Thank you for taking the time to help me out. I have done as asked and here are the logs.
# AdwCleaner v3.023 - Report created 08/04/2014 at 12:57:55
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : spooke - CRAIG
# Running from : C:\Users\spooke\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16843
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1519 octets] - [08/04/2014 12:56:23]
AdwCleaner[S0].txt - [1448 octets] - [08/04/2014 12:57:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1508 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by spooke on Tue 08/04/2014 at 13:31:58.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/04/2014 at 13:40:41.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)
Ran by spooke (administrator) on CRAIG on 08-04-2014 13:05:15
Running from C:\Users\spooke\Downloads
Windows 8 (X64) OS Language: English(UK)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
() C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-05] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-04] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKU\S-1-5-21-2403232998-3213391607-3185536033-1003\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-09-24] (Google Inc.)
HKU\S-1-5-21-2403232998-3213391607-3185536033-1003\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2403232998-3213391607-3185536033-1003\...\MountPoints2: {9897e623-219b-11e3-be65-806e6f6e6963} - "H:\setup\rsrc\Autorun.exe"
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => "C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll" File Not Found
Startup: C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0AA4F017E5B8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchKeyword: google.com.au
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Extension: (Google Docs) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-24]
CHR Extension: (Google Drive) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-24]
CHR Extension: (YouTube) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-24]
CHR Extension: (Google Search) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-24]
CHR Extension: (Skype Click to Call) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-24]
CHR Extension: (Gmail) - C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 ASEUSBCC; C:\Windows\system32\drivers\AseUSBCC.sys [16384 2011-05-23] (Silicon Laboratories)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-04] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-04] ()
R3 LVPr2M64; C:\Windows\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-08 13:05 - 2014-04-08 13:05 - 00013839 _____ () C:\Users\spooke\Downloads\FRST.txt
2014-04-08 13:04 - 2014-04-08 13:05 - 00000000 ____D () C:\FRST
2014-04-08 13:04 - 2014-04-08 13:04 - 02157056 _____ (Farbar) C:\Users\spooke\Downloads\FRST64.exe
2014-04-08 13:01 - 2014-04-08 13:01 - 01145856 _____ (Farbar) C:\Users\spooke\Downloads\FRST.exe
2014-04-08 12:56 - 2014-04-08 12:57 - 00000000 ____D () C:\AdwCleaner
2014-04-08 12:55 - 2014-04-08 12:55 - 01426178 _____ () C:\Users\spooke\Downloads\AdwCleaner.exe
2014-04-06 22:57 - 2014-04-06 22:57 - 00463752 _____ () C:\Windows\Minidump\040614-20654-01.dmp
2014-04-06 18:05 - 2014-04-06 18:05 - 00113580 _____ () C:\Users\spooke\Desktop\OTL.Txt
2014-04-04 11:31 - 2014-04-04 11:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-04 10:08 - 2014-04-04 10:08 - 00002244 _____ () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-04-04 10:07 - 2014-04-04 10:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-03 10:29 - 2014-04-03 10:29 - 00000744 _____ () C:\Windows\KB893803v2.log
2014-04-02 16:14 - 2014-04-08 12:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-02 16:14 - 2014-04-06 18:40 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-02 16:13 - 2014-04-06 18:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-02 16:13 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-02 16:13 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-02 16:13 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 16:13 - 2014-04-02 16:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 21:15 - 2014-04-01 21:15 - 00082672 _____ () C:\Users\spooke\Downloads\Extras.Txt
2014-04-01 21:14 - 2014-04-06 17:59 - 00113580 _____ () C:\Users\spooke\Downloads\OTL.Txt
2014-04-01 19:00 - 2014-04-01 19:02 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\spooke\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-01 18:53 - 2014-04-01 18:53 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-04-01 18:45 - 2014-04-01 18:51 - 18486760 _____ (SUPERAntiSpyware) C:\Users\spooke\Downloads\SAS_5432.EXE
2014-03-31 17:58 - 2014-03-31 17:59 - 00602112 _____ (OldTimer Tools) C:\Users\spooke\Downloads\OTL (1).exe
2014-03-31 17:57 - 2014-03-31 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\spooke\Downloads\OTL.exe
2014-03-26 07:31 - 2014-03-26 07:31 - 00000000 ____D () C:\Users\spooke\Documents\Fax
2014-03-22 09:08 - 2014-03-22 09:08 - 00000000 ____D () C:\Users\spooke\Documents\EVE
2014-03-22 09:05 - 2014-03-22 09:05 - 00001895 _____ () C:\Users\spooke\Desktop\EVE.lnk
2014-03-22 09:05 - 2014-03-22 09:05 - 00000066 _____ () C:\Windows\131942
2014-03-22 09:05 - 2014-03-22 09:05 - 00000000 ____D () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2014-03-22 04:50 - 2014-03-22 04:50 - 00000000 ____D () C:\Program Files (x86)\CCP
2014-03-21 15:51 - 2014-03-21 15:51 - 00000000 ____D () C:\Users\spooke\AppData\Local\CCP
2014-03-21 09:59 - 2014-03-21 09:59 - 00316112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 20:05 - 2014-03-14 20:05 - 00000000 ____D () C:\Users\spooke\AppData\Local\Microsoft Help
2014-03-14 19:43 - 2013-10-25 17:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-14 19:43 - 2013-10-25 08:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-14 19:42 - 2014-02-23 18:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 19:42 - 2014-02-23 18:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 19:42 - 2014-02-23 18:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-14 19:42 - 2014-02-23 18:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-14 19:42 - 2014-02-23 18:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 19:42 - 2014-02-23 18:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 19:42 - 2014-02-23 18:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 19:42 - 2014-02-23 18:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 19:42 - 2014-02-23 18:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 19:42 - 2014-02-23 16:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 19:42 - 2014-02-23 16:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 19:42 - 2014-02-23 16:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 19:42 - 2014-02-23 16:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 19:42 - 2014-02-23 16:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 19:42 - 2014-02-23 16:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 19:42 - 2014-02-23 14:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-14 19:42 - 2014-02-08 14:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 19:40 - 2013-12-07 16:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-14 19:40 - 2013-12-07 15:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-14 19:39 - 2014-02-06 09:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 19:39 - 2014-02-06 09:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 19:39 - 2014-01-31 10:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 19:39 - 2014-01-31 10:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
==================== One Month Modified Files and Folders =======
2014-04-08 13:05 - 2014-04-08 13:05 - 00013839 _____ () C:\Users\spooke\Downloads\FRST.txt
2014-04-08 13:05 - 2014-04-08 13:04 - 00000000 ____D () C:\FRST
2014-04-08 13:05 - 2013-09-24 13:27 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2403232998-3213391607-3185536033-1003
2014-04-08 13:04 - 2014-04-08 13:04 - 02157056 _____ (Farbar) C:\Users\spooke\Downloads\FRST64.exe
2014-04-08 13:04 - 2012-07-26 17:28 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-08 13:01 - 2014-04-08 13:01 - 01145856 _____ (Farbar) C:\Users\spooke\Downloads\FRST.exe
2014-04-08 13:00 - 2013-09-24 17:38 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-08 13:00 - 2012-07-26 18:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-08 12:59 - 2014-04-02 16:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-08 12:59 - 2013-09-20 13:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-08 12:59 - 2013-09-20 12:23 - 00160054 _____ () C:\Windows\PFRO.log
2014-04-08 12:59 - 2012-07-26 17:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-08 12:58 - 2012-07-26 15:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-04-08 12:57 - 2014-04-08 12:56 - 00000000 ____D () C:\AdwCleaner
2014-04-08 12:55 - 2014-04-08 12:55 - 01426178 _____ () C:\Users\spooke\Downloads\AdwCleaner.exe
2014-04-08 12:24 - 2013-09-24 17:57 - 00000000 ____D () C:\Users\spooke\AppData\Roaming\TS3Client
2014-04-08 12:07 - 2013-09-24 17:38 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 12:00 - 2013-10-24 15:44 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-08 12:00 - 2013-09-24 18:59 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-08 11:56 - 2013-09-24 13:21 - 00000000 ____D () C:\Users\spooke\AppData\Local\Packages
2014-04-08 10:25 - 2013-09-20 12:27 - 01241026 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 22:17 - 2013-11-12 07:08 - 00000000 ____D () C:\Users\spooke\AppData\Roaming\ClassicShell
2014-04-07 17:31 - 2013-09-24 18:59 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-06 22:57 - 2014-04-06 22:57 - 00463752 _____ () C:\Windows\Minidump\040614-20654-01.dmp
2014-04-06 22:57 - 2013-09-26 04:44 - 641197471 _____ () C:\Windows\MEMORY.DMP
2014-04-06 22:57 - 2013-09-20 13:45 - 00000000 ____D () C:\Windows\Minidump
2014-04-06 21:00 - 2013-12-03 20:19 - 00000000 ____D () C:\Users\spooke\Desktop\Time sheets
2014-04-06 18:40 - 2014-04-02 16:14 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-06 18:40 - 2014-04-02 16:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-06 18:05 - 2014-04-06 18:05 - 00113580 _____ () C:\Users\spooke\Desktop\OTL.Txt
2014-04-06 17:59 - 2014-04-01 21:14 - 00113580 _____ () C:\Users\spooke\Downloads\OTL.Txt
2014-04-06 17:18 - 2012-07-26 18:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-06 17:14 - 2012-07-26 17:21 - 00032304 _____ () C:\Windows\setupact.log
2014-04-06 17:13 - 2013-09-24 17:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-04 11:31 - 2014-04-04 11:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-04 11:31 - 2014-03-08 17:47 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-04 11:31 - 2014-01-05 20:06 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-04 11:31 - 2013-09-24 17:38 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-04 11:31 - 2013-09-24 17:38 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-04 10:08 - 2014-04-04 10:08 - 00002244 _____ () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2014-04-04 10:07 - 2014-04-04 10:07 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-04-04 09:57 - 2012-07-26 18:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-03 10:29 - 2014-04-03 10:29 - 00000744 _____ () C:\Windows\KB893803v2.log
2014-04-03 09:51 - 2014-04-02 16:13 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-02 16:13 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-02 16:13 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 17:02 - 2013-09-24 17:38 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 17:02 - 2013-09-24 17:38 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 16:13 - 2014-04-02 16:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-01 21:15 - 2014-04-01 21:15 - 00082672 _____ () C:\Users\spooke\Downloads\Extras.Txt
2014-04-01 19:02 - 2014-04-01 19:00 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\spooke\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-01 18:53 - 2014-04-01 18:53 - 00000000 ____D () C:\ProgramData\SUPERSetup
2014-04-01 18:51 - 2014-04-01 18:45 - 18486760 _____ (SUPERAntiSpyware) C:\Users\spooke\Downloads\SAS_5432.EXE
2014-03-31 17:59 - 2014-03-31 17:58 - 00602112 _____ (OldTimer Tools) C:\Users\spooke\Downloads\OTL (1).exe
2014-03-31 17:57 - 2014-03-31 17:57 - 00602112 _____ (OldTimer Tools) C:\Users\spooke\Downloads\OTL.exe
2014-03-30 14:39 - 2013-09-24 17:38 - 00000000 ____D () C:\Users\spooke\AppData\Local\Google
2014-03-27 16:05 - 2014-02-22 17:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-26 07:31 - 2014-03-26 07:31 - 00000000 ____D () C:\Users\spooke\Documents\Fax
2014-03-22 09:08 - 2014-03-22 09:08 - 00000000 ____D () C:\Users\spooke\Documents\EVE
2014-03-22 09:05 - 2014-03-22 09:05 - 00001895 _____ () C:\Users\spooke\Desktop\EVE.lnk
2014-03-22 09:05 - 2014-03-22 09:05 - 00000066 _____ () C:\Windows\131942
2014-03-22 09:05 - 2014-03-22 09:05 - 00000000 ____D () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2014-03-22 04:50 - 2014-03-22 04:50 - 00000000 ____D () C:\Program Files (x86)\CCP
2014-03-21 15:51 - 2014-03-21 15:51 - 00000000 ____D () C:\Users\spooke\AppData\Local\CCP
2014-03-21 10:14 - 2014-01-17 15:10 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-03-21 09:59 - 2014-03-21 09:59 - 00316112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 17:31 - 2012-07-26 18:12 - 00000000 ____D () C:\Windows\rescache
2014-03-20 17:17 - 2013-09-25 16:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 17:16 - 2013-09-25 16:54 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-20 17:16 - 2012-07-26 15:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-20 17:02 - 2013-09-24 17:43 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-20 16:53 - 2013-09-25 12:57 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-20 16:04 - 2013-09-24 13:21 - 00000000 ___RD () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-20 16:04 - 2013-09-24 13:21 - 00000000 ___RD () C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-20 16:02 - 2012-07-26 18:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-20 16:02 - 2012-07-26 18:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-20 16:02 - 2012-07-26 18:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-20 16:02 - 2012-07-26 18:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-20 16:02 - 2012-07-26 18:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-20 16:01 - 2014-02-22 11:08 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-03-14 20:05 - 2014-03-14 20:05 - 00000000 ____D () C:\Users\spooke\AppData\Local\Microsoft Help
Files to move or delete:
====================
C:\Users\spooke\jagex_cl_runescape_LIVE.dat
C:\Users\spooke\random.dat
Some content of TEMP:
====================
C:\Users\spooke\AppData\Local\Temp\drm_dialogs.dll
C:\Users\spooke\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\spooke\AppData\Local\Temp\OfficeSetup.exe
C:\Users\spooke\AppData\Local\Temp\Quarantine.exe
C:\Users\spooke\AppData\Local\Temp\_is5899.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-08 11:36
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by spooke at 2014-04-08 13:05:41
Running from C:\Users\spooke\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Antec CC (HKLM-x32\...\{15E36881-D2F0-4730-B51C-4BE85647F702}) (Version: 1.2.0000 - Antec Inc.)
Antec CC Driver x64 (HKLM-x32\...\{8CF25D78-1DA6-4206-B0CE-5FA8155E36E0}) (Version: 3.2.0100 - Antec Inc.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2016 - Avast Software)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty® - World at War (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® - World at War (x32 Version: 1.0 - Activision) Hidden
Call of Duty® 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision)
Call of Duty® 2 (x32 Version: 1.2 - Activision) Hidden
Call of Duty® 4 - Modern Warfare (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty® 4 - Modern Warfare 1.4 Patch (x32 Version: - ) Hidden
Call of Duty® 4 - Modern Warfare 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty® 4 - Modern Warfare 1.6 Patch (x32 Version: - ) Hidden
Call of Duty® 4 - Modern Warfare 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version: - ) Hidden
Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
Company of Heroes (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 1.0.0.99 - THQ Inc.)
e-tax 2013 (HKLM-x32\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.10.558 - Australian Taxation Office)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812SEA}_is1) (Version: - Wargaming.net)
==================== Restore Points =========================
20-03-2014 07:15:56 Windows Update
27-03-2014 16:08:55 Scheduled Checkpoint
04-04-2014 01:29:29 avast! antivirus system restore point
==================== Hosts content: ==========================
2012-07-26 15:26 - 2012-07-26 15:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {015D5F4E-9AFA-4868-BF30-11A5D18B757D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {05C0DAF8-D7F5-473C-A63E-D7399D70305D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3C467652-B47E-480E-A2AC-32380B3CA6C1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {6AC873DF-F8AD-4212-AAE6-7BAC5E354608} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-04] (AVAST Software)
Task: {91B9101A-F297-44D9-B9D3-FED8D5067E3D} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {9D5FC548-E123-4FC2-85DD-FB195BAF411A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A9E44C57-3840-423D-B896-1DA45E39356C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-20 16:20 - 2013-10-31 16:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-25 12:57 - 2014-01-02 17:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-24 18:59 - 2013-11-01 14:20 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-20 16:38 - 2014-03-20 16:38 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-26 19:48 - 2012-07-26 19:46 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2009-10-14 12:36 - 2009-10-14 12:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 12:34 - 2009-10-14 12:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-04-07 20:26 - 2014-04-07 20:26 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040700\algo.dll
2014-02-05 23:52 - 2014-02-05 23:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-05 23:52 - 2014-02-05 23:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-10 19:41 - 2013-12-10 19:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/08/2014 01:03:41 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 10.0.9200.16843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1050
Start Time: 01cf52d6b3260e03
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id: 5f8946f5-beca-11e3-be94-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2014 10:51:12 PM) (Source: Bonjour Service) (User: )
Description: Timed out waiting for acknowledgement of machine sleep
Error: (04/03/2014 10:29:11 AM) (Source: Windows Installer 3.1) (User: )
Description: WindowsNot enough storage is available to process this command.
Error: (04/01/2014 07:29:17 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 18c8
Start Time: 01cf4d8c5664c901
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 173ba9fb-b980-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (04/01/2014 07:25:35 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1928
Start Time: 01cf4d87e705d828
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 92f56380-b97f-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (04/01/2014 06:53:50 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a34
Start Time: 01cf4d06f8d235d8
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 2381e133-b97b-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (04/01/2014 03:30:55 AM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1040
Start Time: 01cf4cb75a39e304
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 3552d28a-b8fa-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (03/31/2014 06:00:59 PM) (Source: Application Hang) (User: )
Description: The program explorer.exe version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 20
Start Time: 01cf4cb7449819e7
Termination Time: 0
Application Path: C:\Windows\explorer.exe
Report Id: 96c4e034-b8aa-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (03/31/2014 06:00:23 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1350
Start Time: 01cf4cb4de6d0791
Termination Time: 0
Application Path: C:\Windows\Explorer.EXE
Report Id: 7f574aaa-b8aa-11e3-be91-bc5ff4d5a3ad
Faulting package full name:
Faulting package-relative application ID:
Error: (03/28/2014 06:04:54 PM) (Source: MsiInstaller) (User: Craig)
Description: Product: AGEIA PhysX v7.07.09 -- Installation terminated
System errors:
=============
Error: (04/08/2014 01:01:47 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (04/08/2014 01:01:47 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (04/08/2014 00:59:22 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
Error: (04/06/2014 10:59:44 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (04/06/2014 10:59:44 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (04/06/2014 10:57:55 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xfffffa800b693140, 0xfffff8024dee0790)C:\Windows\MEMORY.DMP040614-20654-01
Error: (04/06/2014 10:56:59 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0
Error: (04/06/2014 10:57:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:16:26 PM on 6/04/2014 was unexpected.
Error: (04/06/2014 05:27:48 PM) (Source: usbehci) (User: )
Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response.
Error: (04/01/2014 07:34:55 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Microsoft Office Sessions:
=========================
Error: (04/08/2014 01:03:41 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.16843105001cf52d6b3260e030C:\Program Files\Internet Explorer\iexplore.exe5f8946f5-beca-11e3-be94-bc5ff4d5a3ad
Error: (04/06/2014 10:51:12 PM) (Source: Bonjour Service)(User: )
Description: Timed out waiting for acknowledgement of machine sleep
Error: (04/03/2014 10:29:11 AM) (Source: Windows Installer 3.1)(User: )
Description: WindowsNot enough storage is available to process this command.
Error: (04/01/2014 07:29:17 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.2.9200.1662818c801cf4d8c5664c9010C:\Windows\explorer.exe173ba9fb-b980-11e3-be91-bc5ff4d5a3ad
Error: (04/01/2014 07:25:35 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.2.9200.16628192801cf4d87e705d8280C:\Windows\explorer.exe92f56380-b97f-11e3-be91-bc5ff4d5a3ad
Error: (04/01/2014 06:53:50 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.2.9200.166281a3401cf4d06f8d235d80C:\Windows\explorer.exe2381e133-b97b-11e3-be91-bc5ff4d5a3ad
Error: (04/01/2014 03:30:55 AM) (Source: Application Hang)(User: )
Description: explorer.exe6.2.9200.16628104001cf4cb75a39e3040C:\Windows\explorer.exe3552d28a-b8fa-11e3-be91-bc5ff4d5a3ad
Error: (03/31/2014 06:00:59 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.2.9200.166282001cf4cb7449819e70C:\Windows\explorer.exe96c4e034-b8aa-11e3-be91-bc5ff4d5a3ad
Error: (03/31/2014 06:00:23 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.16628135001cf4cb4de6d07910C:\Windows\Explorer.EXE7f574aaa-b8aa-11e3-be91-bc5ff4d5a3ad
Error: (03/28/2014 06:04:54 PM) (Source: MsiInstaller)(User: Craig)
Description: Product: AGEIA PhysX v7.07.09 -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
OTL logfile created on: 8/04/2014 1:08:36 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\spooke\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16843)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
8.00 Gb Total Physical Memory | 6.48 Gb Available Physical Memory | 81.00% Memory free
16.00 Gb Paging File | 14.27 Gb Available in Paging File | 89.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.17 Gb Total Space | 763.07 Gb Free Space | 81.95% Space Free | Partition Type: NTFS
Drive H: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CRAIG | User Name: spooke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/04 11:31:21 | 003,854,640 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/04/04 11:31:21 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/03/31 17:59:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\spooke\Downloads\OTL (1).exe
PRC - [2014/03/28 18:03:31 | 000,309,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2014/03/03 08:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/03 08:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/12/19 04:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/19 06:43:06 | 001,677,080 | ---- | M] (ClanServers Hosting LLC) -- C:\Program Files (x86)\GameTracker\GSInGameService.exe
PRC - [2013/11/01 14:20:15 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:22 | 000,125,464 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/10 19:41:23 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014/04/04 11:31:21 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/03/01 03:16:08 | 002,169,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2013/10/25 17:34:55 | 000,016,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2013/08/16 15:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/06/25 08:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/06/01 19:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 16:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 16:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/04/09 14:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/03/02 12:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 12:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 09:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/10 09:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012/09/20 16:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 13:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012/07/26 13:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 13:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 13:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 13:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 13:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 13:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 13:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 13:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 13:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 13:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/07/26 10:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2009/10/07 00:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/03/03 08:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/03 08:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/12/19 04:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/19 06:43:06 | 001,677,080 | ---- | M] (ClanServers Hosting LLC) [Auto | Running] -- C:\Program Files (x86)\GameTracker\GSInGameService.exe -- (GS In-Game Service)
SRV - [2013/11/01 14:20:15 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/10/23 07:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/26 13:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012/07/26 13:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/04/08 12:59:59 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/04 11:31:22 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/04/04 11:31:22 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/04/04 11:31:22 | 000,208,928 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/04 11:31:22 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/04 11:31:22 | 000,084,816 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/04/04 11:31:22 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/04 11:31:22 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/03 09:51:22 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/10/25 17:34:52 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/10/25 08:34:32 | 000,248,240 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/10/10 21:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 16:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/10/02 12:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/08/16 15:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 16:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2013/07/09 18:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 11:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 11:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 16:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 13:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/03/02 20:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 20:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/01/10 11:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/27 13:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/20 14:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/06 13:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/12 18:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 17:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/09/20 17:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/09/20 17:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/26 15:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 15:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 15:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 15:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 15:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 15:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 15:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 15:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 15:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 15:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 15:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 15:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 15:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 15:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 15:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 15:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 15:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 14:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 14:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 13:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 12:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 12:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 12:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 12:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 12:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 12:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 12:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 12:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 12:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 12:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 12:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 12:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 12:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 12:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 12:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 12:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 12:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 12:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 12:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 12:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 12:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/04 01:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/06/03 00:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/06/03 00:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/05/23 08:39:28 | 000,016,384 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AseUSBCC.sys -- (ASEUSBCC)
DRV:64bit: - [2009/10/07 18:49:27 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2009/10/07 18:47:44 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/07 18:45:37 | 000,271,640 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2009/10/07 00:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/07 00:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\LVPr2M64.sys -- (LVPr2M64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A A4 F0 17 E5 B8 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...SAVT_en-GBAU555
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Docs = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0\
CHR - Extension: Skype Click to Call = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\
CHR - Extension: Google Wallet = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\spooke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012/07/26 15:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - Startup: C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29C8BDF7-3AE4-4D73-9B13-3948839CBF60}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7163EEE-507A-44A5-BB87-51E3DCC57FB7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4AFE336-E5D0-484B-AE06-B9409E478E7B}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/16 10:53:55 | 000,000,142 | R--- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{9897e623-219b-11e3-be65-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9897e623-219b-11e3-be65-806e6f6e6963}\Shell\AutoRun\command - "" = H:\setup\rsrc\Autorun.exe -- [2007/08/16 11:55:00 | 000,051,048 | R--- | M] (Activision)
O33 - MountPoints2\{9897e623-219b-11e3-be65-806e6f6e6963}\Shell\dinstall\command - "" = H:\DirectX\DXSETUP.exe -- [2008/05/31 08:34:50 | 000,528,392 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {74166507-F39E-305E-A972-2C3478E47350} - .NET Framework
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/04/08 13:04:32 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/08 12:56:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/04 11:31:22 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/04 10:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2014/04/02 16:14:20 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/02 16:13:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/02 16:13:58 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/02 16:13:58 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/02 16:13:58 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 16:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/02 16:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/01 18:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2014/03/26 07:31:44 | 000,000,000 | R--D | C] -- C:\Users\spooke\Documents\Scanned Documents
[2014/03/26 07:31:43 | 000,000,000 | ---D | C] -- C:\Users\spooke\Documents\Fax
[2014/03/22 09:08:42 | 000,000,000 | ---D | C] -- C:\Users\spooke\Documents\EVE
[2014/03/22 09:05:32 | 000,000,000 | ---D | C] -- C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
[2014/03/22 04:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCP
[2014/03/21 15:51:41 | 000,000,000 | ---D | C] -- C:\Users\spooke\AppData\Local\CCP
[2014/03/14 20:05:22 | 000,000,000 | ---D | C] -- C:\Users\spooke\AppData\Local\Microsoft Help
[2014/03/14 19:43:04 | 000,248,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/03/14 19:43:04 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/03/14 19:42:33 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/03/14 19:42:33 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/14 19:42:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/14 19:42:32 | 003,960,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/14 19:42:32 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/14 19:42:32 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/14 19:42:32 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/14 19:42:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/14 19:42:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/14 19:42:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/14 19:42:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/14 19:42:32 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/03/14 19:42:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/14 19:42:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/03/14 19:42:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/14 19:42:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/14 19:39:21 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/14 19:39:21 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/14 19:39:20 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/08 13:07:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/08 13:04:06 | 000,848,230 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/08 13:04:06 | 000,722,260 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/08 13:04:06 | 000,136,434 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/08 13:01:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/08 13:00:07 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/08 12:59:59 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/08 12:59:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/04/08 12:59:25 | 2576,334,847 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/08 12:00:15 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014/04/08 12:00:15 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/04/07 17:31:54 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/04/06 22:57:05 | 641,197,471 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/04/06 18:40:16 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/04 11:31:46 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/04/04 11:31:22 | 001,039,096 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/04/04 11:31:22 | 000,423,240 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/04/04 11:31:22 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/04/04 11:31:22 | 000,208,928 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/04/04 11:31:22 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/04/04 11:31:22 | 000,084,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/04/04 11:31:22 | 000,079,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/04/04 11:31:22 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/04/04 11:31:22 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/04/03 09:51:22 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/22 09:05:40 | 000,000,066 | ---- | M] () -- C:\Windows\131942
[2014/03/22 09:05:32 | 000,001,895 | ---- | M] () -- C:\Users\spooke\Desktop\EVE.lnk
[2014/03/21 09:59:31 | 000,316,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/20 17:02:21 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/20 16:01:45 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/04 10:08:24 | 000,002,244 | ---- | C] () -- C:\Users\spooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2014/04/02 16:14:00 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/22 09:05:40 | 000,000,066 | ---- | C] () -- C:\Windows\131942
[2014/03/22 09:05:32 | 000,001,895 | ---- | C] () -- C:\Users\spooke\Desktop\EVE.lnk
[2014/03/21 09:59:25 | 000,316,112 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/28 07:16:18 | 000,000,045 | ---- | C] () -- C:\Users\spooke\jagex_cl_runescape_LIVE.dat
[2013/11/28 07:16:18 | 000,000,024 | ---- | C] () -- C:\Users\spooke\random.dat
[2013/11/01 10:45:45 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2013/09/27 08:58:37 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/09/27 08:47:34 | 000,000,017 | ---- | C] () -- C:\Users\spooke\AppData\Local\resmon.resmoncfg
[2013/09/25 16:58:34 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2013/09/24 18:59:58 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/09/24 18:59:54 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/09/24 18:59:54 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/10/26 15:42:24 | 000,336,232 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/10/26 15:42:22 | 010,919,784 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/10/26 15:42:22 | 000,103,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/07/26 18:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 18:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 17:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 11:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/26 06:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/26 06:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/03 00:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2013/09/24 19:00:35 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/07 16:36:58 | 019,751,936 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/07 15:15:36 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 13:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 13:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 13:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ==========
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD10EZEX-00KUWA0
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Generic- SD/MMC USB Device
Partitions: 0
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Generic- Compact Flash USB Device
Partitions: 0
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Generic- SM/xD-Picture USB Device
Partitions: 0
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Generic- MS/MS-Pro USB Device
Partitions: 0
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 350.00MB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931.00GB
Starting Offset: 368050176
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\assembly\GAC_32\*.ini >
< %systemroot%\assembly\GAC_64\*.ini >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*.exe >
< %APPDATA%\*. >
[2013/09/28 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Adobe
[2013/10/26 21:13:20 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Apple Computer
[2013/12/11 15:16:07 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\AVAST Software
[2014/04/07 22:17:23 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\ClassicShell
[2013/12/30 21:21:36 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\GameTracker
[2013/09/24 19:51:54 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Google
[2013/10/14 17:13:34 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\InstallShield
[2014/02/22 11:16:07 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Leadertech
[2013/09/24 15:15:40 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Macromedia
[2013/10/18 16:14:53 | 000,000,000 | --SD | M] -- C:\Users\spooke\AppData\Roaming\Microsoft
[2013/11/28 07:18:11 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\NVIDIA
[2014/02/23 11:43:04 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Skype
[2014/04/08 12:24:29 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\TS3Client
[2013/10/14 17:27:33 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Ubisoft
[2013/09/25 05:22:38 | 000,000,000 | ---D | M] -- C:\Users\spooke\AppData\Roaming\Wargaming.net
< MD5 for: ATAPI.SYS >
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 15:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys
< MD5 for: CSRSS.EXE >
[2012/07/26 15:26:45 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=0D9F14739D05F8B8B028B539FC6F1F29 -- C:\Windows\SysNative\csrss.exe
[2012/07/26 15:26:45 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=0D9F14739D05F8B8B028B539FC6F1F29 -- C:\Windows\WinSxS\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.2.9200.16384_none_b1ad8b3c6dd9e443\csrss.exe
< MD5 for: EXPLORER.EXE >
[2013/06/01 21:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 21:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2013/10/01 08:45:45 | 000,221,955 | ---- | M] () MD5=1ECE041EA5E874EACFACAF669935C99C -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013/10/01 08:45:47 | 000,220,310 | ---- | M] () MD5=256368C2692116A3C548604C2CE27D76 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2013/10/01 09:45:38 | 000,190,101 | ---- | M] () MD5=41ADFECAD97C72667F6479DB939988CE -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2013/10/01 08:45:51 | 000,217,360 | ---- | M] () MD5=42DAB268EC6A5E5E7A8F78767C741FE3 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2013/10/01 09:45:32 | 000,191,911 | ---- | M] () MD5=58651E841B6FF7ACF85E594B9EAC7105 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2013/10/01 08:45:49 | 000,220,321 | ---- | M] () MD5=79E71E463607319EE26EBD67D7E20E33 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2013/10/01 09:45:29 | 000,193,351 | ---- | M] () MD5=D1B38051A708991B2A648BDFB0AC859F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2013/10/01 09:45:35 | 000,191,929 | ---- | M] () MD5=D676C58091D282BCAFBFE8EF86FCE977 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/01 20:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 20:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
< MD5 for: MSWSOCK.DLL >
[2013/10/03 19:12:35 | 000,009,902 | ---- | M] () MD5=16C7FAC176EBA765AF492ABEF26A48B2 -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_b4fe62e6feb2834f\mswsock.dll
[2012/10/11 15:44:51 | 000,355,328 | ---- | M] (Microsoft Corporation) MD5=1AC307A2F7317007BC382046B3835202 -- C:\Windows\SysNative\mswsock.dll
[2012/10/11 15:44:51 | 000,355,328 | ---- | M] (Microsoft Corporation) MD5=1AC307A2F7317007BC382046B3835202 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_11520fa2b6e84ca0\mswsock.dll
[2013/10/03 19:12:35 | 000,000,998 | ---- | M] () MD5=46BC0577DE994B898EFD4CCD8C9FCDDB -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_b5be113417a7948b\mswsock.dll
[2013/10/01 09:34:19 | 000,001,574 | ---- | M] () MD5=A8CD55E55B81EA12777D31688243094E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_111cfe6ab70ff485\mswsock.dll
[2012/10/11 15:06:45 | 000,289,280 | ---- | M] (Microsoft Corporation) MD5=C317E72447B437F99CC750BD876DF30E -- C:\Windows\SysWOW64\mswsock.dll
[2012/10/11 15:06:45 | 000,289,280 | ---- | M] (Microsoft Corporation) MD5=C317E72447B437F99CC750BD876DF30E -- C:\Windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_b533741efe8adb6a\mswsock.dll
[2013/10/01 09:34:20 | 000,000,945 | ---- | M] () MD5=D5D615CF095EBAF7ECE1339D7E05A39B -- C:\Windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_11dcacb7d00505c1\mswsock.dll
< MD5 for: NAPINSP.DLL >
[2012/07/26 13:06:32 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=149FEE067A002D75B7714C300D019C9E -- C:\Windows\SysNative\NapiNSP.dll
[2012/07/26 13:06:32 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=149FEE067A002D75B7714C300D019C9E -- C:\Windows\WinSxS\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.2.9200.16384_none_04e6e82d18f51cb7\NapiNSP.dll
[2012/07/26 13:19:20 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=E896C75EE5CB36A252B1C908E2DDAB2C -- C:\Windows\SysWOW64\NapiNSP.dll
[2012/07/26 13:19:20 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=E896C75EE5CB36A252B1C908E2DDAB2C -- C:\Windows\WinSxS\wow64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.2.9200.16384_none_0f3b927f4d55deb2\NapiNSP.dll
< MD5 for: NLAAPI.DLL >
[2013/10/01 09:16:53 | 000,000,577 | ---- | M] () MD5=215FFB4020673E1ED30C09634F9BB083 -- C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16384_none_c04f9d2b94ae7b5c\nlaapi.dll
[2013/10/01 09:59:26 | 000,000,562 | ---- | M] () MD5=5B320B60B1CF2BA396073D707E19490D -- C:\Windows\WinSxS\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16420_none_cae127c3c8e22d7c\nlaapi.dll
[2013/10/01 09:59:26 | 000,000,571 | ---- | M] () MD5=7625DABF7E53DBE548AD710570C97E09 -- C:\Windows\WinSxS\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16384_none_caa4477dc90f3d57\nlaapi.dll
[2013/10/01 09:59:26 | 000,000,556 | ---- | M] () MD5=AB9A01083E8AD1C92C02F635785FB39A -- C:\Windows\WinSxS\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.20623_none_cb6dc752e1fd1672\nlaapi.dll
[2013/10/01 09:16:53 | 000,000,504 | ---- | M] () MD5=B30EAA791FAF49C7897093A76CD29BD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16420_none_c08c7d7194816b81\nlaapi.dll
[2013/10/01 09:59:26 | 000,000,570 | ---- | M] () MD5=B7EA5AA6168BDB4950E7E6D9A9D454C6 -- C:\Windows\WinSxS\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.20521_none_cb6bc4d8e1fee69d\nlaapi.dll
[2013/10/01 09:16:54 | 000,000,564 | ---- | M] () MD5=CB11BF95C7B097174B2582080691963C -- C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.20521_none_c1171a86ad9e24a2\nlaapi.dll
[2013/10/01 09:16:55 | 000,000,577 | ---- | M] () MD5=CC759F0A6A82B7C3FC86099C4CA2ED2E -- C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.20623_none_c1191d00ad9c5477\nlaapi.dll
[2013/02/02 18:39:34 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=DA74DB6E019D7B27C7EA25155EE6DE34 -- C:\Windows\SysWOW64\nlaapi.dll
[2013/02/02 18:39:34 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=DA74DB6E019D7B27C7EA25155EE6DE34 -- C:\Windows\WinSxS\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16518_none_caf3fbe5c8d2d96a\nlaapi.dll
[2012/09/20 16:32:17 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=F0C56FAF38A244599CBC173D581E27FC -- C:\Windows\SysNative\nlaapi.dll
[2012/09/20 16:32:17 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=F0C56FAF38A244599CBC173D581E27FC -- C:\Windows\WinSxS\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.2.9200.16518_none_c09f51939472176f\nlaapi.dll
< MD5 for: PNRPNSP.DLL >
[2012/07/26 13:06:58 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=CA4FAFFA957C71C006B59E29DFE3EB8B -- C:\Windows\SysNative\pnrpnsp.dll
[2012/07/26 13:06:58 | 000,085,504 | ---- | M] (Microsoft Corporation) MD5=CA4FAFFA957C71C006B59E29DFE3EB8B -- C:\Windows\WinSxS\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.2.9200.16384_none_ca48bd17ac38cb00\pnrpnsp.dll
[2012/07/26 13:19:42 | 000,067,584 | ---- | M] (Microsoft Corporation) MD5=E31D5851E5F789D29DB955C75C3760BA -- C:\Windows\SysWOW64\pnrpnsp.dll
[2012/07/26 13:19:42 | 000,067,584 | ---- | M] (Microsoft Corporation) MD5=E31D5851E5F789D29DB955C75C3760BA -- C:\Windows\WinSxS\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.2.9200.16384_none_d49d6769e0998cfb\pnrpnsp.dll
< MD5 for: PRINTISOLATIONHOST.EXE >
[2012/07/26 13:08:36 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=827D109E7C4213C41C76C5D7A05C483C -- C:\Windows\SysNative\PrintIsolationHost.exe
[2012/07/26 13:08:36 | 000,075,776 | ---- | M] (Microsoft Corporation) MD5=827D109E7C4213C41C76C5D7A05C483C -- C:\Windows\WinSxS\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.2.9200.16384_none_f578ba52e86663f9\PrintIsolationHost.exe
< MD5 for: SERVICES.EXE >
[2012/09/20 16:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\SysNative\services.exe
[2012/09/20 16:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[2013/10/01 09:21:45 | 000,038,189 | ---- | M] () MD5=D57F7B680D3045BC6F85A8C210078583 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
[2013/10/01 09:21:46 | 000,001,252 | ---- | M] () MD5=E1EAA0EC671C4ADE67FF191C519E98CE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
< MD5 for: SVCHOST.EXE >
[2013/10/01 09:23:04 | 000,002,873 | ---- | M] () MD5=14322A935ED41E8B22CFBE5DFA5850FD -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[2013/10/03 19:09:41 | 000,000,583 | ---- | M] () MD5=3B510520265DE4086A10617127817E3C -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[2013/10/03 19:09:40 | 000,003,208 | ---- | M] () MD5=7DE9ABDC7A673AD08516F0B077E89C29 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[2013/10/01 09:23:04 | 000,000,609 | ---- | M] () MD5=935D512CF5E5B77C7DF909CF074F57FA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2012/09/20 15:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\SysWOW64\svchost.exe
[2012/09/20 15:55:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=A46DC432F81473F526E3994AA483E366 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
[2012/09/20 16:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\SysNative\svchost.exe
[2012/09/20 16:33:52 | 000,029,696 | ---- | M] (Microsoft Corporation) MD5=EDE27EACE742EE2888C5DD36400A2EC0 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe
< MD5 for: USER32.DLL >
[2013/10/01 09:33:53 | 000,001,406 | ---- | M] () MD5=2777CE80C7915D3EEFD78B9D8D2368DF -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_260213a5f720b529\user32.dll
[2013/10/01 09:33:53 | 000,001,384 | ---- | M] () MD5=318FAD08ED3086FA0D6673B52222B122 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_26c9910110105e6f\user32.dll
[2013/10/02 08:24:15 | 000,000,178 | ---- | M] () MD5=A5644D63ADB079D482FD08D5E7779AE0 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_311e3b534471206a\user32.dll
[2012/09/20 16:33:05 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=A99AD14F26BDA7D7F27F76BC91B7EED7 -- C:\Windows\SysNative\user32.dll
[2012/09/20 16:33:05 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=A99AD14F26BDA7D7F27F76BC91B7EED7 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_263ef3ebf6f3a54e\user32.dll
[2012/09/20 14:10:09 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=BA1C3ACD929A71E88B49C2B6E38F92B3 -- C:\Windows\SysWOW64\user32.dll
[2012/09/20 14:10:09 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=BA1C3ACD929A71E88B49C2B6E38F92B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_30939e3e2b546749\user32.dll
[2013/10/02 08:24:14 | 000,000,190 | ---- | M] () MD5=BE234AC81A486F59F3B40C76BD3997C9 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_3056bdf82b817724\user32.dll
< MD5 for: USERINIT.EXE >
[2012/07/26 13:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\SysNative\userinit.exe
[2012/07/26 13:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012/07/26 13:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012/07/26 13:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
[2014/04/01 18:44:32 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) MD5=C038AC0153BFFE7F8778D404C0872317 -- C:\Users\spooke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XJBHMPKU\uSeRiNiT.exe
< MD5 for: WINLOGON.EXE >
[2013/10/01 09:38:40 | 000,053,889 | ---- | M] () MD5=299D58FAE8D16B0BC2D1D4E07A19B635 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2014/04/03 09:49:02 | 000,742,200 | ---- | M] (MalwareBytes) MD5=96820649733BFB2B0499C371904B7B40 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2013/10/01 09:38:41 | 000,001,620 | ---- | M] () MD5=BAAB86E0139A81CA0F56017C2FB84BB8 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2012/10/11 15:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\SysNative\winlogon.exe
[2012/10/11 15:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2014/04/01 18:59:24 | 001,933,048 | ---- | M] (Bleeping Computer, LLC) MD5=C038AC0153BFFE7F8778D404C0872317 -- C:\Users\spooke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XJBHMPKU\WiNlOgOn.exe
[2013/10/01 09:38:41 | 000,053,884 | ---- | M] () MD5=C72229EC9026AD8541881911A9BAC83D -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2013/10/01 09:38:40 | 000,053,876 | ---- | M] () MD5=EB216271555A102E51D837B3E8D8F74B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
< MD5 for: WINRNR.DLL >
[2012/07/26 13:07:57 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=768B5A538A11E9C6F8EDD9AFDFA16936 -- C:\Windows\SysNative\winrnr.dll
[2012/07/26 13:07:57 | 000,053,760 | ---- | M] (Microsoft Corporation) MD5=768B5A538A11E9C6F8EDD9AFDFA16936 -- C:\Windows\WinSxS\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.2.9200.16384_none_b217fa53d9da6d61\winrnr.dll
[2012/07/26 13:20:25 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=BAB337D3F4C2ECDF883B9CAEC41F49FB -- C:\Windows\SysWOW64\winrnr.dll
[2012/07/26 13:20:25 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=BAB337D3F4C2ECDF883B9CAEC41F49FB -- C:\Windows\WinSxS\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.2.9200.16384_none_55f95ed0217cfc2b\winrnr.dll
< MD5 for: WSHELPER.DLL >
[2012/07/26 13:20:39 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=261FDB43C7772B71E44D3B0D6161CD0B -- C:\Windows\SysWOW64\wshelper.dll
[2012/07/26 13:20:39 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=261FDB43C7772B71E44D3B0D6161CD0B -- C:\Windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_67a35424b57ff35b\wshelper.dll
[2012/07/26 13:08:12 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=ECBD769AE04E8A2ECDC2D12CB1C5EB41 -- C:\Windows\SysNative\wshelper.dll
[2012/07/26 13:08:12 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=ECBD769AE04E8A2ECDC2D12CB1C5EB41 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_5d4ea9d2811f3160\wshelper.dll
< C:\Windows\assembly\tmp\U\*.* /s >
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014/02/23 19:38:10 | 000,775,344 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2014/02/23 19:38:10 | 000,775,344 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014/03/15 10:50:42 | 000,859,976 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014/02/23 18:13:59 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014/02/23 18:13:59 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014/02/23 18:13:59 | 000,051,712 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014/02/23 19:38:10 | 000,775,344 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2014/02/23 19:38:10 | 000,775,344 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %ProgramFiles%\WINDOWS NT\*.* /s >
[2013/03/02 18:24:08 | 004,298,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\wordpad.exe
[2013/03/02 18:23:39 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\WordpadFilter.dll
[2012/07/26 19:43:02 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\en-GB\wordpad.exe.mui
[2012/07/26 13:20:05 | 000,598,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextService.dll
[2012/06/03 00:40:28 | 000,013,862 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2012/06/03 00:40:28 | 001,272,944 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2012/06/03 00:40:28 | 000,980,224 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2012/06/03 00:40:28 | 000,013,874 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceTigrinya.txt
[2012/06/03 00:40:28 | 000,045,170 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2012/07/26 19:43:06 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\en-US\TableTextService.dll.mui
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< End of report >
OTL Extras logfile created on: 8/04/2014 1:08:36 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\spooke\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16843)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
8.00 Gb Total Physical Memory | 6.48 Gb Available Physical Memory | 81.00% Memory free
16.00 Gb Paging File | 14.27 Gb Available in Paging File | 89.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.17 Gb Total Space | 763.07 Gb Free Space | 81.95% Space Free | Partition Type: NTFS
Drive H: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CRAIG | User Name: spooke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022212B4-926F-4D71-859F-DC7FDB575042}" = rport=138 | protocol=17 | dir=out | app=system |
"{0E638B26-9FEB-428C-8BC9-A4EA320F981E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{18452207-A15A-441D-91C3-962D71964CE0}" = rport=139 | protocol=6 | dir=out | app=system |
"{4E975B45-D95A-4CE8-8110-07A12B20005A}" = rport=445 | protocol=6 | dir=out | app=system |
"{557D7EF2-3FF0-4DBE-A6E1-7D4A0FDCD566}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73B2EEC1-F9D4-4E67-B72D-A34D20205999}" = lport=138 | protocol=17 | dir=in | app=system |
"{78F245D5-460A-4919-B709-D19F8FB1B228}" = lport=139 | protocol=6 | dir=in | app=system |
"{892F37A8-02FB-4F19-867A-5A134CBFC68E}" = rport=137 | protocol=17 | dir=out | app=system |
"{D0133B4B-F20F-4135-A1B7-841F677482C7}" = lport=445 | protocol=6 | dir=in | app=system |
"{D0345D24-BC51-4886-BBBA-D4817842526F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E02E47EA-BA1B-43C7-826F-5C14F78AF4BB}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4A115B0-BA0F-461E-9FB3-16A75FFF438F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017A7482-61B2-41DD-BD9D-03675938DF77}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{0574D807-5828-4B93-A977-AC0488EB526F}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{087ED071-38F9-4193-BAE7-CC5C18DE537A}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{09D7D88C-58B0-4DBC-937F-AE3BD2E78FEB}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0B07F26F-7E72-450A-94D3-10C86ACC15DE}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{0FC41050-FE17-46BC-A04C-B1ED87553799}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{105A438F-36EB-4086-9F90-C5B522FF2DAA}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{106E1986-96C3-44E8-BED7-62F6EF721889}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{11F09EE7-31EB-48E3-8A83-77DB06F57525}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{129289DB-8B87-437D-9980-2449175AE390}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{1698DA06-4BCD-4FCA-A250-878A42F4423C}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{1B58374A-CCF8-4F5C-8AA0-FB501CADAF46}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{22CCF4C8-6C8A-4D98-A761-9C2DBBB9F4D2}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{274BE586-13C2-497C-8118-5A2FAAE77E31}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{29E44B4A-F873-456D-9810-71A82D600974}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe |
"{2AD76277-7475-42D9-B4FA-958A6568020E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{2B23A950-D34B-44E3-9652-AACC22FC2D61}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{2D3987ED-E68F-47A7-A535-04D36D0386CE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{31159A81-8892-4143-9A60-2C58431879E2}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{34A2CC58-F336-4E95-9979-90D5A8ECCD28}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{36CC39B9-F14D-4056-8FD1-24510346616B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{36ED48C2-95AF-4903-B6AC-172307B4F27D}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{3901EEA3-C68F-455A-9042-82DC79CC413B}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3A85D301-2B74-4ABD-9607-D4A434AEEF61}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{3B74ED33-E75B-453A-ACF8-3B29EB774B17}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3CAF5BC5-7143-46A6-92C9-0C00D51F64FF}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3E0E5F50-A65E-42EF-AFE4-AC3139CB0F80}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{45450B47-3DA2-48D2-A95F-A3BA493DC2FC}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{45C4F13C-D1D1-4ED1-B443-10D76AEF89D4}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{476CFC2B-3477-4940-B803-DBB29B620B27}" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{4820023B-CDF6-4227-B2D2-65E9040608D8}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{48CCEE7D-A463-40ED-9E79-E8E5FBB1FEA2}" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\launcher.exe |
"{4C066CFE-4AAB-4ACB-B9BB-EFC9F9965CFF}" = protocol=1 | dir=in | [email protected],-28543 |
"{4C309545-400E-4964-89AD-33B53358C2C2}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4E2324F1-7BDF-430E-B622-DED29624BDB0}" = dir=in | app=c:\users\spooke\appdata\local\microsoft\skydrive\skydrive.exe |
"{530A211A-5B11-4666-8AE8-3A422B8FD75D}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{5AC625B7-AD7E-4E6E-AAD9-A1A5C5B404AA}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{5C6688EC-7304-407C-98E5-C39FF183BC17}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{5F3AF9B4-0B6D-41A8-B65B-C5170B5C1E57}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{61106A24-1239-449E-B8E9-7502C65B87BC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{6248030C-BE11-4329-87CB-15840F368730}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6AE7643A-BE99-465C-9142-7A204FBBF552}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{6D85EB4C-EB63-4B9D-98A4-10D22326E6D3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{723F84EE-072B-4B61-9260-60ABD5B66EED}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{765F418A-3F8E-4B67-9A63-706611F44B04}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{8068E40A-9DE9-451E-BBF1-4FF9A24968E8}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{817A1A95-E2BA-4568-A626-6BE916454B60}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8424B5B2-B93C-4296-BACA-023B5E348000}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{86B40407-C03B-4D00-9D73-DEEBBD3D8E8C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{86DCC019-934D-4D86-935E-98E4E7DAB132}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{875E0CBB-C9F6-4817-AA6B-2C5AA051E779}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{8F8E5FAE-A92E-45B7-9094-FE9262F7F70B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{90DDD928-8FCF-48EB-A086-A41CCB7936FF}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{9434CFFE-7B62-4A97-B051-12E51B2BF2A9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{969EA9E9-EF19-4CA3-9572-4A3DBAE69803}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9A9DB376-9052-4ED7-97D0-C85B5DC403A6}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{9B80EB21-BC1F-45EC-A54B-4118F947D1FF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A0389938-7C63-4675-80B6-E7D47188DA83}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A26696BC-AB5A-41E0-8DEC-0B5C56E96932}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A39023BE-69C3-4B04-B7A2-4E4F757E34A8}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{A4C90163-0F0D-4F63-B214-9778D717613F}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A57B5599-74A5-412F-A613-4F6E25531BA7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A610850C-69B3-451B-ABE3-B306674C5F0F}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{ABB238C6-A7A3-4007-ADB0-2BDF9BF9A7A7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"{B2245597-D417-414A-AA1C-60AE21975F3D}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{B25BCA71-081E-4B69-BB0E-97EBC48DC677}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{B832772E-EAC1-4ABD-9697-DB5616E6DF6C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B850CC6F-3546-44AF-9EDF-DB20B626607B}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{BF81C96B-CB7E-410E-9E3C-FA020D42AE71}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C07E99F7-1746-46E7-BBAE-B8D0BB75229A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{C2B35F78-E2D8-45DA-AEF6-0543060B840A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C2C28134-2F2F-42A7-B168-29C96F55DC9F}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C391CB67-EDE6-4C5C-A8F5-BC27AFBBE638}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C3C1AF87-D7C9-46FE-B127-F766DAF34C3D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C4AD8243-7911-47CF-84A3-02D1208BFCA4}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4C8FCB9-920D-43F1-8A84-873EB34BD191}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C9CCB64E-575A-4311-8CCC-346FC3AF8287}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{CCB4EE9D-0C7F-46FB-9944-BDCF3B09B2CF}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{CE160453-2E85-433E-A0CC-71B964C9CE29}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CF039EC2-B7BF-43EA-AE98-9CA6CD869A26}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{D2A84CB7-3946-4C8B-8834-14150F51B8B9}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{D4E2F64D-8926-49FF-B479-0491E53C94B7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D6539B22-937C-48EF-97CC-1260182AD326}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{D99BB179-1575-4F37-A9E0-02A844059910}" = protocol=1 | dir=out | [email protected],-28544 |
"{D9E782A9-CA53-4B44-9C6B-8FF302F4424F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{DA9A88AD-9819-4DDB-8EB7-8D37B9F2D770}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DB515C3D-2686-4DE8-A360-077B498674A6}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DBBA206F-4C27-41E4-9E13-A0C39519E7A3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DD4CC858-FE89-4E5D-A55E-BC9E4A58D5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{DD771279-0B7E-45A4-BF30-907A65B4A5D7}" = protocol=58 | dir=in | [email protected],-28545 |
"{DF76C8A6-EAC7-46BD-ACE4-5BB935779800}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E29FFADA-0EEE-4063-8C28-28E50F30BF2E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E2E948F4-870A-4CB3-A2C5-EC758556582C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E6E4A4FF-24B2-40C4-A0C1-250B5A7A147E}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E75F26C4-ADFA-43B2-9414-92CD30423C0C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EACE2DD4-E118-4763-A62B-AD933AD4E243}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC14CB96-BA26-41A5-8107-1236B3EAD164}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FA23EC9F-99EA-4025-BDA1-6AE4388541C3}" = protocol=58 | dir=out | [email protected],-28546 |
"{FF0333E0-DB34-4D20-AC23-63087374F2FC}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{0B6EFCD9-A63D-4701-BC45-C39B5364F15D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{3743CEDA-512C-476C-900E-91E59BB5D301}C:\program files (x86)\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"TCP Query User{623BA802-E6B0-41C9-B8F6-9A588672C6B7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{6E7D1A12-FCBA-47EF-A13C-FD6CE97F674C}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"TCP Query User{6EB113AF-8C8D-4B16-8727-54FA95A3C94D}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{7BD84D67-E96C-4BC4-9B1D-8FEFCBEE75E4}C:\program files (x86)\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"TCP Query User{7CDD0AD7-72F9-43BE-8649-D8AEBD201A15}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{7FEE04B3-16D1-49CF-9012-91089B08E783}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"TCP Query User{82B8FF7C-74C2-4F76-AB90-E63B0982BD5A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{BF8E9CE7-0F88-4DCE-AD68-8D4C4A94A396}H:\setup\data\codwawmp.exe" = protocol=6 | dir=in | app=h:\setup\data\codwawmp.exe |
"TCP Query User{CD4381F6-ADB0-4FBE-8F46-1FDE95A131D6}C:\program files (x86)\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{D2CCD13F-368B-438E-8F3F-63F161B494E3}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"TCP Query User{E56F7CE1-1E8F-4EA2-9BC9-BE1A1F5974F4}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{1FFA1774-4097-43AC-BEEC-3CF10E47693F}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"UDP Query User{213F2BFE-D3DE-41E9-880F-CE487DE65863}C:\program files (x86)\ccp\eve\bin\exefile.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ccp\eve\bin\exefile.exe |
"UDP Query User{3F79A822-7EFF-4B63-9691-CC6A18A40256}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{71A0170D-D319-4C54-A2E6-0873781FAE3F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{85DD409F-825C-4DC7-8B0B-858876BE32B4}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe |
"UDP Query User{9113F276-7A22-46C6-9873-E3B509295AF5}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{A46A6897-36A7-473C-828C-16D182FCB90B}C:\program files (x86)\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"UDP Query User{BFEEA5D2-A006-464B-B6C2-326E3350135C}C:\program files (x86)\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"UDP Query User{E1BBBC82-CE04-435C-A0A3-5E4DF061B69D}C:\program files (x86)\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warthunder\aces.exe |
"UDP Query User{E5992424-31AD-4025-A287-0418DFFA0E94}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{EEAC1421-85BB-482E-A6C7-D9726825CF45}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F864C063-D9CA-4C6D-B2A4-47F59C12968E}H:\setup\data\codwawmp.exe" = protocol=17 | dir=in | app=h:\setup\data\codwawmp.exe |
"UDP Query User{FF6B32A0-6BE3-408F-B5B9-50D293941198}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}" = iTunes
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{98BB5224-BC5D-4028-9D20-536C1C263AA9}" = Classic Shell
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}" = Apple Mobile Device Support
"HomeStudentRetail - en-us" = Microsoft Office Home and Student 2013 - en-us
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15E36881-D2F0-4730-B51C-4BE85647F702}" = Antec CC
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812SEA}_is1" = World of Tanks
"{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}" = Apple Application Support
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"{8CF25D78-1DA6-4206-B0CE-5FA8155E36E0}" = Antec CC Driver x64
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.302
"{FFF14233-FE39-4671-A38E-76FD8F24A879}" = e-tax 2013
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"avast" = avast! Free Antivirus
"EVE" = EVE Online (remove only)
"GameTracker Lite" = GameTracker Lite
"Google Chrome" = Google Chrome
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OneDriveSetup.exe" = Microsoft OneDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 28/03/2014 4:04:54 AM | Computer Name = Craig | Source = MsiInstaller | ID = 1013
Description =
Error - 31/03/2014 4:00:23 AM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1350 Start
Time: 01cf4cb4de6d0791 Termination Time: 0 Application Path: C:\Windows\Explorer.EXE
Report
Id: 7f574aaa-b8aa-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 31/03/2014 4:00:59 AM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 20 Start
Time: 01cf4cb7449819e7 Termination Time: 0 Application Path: C:\Windows\explorer.exe
Report
Id: 96c4e034-b8aa-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 31/03/2014 1:30:55 PM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1040 Start
Time: 01cf4cb75a39e304 Termination Time: 0 Application Path: C:\Windows\explorer.exe
Report
Id: 3552d28a-b8fa-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 1/04/2014 4:53:50 AM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1a34 Start
Time: 01cf4d06f8d235d8 Termination Time: 0 Application Path: C:\Windows\explorer.exe
Report
Id: 2381e133-b97b-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 1/04/2014 5:25:35 AM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1928 Start
Time: 01cf4d87e705d828 Termination Time: 0 Application Path: C:\Windows\explorer.exe
Report
Id: 92f56380-b97f-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 1/04/2014 5:29:17 AM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.2.9200.16628 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 18c8 Start
Time: 01cf4d8c5664c901 Termination Time: 0 Application Path: C:\Windows\explorer.exe
Report
Id: 173ba9fb-b980-11e3-be91-bc5ff4d5a3ad Faulting package full name: Faulting package-relative
application ID:
Error - 2/04/2014 8:29:11 PM | Computer Name = Craig | Source = Windows Installer 3.1 | ID = 921877
Description =
Error - 6/04/2014 8:51:12 AM | Computer Name = Craig | Source = Bonjour Service | ID = 100
Description = Timed out waiting for acknowledgement of machine sleep
Error - 7/04/2014 11:03:41 PM | Computer Name = Craig | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 10.0.9200.16843 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1050 Start
Time: 01cf52d6b3260e03 Termination Time: 0 Application Path: C:\Program Files\Internet
Explorer\iexplore.exe Report Id: 5f8946f5-beca-11e3-be94-bc5ff4d5a3ad Faulting package
full name: Faulting package-relative application ID:
[ System Events ]
Error - 1/04/2014 5:26:51 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The Multimedia Class Scheduler service failed to start due to the
following error: %%1053
Error - 1/04/2014 5:26:51 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The Multimedia Class Scheduler service failed to start due to the
following error: %%1053
Error - 1/04/2014 5:29:32 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The Group Policy Client service failed to start due to the following
error: %%1053
Error - 1/04/2014 5:29:34 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
Error - 1/04/2014 5:29:34 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The Group Policy Client service failed to start due to the following
error: %%1053
Error - 1/04/2014 5:29:39 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7038
Description = The avast! Antivirus service was unable to log on as NT AUTHORITY\SYSTEM
with the currently configured password due to the following error: %%50 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).
Error - 1/04/2014 5:29:39 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The avast! Antivirus service failed to start due to the following
error: %%1069
Error - 1/04/2014 5:30:10 AM | Computer Name = Craig | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 1/04/2014 5:34:55 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).
Error - 1/04/2014 5:34:55 AM | Computer Name = Craig | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069
< End of report >