=out | name=skype |
"{EBD86998-44CF-4F65-AB05-F017B5FDCF85}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F2B385E1-823D-4B2A-B556-0E63E9898D5D}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F31D40E7-D0CE-4DDC-90BA-40D23C075B9F}" = dir=out | name=gold miner classic |
"{F46B006F-41C7-406F-8E27-E697DE0EC52C}" = dir=in | name=f5 vpn |
"{F5260697-E796-468E-BA76-051AECD0560C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6B6819F-CDC3-4B0A-901C-60BA6CB48883}" = dir=out | name=windows_ie_ac_001 |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7807B46-8FD4-4EC4-B801-8D1FBBB0954C}" = dir=out | name=kindle |
"{F7FAD96A-71DD-4E53-A510-832FECE2F358}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F89556D1-AB48-481B-96EE-A46ADC6FDDE7}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{FB1402FD-A522-4294-93A9-2FA42D7E7524}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{FB9673A7-2D5E-4E85-8159-B80CF09657B9}" = dir=out | name=@{828b5831.standofood3_1.2.3.0_x86__ytsefhwckbdv6?ms-resource://828b5831.standofood3/resources/kd_app_name} |
"{FBC3BFD2-679E-4E28-AAEC-D00A8B8B86C1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FBE780B4-EB35-431F-9BF8-08C36B6239DB}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{FC76AA03-6B04-4B30-B901-8A726705AD67}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{FCA02289-B301-49FF-924B-00C7EA0AEA29}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{FE2269CB-2974-43E3-BD96-8D3D45F2F99E}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{FE946328-F420-4866-96E2-16430FF58A9E}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{FE992C37-8ACB-4DDC-B17D-4EB6339513BE}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FEA2A76E-75DC-4F29-8EBE-8A5BCD175840}" = dir=in | name=juniper networks junos pulse |
"{FF76B45A-F4B1-43D1-8166-2409FB2C8317}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{FF88786B-DDBC-47D7-9410-2F23E50B3DF8}" = dir=in | name=f5 vpn |
"{FFCCE0BB-D744-4E69-9E55-26F1EB955F06}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FFE93820-18C0-4559-8B08-99801B69E324}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"TCP Query User{1B324097-A49F-4BFA-BB76-B2B54846A102}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{64F459FC-4EC2-445D-AC90-B9AFB93FFC40}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"UDP Query User{27A33A98-430B-4EC7-B52F-0F2CB7FF0862}C:\program files (x86)\frostwire 5\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
"UDP Query User{BD789290-3433-4D25-84EF-E2F2F49F07D6}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{79DED939-1B21-8D9F-5EC7-8648EBDA898D}" = AMD Wireless Display v3.0
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82CCD451-A531-C6B2-8583-F76862CBFA1F}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{9770EA17-52C1-78A7-C3B3-59F0A2091BAE}" = AMD Catalyst Install Manager
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}" = Acer Launch Manager
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}" = WinZip 18.0
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F03BC8ED-A817-9313-E027-9EB697F09FDB}" = ccc-utility64
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.24.203_WHQL
"O365HomePremRetail - en-us" = Microsoft Office 365 Home Premium - en-us
"Speccy" = Speccy

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{0609A164-52F2-06A9-08E4-2FE830783B98}" = CCC Help Hungarian
"{089EBFDF-59C9-7312-B22B-AA196E49CB10}" = CCC Help Chinese Traditional
"{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}" = Amazon 1Button App
"{16E92CC4-0BAD-87EB-1F70-AF9C263001A2}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{2232B2BC-D742-FC06-B7F4-C4346DEA53E2}" = CCC Help Thai
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2719E769-E013-19E5-E6DB-56B69509EDC9}" = CCC Help Finnish
"{276FD4A2-030F-8A24-7DFE-9B1384131BCD}" = OEM Application Profile
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2960CE44-6DF0-F2CE-1E4D-E90070CB2AED}" = CCC Help Turkish
"{2B388CD6-A2FB-E273-EB65-4FFE9588501C}" = CCC Help Portuguese
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{354C4625-6D59-E7C8-0441-4169909E5D2A}" = CCC Help Greek
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C197D02-5092-7563-5DD7-F088DD51456B}" = CCC Help Swedish
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{49977584-B20E-46AB-818F-845815378904}" = Bing Bar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E0BC999-655B-421D-87F3-640C6F2BFC11}" = QCA CardReader Driver Installer
"{575B27AC-DD30-6CA3-AF55-754B35A49577}" = CCC Help Norwegian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6C2D0171-D06A-1363-21E0-59603F127BAA}" = CCC Help Japanese
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6DF10BAC-3B89-8AE2-9D46-F3D75633B403}" = Catalyst Control Center InstallProxy
"{70DFFAB6-879E-93B0-3207-3B698F349E69}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{8901B1F0-8B85-390A-3864-C781AE77D117}" = Catalyst Control Center Localization All
"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)
"{8FA9EC6F-3B7A-CDDE-0676-D42C0EB88578}" = CCC Help Dutch
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{98CDB991-3A98-DE50-238C-7D9758B27319}" = CCC Help Russian
"{98DCC109-E55E-9D44-7B0E-323A3C0E8176}" = CCC Help French
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1DA7E22-C74D-EE4D-BF4A-4218AE5EF37D}" = CCC Help Czech
"{A2065E16-3E3D-861E-0579-4939948E0EC8}" = CCC Help Spanish
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud Portal
"{A6E9A3DE-596B-3C32-6A56-A05A8451A2A1}" = CCC Help English
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B267138A-5CF3-DD17-9B3B-6DEE9E07D25A}" = CCC Help Polish
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{BD0B7005-1E94-4E5A-831B-55EB20BC0818}" = Catalyst Control Center - Branding
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{CC9F9BDB-93FB-DB87-0C09-0DCBA3927EB8}" = CCC Help Danish
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E251D79E-346B-88A7-365B-B13EF08FB4A9}" = CCC Help Korean
"{E26CFBE6-816C-ECBA-2420-B7FC0A1113BC}" = Catalyst Control Center Graphics Previews Common
"{E92B9690-C24D-75EC-AB59-C0E9A0BAC3E2}" = AMD VISION Engine Control Center
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EB512395-947B-5F33-082C-B652A1CD32A1}" = CCC Help Chinese Standard
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"123 Free Solitaire_is1" = 123 Free Solitaire v10.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avast" = avast! Free Antivirus
"AVG PC TuneUp" = AVG PC TuneUp 2014
"BurnAware Free_is1" = BurnAware Free 6.8
"FrostWire 5" = FrostWire 5.6.9
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.42
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"SolSuite" = SolSuite
"Spotify" = Spotify
"TeamViewer 9" = TeamViewer 9
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2041240277-348556399-1276373391-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 05 January 2014 2:02:09 AM | Computer Name = Kiwi | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 05 January 2014 3:48:00 AM | Computer Name = Kiwi | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 05 January 2014 4:54:30 PM | Computer Name = Kiwi | Source = Application Error | ID = 1000
Description = Faulting application name: OrconUsageMeter.exe, version: 1.0.0.0,
time stamp: 0x50aa964f Faulting module name: combase.dll, version: 6.3.9600.16408,
time stamp: 0x523d3001 Exception code: 0xc000027b Fault offset: 0x000fa5bd Faulting
process id: 0x178c Faulting application start time: 0x01cf0a5852c8f5a4 Faulting application
path: C:\Program Files\WindowsApps\45567Samdanae.OrconUsageMeter_1.0.0.7_neutral__xrv2szc33vqft\OrconUsageMeter.exe
Faulting
module path: C:\WINDOWS\SYSTEM32\combase.dll Report Id: 9203aa23-764b-11e3-bf05-fc118d14e592
Faulting
package full name: 45567Samdanae.OrconUsageMeter_1.0.0.7_neutral__xrv2szc33vqft
Faulting
package-relative application ID: App

Error - 05 January 2014 4:54:43 PM | Computer Name = Kiwi | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = App 45567Samdanae.OrconUsageMeter_1.0.0.7_neutral__xrv2szc33vqft+App
did not launch within its allotted time.

Error - 05 January 2014 7:52:04 PM | Computer Name = Kiwi | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 06 January 2014 12:15:31 AM | Computer Name = Kiwi | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20315 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 58c Start
Time: 01cf0a953597bf4c Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: 2a7cdfb3-7689-11e3-bf06-a14503922b48 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 06 January 2014 12:15:38 AM | Computer Name = Kiwi | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.16431 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: cc0 Start
Time: 01cf0a953593a0aa Termination Time: 4294967295 Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report
Id: 2ab7518f-7689-11e3-bf06-a14503922b48 Faulting package full name: Microsoft.SkypeApp_2.3.0.1008_x86__kzf8qxf38zg5c

Faulting
package-relative application ID: App

Error - 06 January 2014 12:30:36 AM | Computer Name = Kiwi | Source = Application Hang | ID = 1002
Description = The program LiveComm.exe version 17.5.9600.20315 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 548 Start
Time: 01cf0a974e0a43b8 Termination Time: 4294967295 Application Path: C:\Program
Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe

Report
Id: 45fb646e-768b-11e3-bf06-a14503922b48 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe

Faulting
package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error - 06 January 2014 12:30:39 AM | Computer Name = Kiwi | Source = Application Hang | ID = 1002
Description = The program wwahost.exe version 6.3.9600.16431 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b10 Start
Time: 01cf0a974e0a43b8 Termination Time: 4294967295 Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report
Id: 46eec8be-768b-11e3-bf06-a14503922b48 Faulting package full name: Microsoft.SkypeApp_2.3.0.1008_x86__kzf8qxf38zg5c

Faulting
package-relative application ID: App

Error - 06 January 2014 2:32:19 AM | Computer Name = Kiwi | Source = Application Error | ID = 1000
Description = Faulting application name: launcher.exe_Opera Internet Browser, version:
18.0.1284.68, time stamp: 0x52a90f76 Faulting module name: launcher_lib.dll, version:
0.0.0.0, time stamp: 0x52a90f69 Exception code: 0x80000003 Fault offset: 0x0000e7d0
Faulting
process id: 0x1294 Faulting application start time: 0x01cf0aa902ec4932 Faulting application
path: C:\Users\[bleep]\AppData\Local\Temp\7ZipSfx.000\launcher.exe Faulting module
path: C:\Users\[bleep]\AppData\Local\Temp\7ZipSfx.000\launcher_lib.dll Report Id:
4a2c94e8-769c-11e3-bf0a-c78c7e48d6d9 Faulting package full name: Faulting package-relative
application ID:

[ System Events ]
Error - 06 January 2014 5:29:53 AM | Computer Name = Kiwi | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume \\?\Volume{4d68e757-a5c3-42ce-8160-583d4aa36296}
encountered a non-retryable error and could not start. The data contains the error
code.

Error - 06 January 2014 5:30:15 AM | Computer Name = Kiwi | Source = APXACC | ID = 16778219
Description = The NDIS6 LWF initialization has failed. (0xC0000001)

Error - 06 January 2014 5:30:15 AM | Computer Name = Kiwi | Source = Service Control Manager | ID = 7000
Description = The AppEx Networks Accelerator LWF service failed to start due to
the following error: %%31

Error - 06 January 2014 5:39:19 AM | Computer Name = Kiwi | Source = DCOM | ID = 10016
Description =

Error - 06 January 2014 5:40:27 AM | Computer Name = Kiwi | Source = Ntfs | ID = 262281
Description = The default transaction resource manager on volume \\?\Volume{4d68e757-a5c3-42ce-8160-583d4aa36296}
encountered a non-retryable error and could not start. The data contains the error
code.

Error - 06 January 2014 5:40:49 AM | Computer Name = Kiwi | Source = APXACC | ID = 16778219
Description = The NDIS6 LWF initialization has failed. (0xC0000001)

Error - 06 January 2014 5:40:49 AM | Computer Name = Kiwi | Source = Service Control Manager | ID = 7000
Description = The AppEx Networks Accelerator LWF service failed to start due to
the following error: %%31

Error - 06 January 2014 5:44:39 AM | Computer Name = Kiwi | Source = DCOM | ID = 10016
Description =

Error - 06 January 2014 6:52:40 AM | Computer Name = Kiwi | Source = DCOM | ID = 10016
Description =

Error - 06 January 2014 6:54:05 AM | Computer Name = Kiwi | Source = DCOM | ID = 10016
Description =

< End of report >

#5
Pyxis

Posted 07 January 2014 - 06:33 PM

Trusted Helper

Malware Removal
1,228 posts

Step 1

After examining your logs, I have seen that you currently have one or more P2P Programs installed. I would recommend their removal as the networks these programs are involved in are breeding places for malware. The things you are downloading are not one hundred percent safe as they can be uploaded by anyone on the Internet, some possibly aiding in the propagation of malware.

More can be read from the following sources:
The Dangers of P2P File Sharing
The Dangers of P2P Networks

You are advised to remove the following programs by uninstalling them:

FrostWire
Note: This step is optional. You may or may not remove the programs, however I strongly suggest getting rid or disabling them before we continue with the process.

Step 2

You will need to disable Spybot - Search & Destroy's Resident TeaTimer for the entire duration of this fix as it may get in the way.
Launch Spybot - Search & Destroy.
Go to Mode and select Advanced Mode.
On the left pane, choose Tools > Resident.
Uncheck Resident TeaTimer and TeaTimer. Click OK.

Note: Once you are clean, you can re-enable it using the same steps but this time place a check next to Resident TeaTimer and TeaTimer.

Step 3

Upon careful inspection, your log indicates that the program(s) listed below is installed on your computer. I would like to request for the removal of the program(s) as it is associated with malware, adware or spyware. Please proceed to uninstalling by going to Control Panel (Windows XP) or Programs and Features (Windows Vista or Windows 7). If Windows says it cannot locate the program(s) and that it prompts for it to be removed from the list instead, do so by allowing it.

Bing Bar
Bing Desktop
Google Update Helper

Inform me if you encounter problems in the removal process.

Step 4

If you haven't already, download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.
Simply double-click the program icon to run it. It will ask for administrator privileges.

Copy and paste the following into the Custom Scans/Fixes box:

:OTL
PRC - [2013 11 10 23:52:12 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE
SRV - [2013 11 10 23:52:12 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013 11 10 23:52:12 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BBSvc.EXE -- (BBSvc)
SRV - [2013 11 01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE:64bit: - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes,DefaultScope = {0191A6B0-1154-4C22-9182-23A95BBE92D9}
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-2041240277-348556399-1276373391-1001\..\SearchScopes\{E53253FE-7978-4462-9030-6C812CF4E7B8}: "URL" = http://www.google.co...utputEncoding?}
[2014 01 04 14:15:01 | 000,446,395 | ---- | M] () (No name found) -- C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi
O2:64bit: - BHO: (SoundFrost) - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\Program Files (x86)\Download Free Music\SoundFrost64.dll (SoundFrost Company)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SoundFrost) - {081524f7-7ed8-43ff-b01e-915c410a9cbe} - C:\Program Files (x86)\Download Free Music\SoundFrost.dll (SoundFrost Company)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll (Microsoft Corporation.)
[2014 01 03 12:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PassShow
[2014 01 03 15:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\iWin
[2014 01 03 13:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PogoDGC
[2014 01 02 08:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Download Free Music
[2014 01 02 00:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013 12 17 10:05:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2013 12 13 08:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

:Files
C:\Program Files (x86)\Microsoft\BingBar
%USERPROFILE%\AppData\Local\Mobogenie
%USERPROFILE%\AppData\Local\genienext

:Commands
[emptytemp]

Click Run Fix.
OTL will reboot your system. Allow it by clicking OK.
After the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

Step 5

Download 'Junkware Removal Tool by thisisu' and save it to your desktop.
Ensure all programs and windows are closed before proceeding.
Simply double-click the program icon to run it. It will ask for administrator privileges.
A black window will appear. Press any key to continue.
Wait for it to finish. It won't take long.
A log will automatically pop-up once done. Alternatively, you can find JRT.txt at your desktop.
Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

Logs to Post

In summary of the above, I will need you to post the following log(s):

MMDDYYYY_HHMMSS.log (OTL)
JRT.txt (Junkware Removal Tool)

#6
KiwiProbie

Posted 08 January 2014 - 03:05 AM

Member

Topic Starter
Member
464 posts

Progress Update:

All complete.

Logs as requested:

All processes killed
========== OTL ==========
No active process named SeaPort.EXE was found!
Error: No service named BBUpdate was found to stop!
Service\Driver key BBUpdate not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\SeaPort.EXE not found.
Error: No service named BBSvc was found to stop!
Service\Driver key BBSvc not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BBSvc.EXE not found.
Error: No service named BingDesktopUpdate was found to stop!
Service\Driver key BingDesktopUpdate not found.
File C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FC5F40-15D6-4D54-910A-F87901A31513}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E6FC5F40-15D6-4D54-910A-F87901A31513}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FC5F40-15D6-4D54-910A-F87901A31513}\ not found.
HKEY_USERS\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0191A6B0-1154-4C22-9182-23A95BBE92D9}\ not found.
Registry key HKEY_USERS\S-1-5-21-2041240277-348556399-1276373391-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E53253FE-7978-4462-9030-6C812CF4E7B8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E53253FE-7978-4462-9030-6C812CF4E7B8}\ not found.
File C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\extensions\{7CA9CF31-1C73-46CD-8377-85AB71EA771F}.xpi not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{081524f7-7ed8-43ff-b01e-915c410a9cbe}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{081524f7-7ed8-43ff-b01e-915c410a9cbe}\ deleted successfully.
C:\Program Files (x86)\Download Free Music\SoundFrost64.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{081524f7-7ed8-43ff-b01e-915c410a9cbe}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{081524f7-7ed8-43ff-b01e-915c410a9cbe}\ deleted successfully.
C:\Program Files (x86)\Download Free Music\SoundFrost.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\amd64\BingExt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\7.3.117.0\BingExt.dll not found.
C:\Program Files (x86)\PassShow folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\users folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\new folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\LoadingScreen folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\boss\stone folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\boss\generic folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\boss\devil folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\boss\dark frog folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds\boss folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached\sounds folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge\cached folder moved successfully.
C:\ProgramData\iWin\ZumasRevenge folder moved successfully.
C:\ProgramData\iWin folder moved successfully.
C:\ProgramData\PogoDGC folder moved successfully.
C:\Program Files (x86)\Download Free Music folder moved successfully.
C:\ProgramData\Search Protection folder moved successfully.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop\ not found.
C:\ProgramData\Trymedia\stats folder moved successfully.
C:\ProgramData\Trymedia\licenses folder moved successfully.
C:\ProgramData\Trymedia\data folder moved successfully.
C:\ProgramData\Trymedia folder moved successfully.
ADS C:\ProgramData\Temp:5C321E34 deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Microsoft\BingBar not found.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\notice folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\connect folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\dialog folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\welcome folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\skin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\pb folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\subject folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\driver folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\contact folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\thai folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\spanish folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\russian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\portuguese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\poland folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\italian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\indonesian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\english folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\chinese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\arabic folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_ folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\photo folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_ folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin\skin1 folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin\default folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\skin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\page folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\libraries folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\test folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\examples\views folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\examples folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\bin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master\benchmarks folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript\doT-master folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\javascript folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\css folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\sqldrivers folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\phonon_backend folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\log folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\OldVersion folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\notice folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\download folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info\connect folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\info folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe\tab_switch folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\iframe folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static\dialog folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_static folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\welcome folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\util folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\tpls folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\skin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\pb folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\moduletemp folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\vedio folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\ui folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\subject folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\message folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\image folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\driver folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\download folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\contact folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module\app folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\module folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\lib folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\interface folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\vietna folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\thai folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\spanish folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\russian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\portuguese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\poland folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\italian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\indonesian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\english folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\chinese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n\arabic folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_\i18n folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\js_ folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\light_square folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\facebook folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\default folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\prettyPhoto folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\photo folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images\debug folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\images folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\iframe folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\htmlTemp folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\thai folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\russian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\poland folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\italian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\english folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_\i18n folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\js_ folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog\images folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\dialog folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web\css folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\web folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\skin\skin1 folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\skin\default folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\skin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\page folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\libraries folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\test folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\examples\views folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\examples folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\bin folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks\templating folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master\benchmarks folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript\doT-master folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\javascript folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates\css folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\templates folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\sqldrivers folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\phonon_backend folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\log folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\imageformats folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\NewVersion folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version\CacheVersion folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Version folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\driver folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Download\Video folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Download\Picture folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Download\Music folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Download\Apk folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Download folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\device folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\Data folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie\backup folder moved successfully.
C:\Users\[bleep]\AppData\Local\Mobogenie folder moved successfully.
C:\Users\[bleep]\AppData\Local\genienext folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: [bleep]
->Temp folder emptied: 17814789 bytes
->Temporary Internet Files folder emptied: 5538272 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 23562783 bytes
->Flash cache emptied: 506 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Mum
->Temp folder emptied: 566029 bytes
->Temporary Internet Files folder emptied: 18744177 bytes
->Flash cache emptied: 492 bytes

User: Nadia
->Temp folder emptied: 1748069 bytes
->Temporary Internet Files folder emptied: 38508890 bytes
->Flash cache emptied: 671 bytes

User: Public

User: Rachel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Tony

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 584272 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16416 bytes
RecycleBin emptied: 40963023 bytes

Total Files Cleaned = 141.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01082014_221235

Files\Folders moved on Reboot...
C:\Users\[bleep]\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
C:\Users\[bleep]\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll moved successfully.
C:\Users\[bleep]\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll moved successfully.
C:\Users\[bleep]\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\[bleep]\AppData\Local\Temp\winstore.log moved successfully.
C:\Users\[bleep]\AppData\Local\Temp\~DF2EB00D02947D338B.TMP moved successfully.
C:\Users\[bleep]\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\WINDOWS\temp\FireFly(2014010821180679C).log moved successfully.
C:\WINDOWS\temp\integratedoffice.exe_c2ruidll(2014010821180579C).log moved successfully.
C:\WINDOWS\temp\integratedoffice.exe_streamserver(2014010821180779C).log moved successfully.
File move failed. C:\WINDOWS\temp\ood_stream.x86.en-us.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\ood_stream.x86.x-none.dat scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\ZLT01b41.TMP not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8.1 x64
Ran by Tony on 08 Jan 2014 at 22:38:35.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\conduit

~~~ Files

Failed to delete: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\[bleep]\AppData\Roaming\isafe"
Successfully deleted: [Folder] "C:\Users\[bleep]\appdata\local\software"
Successfully deleted: [Folder] "C:\Users\[bleep]\appdata\locallow\boost_interprocess"

~~~ FireFox

Successfully deleted: [File] C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\user.js
Emptied folder: C:\Users\[bleep]\AppData\Roaming\mozilla\firefox\profiles\e2ko4i4s.default\minidumps [4 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08 Jan 2014 at 22:49:23.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by KiwiProbie, 08 January 2014 - 03:53 AM.

#7
Pyxis

Posted 08 January 2014 - 07:17 PM

Trusted Helper

Malware Removal
1,228 posts

Thank you for the logs! Do note that my next post is currently being checked by my professor. It'll make its way to you shortly.

#8
KiwiProbie

Posted 09 January 2014 - 12:52 AM

Member

Topic Starter
Member
464 posts

All goods

#9
Pyxis

Posted 09 January 2014 - 12:22 PM

Trusted Helper

Malware Removal
1,228 posts

Step 1

Download 'AdwCleaner by Xplode' and save it to your desktop.
Simply double-click the program icon to run it. It will ask for administrator privileges.
Click Scan and choose Clean after.
Wait for it to finish. It won't take long.
Click OK for the next prompts. Your system will automatically reboot.
A log will automatically pop-up after rebooting. Alternatively, you can find it at C:\AdwCleaner[S*].txt.
Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

Step 2

Download the free version of 'Malwarebytes Anti-Malware by Malwarebytes Corporation' and save it to your desktop.
- Double-click mbam-setup-*.exe and proceed to installing the program.
- Accept the License Agreement.
- At the end, ensure a check mark is both placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform Quick Scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.
- In case you don't get a chance to do so, you may also find the log in the program's Logs tab.
Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

Step 3

Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.
Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):
The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
Upon completion, use Notepad to open and save C:\Program Files\ESET\EsetOnlineScanner\log.txt to your desktop.
Select Uninstall application on close and click Finish.
Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.

Logs to Post

In summary of the above, I will need you to post the following log(s):

AdwCleaner[S*].txt (AdwCleaner)
log.txt (ESET Online Scan)
mbam-log-*.txt (Malwarebytes' Anti-Malware)

#10
KiwiProbie

Posted 09 January 2014 - 05:04 PM

Member

Topic Starter
Member
464 posts

I have already ran malware bytes twice on my computer and I have changed my anti virus to Avira, and he says this all clear now.

I will do the first step to be sure thought cause I have not done that one yet.
And I will do number 3 as well.

#11
KiwiProbie

Posted 09 January 2014 - 05:06 PM

Member

Topic Starter
Member
464 posts

Progress update:

Downloaded ESET and the other tool from step one and about to run them

#12
KiwiProbie

Posted 09 January 2014 - 05:11 PM

Member

Topic Starter
Member
464 posts

Progress report:

Adwcleaner has ran, and comes back clear. here is the log:

# AdwCleaner v3.016 - Report created 10/01/2014 at 12:07:25
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : kiwiprobie - TONY
# Running from : C:\Users\[bleep]\Downloads\Security\Malware Tools\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\System32\Tasks\NCH Software
Folder Found C:\Program Files (x86)\NCH Software
Folder Found C:\ProgramData\NCH Software
Folder Found C:\ProgramData\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Local\Pokki
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\Users\[bleep]\AppData\Roaming\NCH Software
Folder Found C:\WINDOWS\TempDir

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\NCH Software
Key Found : [x64] HKCU\Software\NCH Software
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\Software\NCH Software
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

[ File : C:\Users\[bleep]\AppData\Roaming\Mozilla\Firefox\Profiles\e2ko4i4s.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [3019 octets] - [10/01/2014 12:07:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3079 octets] ##########

Now running ESET online scanner.

#13
KiwiProbie

Posted 09 January 2014 - 05:48 PM

Member

Topic Starter
Member
464 posts

Progress update:

All done and clear:

https://imageshack.com/i/e90watp

Edited by KiwiProbie, 09 January 2014 - 07:59 PM.

#14
Pyxis

Posted 10 January 2014 - 09:17 AM

Trusted Helper

Malware Removal
1,228 posts

Thank you for your cooperation. Your logs show no sign of infection. Congratulations, your system is now clean. :thumbsup:

Below are a few more steps you have to complete to ensure the good working condition of your system.

► Remove Special Tools with OTL by OldTimer

Using this tool will remove all temporary, and unnecessary files still in your computer after using the tools I asked you to run earlier.

Double-click OTL.exe to run it. For Windows Vista and Windows 7 users, please run it as an administrator.
As seen on the interface, click the CleanUp button.
You will be asked to reboot after. Please allow it to do so by clicking Yes on the next prompt.

► Set a Clean Restore Point

Doing this will prevent you from a possible reinfection. You see, malicious files try to save a copy of themselves in the System Volume Information storage. The latter is a protected directory; the best way to get rid of these possible copies is to do the step below. Since your system is now clean, it is essential to set a clean and working backup.

Navigate to Start, right-click Computer and click Properties.
On the left, click System protection.
Click Configure... > Delete.
Choose Continue when asked. Click Close and then OK.
Now click Create.... Input any title and press Create.
Once done, press Close > OK.
System Restore will now be working again.

I will now proceed to giving to tips on how to maintain your system as it is. You can do the following as a routine to ensure that your system will work properly. Anytime you encounter an infection again, please do not hesitate to go back here at Geeks to Go.

► Keep Your Computer Updated

Your current Windows operating system needs to install additional updates which are important, one of which is the Service Pack. The latter and other updates contain fixes and patches to prevent attackers from compromising your system. It is imperative that you keep your system up-to-date by obtaining free updates whenever they are available.

Install the latest Service Pack by going 'here'. If you already have, continually visit the official 'Microsoft Windows Update' site to keep your system up-to-date.► Update Java

One of the programs you use every day unknowingly is Java. It is necessary for a lot of applications thus you should make sure it is always up-to-date. Older versions may be prone to exploits and vulnerabilities. Your current installation is up-to-date, so the following advice is just for future reference.

Download the latest 'Java' installation and save it to your desktop.
- You need to uninstall any previous Java installations.
- For Windows XP: Navigate to Start > Control Panel > Add or Remove Programs.
- For Windows Vista: Navigate to Start > Control Panel > Programs and Features or Uninstall a Program.
- For Windows 7: Navigate to Start > Control Panel > Programs and Features or Uninstall a Program.
Search the list for previous installations of Java such as:
- Java™ 6 Update *
Proceed to uninstalling the old versions and install the one you've just downloaded.

► Update Your Anti-Virus Every Day

★ UpdatingEnsuring that you have one anti-virus installed in your system is a good way to prevent being infected. You must always make sure to update your anti-virus every day; anti-virus companies see to to it that the latest definition updates are distributed to be in par with the growing advancement and propagation of malware. Your anti-virus is useless if you do not update it.

★ ScanningSet a scanning routine. Ensure that you do a full scan with your anti-virus monthly. This is part of maintaining a clean system--a scanning routine proves to be effective. You can never be sure when your computer has caught an infection.

► Install Supplementary Programs

Alongside your anti-virus and firewall, various programs are can be obtained to help keep your system secure. Don't worry, they pose no conflict to your current installation. The best of all, these programs are free. The names contain the download links.

★ MVPS Hosts FileThe MVPS Hosts File replaces your current HOSTS file with one containing well-known ad sites, etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer. This also helps to protect your privacy and security by blocking sites that may track your viewing habits, also known as "click-thru tracking" or data miners.

★ SpywareBlasterSpywareBlaster can help keep your system secure, without interfering with the "good side" of the web. And unlike other programs, SpywareBlaster does not have to remain running in the background. It works alongside the programs you have to help secure your system.

Just like your regular security programs, SpywareBlaster needs to be updated every day.
Open the program by clicking the icon.
Click Updates > Check For Updates.
If there happens to be an update, a Enable All Protection button will appear. Please click that button.

If you have any unresolved issues with regard to this thread or you need more :help: