Yes, I left off the first quote...
Here is the log created after adwCleaner was executed:
AdwCleaner v3.205 - Report created 01/05/2014 at 17:14:30
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark Fruehling - MARKFRUEHLING
# Running from : G:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Save
Folder Deleted : C:\Program Files (x86)\blekkotb
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\I Want This
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files (x86)\yourfiledownloader
Folder Deleted : C:\Program Files (x86)\Vuze
Folder Deleted : C:\Program Files (x86)\Produtools_Manuals_2.1
Folder Deleted : C:\Users\Internet Browser\AppData\Local\blekkotb
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\blekkotb
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\TheBflix
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Internet Browser\AppData\LocalLow\Produtools_Manuals_2.1
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Babylon
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\blekkotb
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Conduit
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\ConduitEngine
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\getsavin
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\I Want This
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Vuze_Remote
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Produtools_Manuals_2.1
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\AGI
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\blekkotb
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\TheBflix
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Mark Fruehling\AppData\LocalLow\Produtools_Manuals_2.1
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\blekkotb
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\iWin
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\PriceGong
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Mark Fruehling\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Mark Fruehling\Desktop\Uniblue
Folder Deleted : C:\Users\Mark Fruehling\Documents\ParetoLogic
Folder Deleted : C:\Users\Mark Fruehling\Documents\Uniblue
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Folder Deleted : C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmkmnjlliodibplcplaffjdiempemfo
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Windows\Tasks\dsmonitor.job
File Deleted : C:\Windows\System32\Tasks\dsmonitor
File Deleted : C:\Windows\System32\Tasks\YourFile Update
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic\Delta Force\Uninstall.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bdmkmnjlliodibplcplaffjdiempemfo
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\agihelper.AGUtils
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekkoTb_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\blekkoTb_1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3209604
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28C02550-6572-401a-A2AE-5BC703C9BBA6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BB95B9D-ED2F-4A89-BD51-30B5D642F0BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BB95B9D-ED2F-4A89-BD51-30B5D642F0BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{43AF84A8-BAEA-4A72-9698-7C4CB7082D92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BB95B9D-ED2F-4A89-BD51-30B5D642F0BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00F12770-E60E-4DC6-9105-425BFACE7C73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\07389a5a-fcbd-4299-a6d2-fe600e1c37f5
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\9ba30d6d-b2d5-4e05-80a5-ebad81e255c3
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8512D7CD-66D5-459F-893F-68939486AD68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B6AD32B-823A-42D6-84A2-7CAE7A25FF9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3CA9722-2953-497F-9FA3-B3EE45D2AA2F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C48DF79-FD2E-4BFF-BF45-DF5865BAC5E0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{26C9E18C-3717-4BE1-A225-04E4471F5B6E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKCU\Software\AGI
Key Deleted : HKCU\Software\blekkotb
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\Uniblue
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\Produtools_Manuals_2.1
Key Deleted : HKCU\Software\Vuze_Remote
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\blekkotb
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Headlight
Key Deleted : HKCU\Software\AppDataLow\Software\I Want This
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Produtools_Manuals_2.1
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKLM\Software\AGI
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Headlight
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\Produtools_Manuals_2.1
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\blekkotb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Produtools_Manuals_2.1 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []
-\\ Google Chrome v34.0.1847.131
[ File : C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : bdmkmnjlliodibplcplaffjdiempemfo
Deleted [Extension] : mpfapcdfbbledbojijcbcclmlieaoogk
*************************
AdwCleaner[R0].txt - [19446 octets] - [01/05/2014 17:06:59]
AdwCleaner[S0].txt - [16735 octets] - [01/05/2014 17:14:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16796 octets] ##########
Here is the log produced after the Junk Removal Tool was executed:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mark Fruehling on Thu 05/01/2014 at 17:25:17.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF4ADA00-6C0B-4BC7-A5E5-EFB3A54C34BE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF4ADA00-6C0B-4BC7-A5E5-EFB3A54C34BE}
~~~ Files
Successfully deleted: [File] "C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\anti-phishing domain advisor"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\drivercure"
Failed to delete: [Folder] "C:\ProgramData\thebflix"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Mark Fruehling\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetpacks"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Mark Fruehling\appdata\local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/01/2014 at 17:42:14.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Here is Frst Text created when the Farbar Recovery Scan Tool is executed:
can Tool (FRST.txt) (x64) Version: 30-04-2014 03
Ran by Mark Fruehling (administrator) on MARKFRUEHLING on 01-05-2014 18:43:50
Running from C:\Users\Mark Fruehling\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\SeaPort.EXE
(Farbar) C:\Users\Mark Fruehling\Desktop\zzFarbar Recovery Scan Tool X64.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [581480 2009-05-12] (Symantec Corporation)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2357984 2014-02-20] (Microsoft Corp.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-997012532-1224238391-1627714293-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-997012532-1224238391-1627714293-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-04-02] (Google Inc.)
HKU\S-1-5-21-997012532-1224238391-1627714293-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-997012532-1224238391-1627714293-1005\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
Startup: C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots Wallpaper & Screensaver.lnk
ShortcutTarget: Webshots Wallpaper & Screensaver.lnk -> C:\Program Files (x86)\Webshots\Wallpaper\WallScreen.exe (Webshots)
==================== Internet (Whitelisted) ====================
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - (No Name) - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {492A6D90-922B-4BBB-A099-A2364C0ACDE3} URL = http://www.ask.com/w...}&l=dis&o=uscqd
SearchScopes: HKLM-x32 - {492A6D90-922B-4BBB-A099-A2364C0ACDE3} URL = http://www.ask.com/w...}&l=dis&o=uscqd
SearchScopes: HKCU - {492A6D90-922B-4BBB-A099-A2364C0ACDE3} URL = http://www.ask.com/w...}&l=dis&o=uscqd
SearchScopes: HKCU - {88BA080D-DF1A-45D2-8CE2-8461E30FBFFE} URL = http://search.netzer...ry={searchTerms}
SearchScopes: HKCU - {C3CD82B2-A9E9-43C5-A80E-A0F06378ADFC} URL = https://www.google.c...?q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IE to GetRight Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: Pop-up Blocker - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files (x86)\Juno\qsacc\X1IEBHO.dll (Juno, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - No File
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: NetZero Toolbar Helper - {FE3098B0-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\NetZero\ucreg.dll (NetZero, Inc.)
BHO-x32: Juno Toolbar Helper - {FE3098B1-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\Juno\ucreg.dll (Juno, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files (x86)\NetZero\Toolbar.dll (NetZero, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU - No Name - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.co.marsha...sessor/smsx.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
DPF: HKLM-x32 {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files\Juno\bin\jmsgpph.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 97.64.168.12 97.64.183.165
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF [2014-02-23]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files (x86)\WordWeb\WCaptureMoz [2011-05-21]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-08]
CHR Extension: (Google Drive) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-08]
CHR Extension: (No Name) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmkmnjlliodibplcplaffjdiempemfo [2014-02-08]
CHR Extension: (YouTube) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-08]
CHR Extension: (Google Search) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-08]
CHR Extension: (Norton Identity Protection) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-08]
CHR Extension: (Google Wallet) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-08]
CHR Extension: (Gmail) - C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-08]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2011-05-21]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-20]
==================== Services (Whitelisted) =================
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173280 2014-02-20] (Microsoft Corp.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe [276376 2014-03-12] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-02-15] (SlySoft, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-22] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-20] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20140430.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140501.003\ENG64.SYS [126040 2014-02-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140501.003\EX64.SYS [2099288 2014-02-22] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1502000.026\SRTSP64.SYS [875736 2014-02-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1502000.026\SRTSPX64.SYS [36952 2014-02-11] (Symantec Corporation)
S3 StarOpen; No ImagePath
R0 SymDS; C:\Windows\System32\drivers\NISx64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1502000.026\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMFW.SYS [X]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-01 18:43 - 2014-05-01 18:44 - 00019016 _____ () C:\Users\Mark Fruehling\Desktop\FRST.txt
2014-05-01 18:43 - 2014-05-01 18:43 - 00000000 ____D () C:\FRST
2014-05-01 17:42 - 2014-05-01 17:42 - 00002880 _____ () C:\Users\Mark Fruehling\Desktop\JRT.txt
2014-05-01 17:25 - 2014-05-01 17:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 17:07 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-01 17:04 - 2014-05-01 17:16 - 00000000 ____D () C:\AdwCleaner
2014-05-01 16:15 - 2014-05-01 16:16 - 00280204 _____ () C:\Users\Mark Fruehling\Downloads\WindowsUpdateDiagnostic.diagcab
2014-05-01 16:05 - 2014-05-01 16:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 16:03 - 2014-04-13 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-01 16:03 - 2014-04-13 21:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-30 14:16 - 2014-04-30 14:16 - 01016261 _____ (Thisisu) C:\Users\Mark Fruehling\Desktop\zzJunk Removal Tool Download.exe
2014-04-30 13:58 - 2014-04-30 13:58 - 02061824 _____ (Farbar) C:\Users\Mark Fruehling\Desktop\zzFarbar Recovery Scan Tool X64.exe
2014-04-25 07:44 - 2014-04-25 07:44 - 05315968 _____ (Canneverbe Limited ) C:\Users\Mark Fruehling\Downloads\cdbxp_setup_4.5.3.4746.exe
2014-04-22 16:36 - 2014-04-22 16:36 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-17 08:35 - 2014-04-17 16:31 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\International Association of Commercial Finance Brokers
2014-04-17 06:41 - 2014-04-17 06:41 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\EMPU
2014-04-16 17:33 - 2014-04-16 17:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-16 17:33 - 2014-04-16 17:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-16 16:24 - 2014-04-16 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-04-16 16:13 - 2014-04-16 16:13 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-16 16:01 - 2014-04-16 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-16 16:00 - 2014-04-17 17:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-16 16:00 - 2014-04-16 16:00 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Local\Microsoft Help
2014-04-15 07:20 - 2014-04-15 07:20 - 18134016 _____ (Adobe Systems Inc.) C:\Users\Mark Fruehling\Downloads\AdobeAIRInstaller.exe
2014-04-14 06:34 - 2014-05-01 18:34 - 00000368 _____ () C:\Windows\Tasks\HPCeeScheduleForMark Fruehling.job
2014-04-14 06:34 - 2014-04-14 06:34 - 00003240 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMark Fruehling
2014-04-10 06:11 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 06:11 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 06:11 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 06:11 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 06:11 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 06:11 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 06:11 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 06:11 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 06:11 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 06:11 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 06:11 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 06:11 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 06:11 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 06:10 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 06:10 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 06:10 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 06:10 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
==================== One Month Modified Files and Folders =======
2014-05-01 18:44 - 2014-05-01 18:43 - 00019016 _____ () C:\Users\Mark Fruehling\Desktop\FRST.txt
2014-05-01 18:43 - 2014-05-01 18:43 - 00000000 ____D () C:\FRST
2014-05-01 18:34 - 2014-04-14 06:34 - 00000368 _____ () C:\Windows\Tasks\HPCeeScheduleForMark Fruehling.job
2014-05-01 18:26 - 2009-11-19 11:10 - 01765404 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 18:19 - 2014-02-08 07:20 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 17:46 - 2011-01-05 14:42 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 17:42 - 2014-05-01 17:42 - 00002880 _____ () C:\Users\Mark Fruehling\Desktop\JRT.txt
2014-05-01 17:28 - 2012-02-21 16:18 - 00000000 ____D () C:\ProgramData\TheBflix
2014-05-01 17:25 - 2014-05-01 17:25 - 00000000 ____D () C:\Windows\ERUNT
2014-05-01 17:25 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-01 17:25 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-01 17:18 - 2011-01-05 14:42 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 17:18 - 2009-09-14 21:26 - 01604640 _____ () C:\Windows\PFRO.log
2014-05-01 17:18 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-01 17:18 - 2009-07-13 23:51 - 00399145 _____ () C:\Windows\setupact.log
2014-05-01 17:16 - 2014-05-01 17:04 - 00000000 ____D () C:\AdwCleaner
2014-05-01 16:58 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-01 16:33 - 2013-11-17 08:28 - 00065623 _____ () C:\Windows\IE11_main.log
2014-05-01 16:16 - 2014-05-01 16:15 - 00280204 _____ () C:\Users\Mark Fruehling\Downloads\WindowsUpdateDiagnostic.diagcab
2014-05-01 16:05 - 2014-05-01 16:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-01 15:14 - 2014-01-18 06:58 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BC0353A6-9735-4F3C-82BC-22F7F04C1FD8}
2014-05-01 14:58 - 2010-10-19 22:45 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\MOMS STUFF
2014-05-01 07:55 - 2009-12-28 21:07 - 00000000 ____D () C:\Users\Mark Fruehling
2014-05-01 07:29 - 2011-09-09 08:12 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Roaming\Wise Disk Cleaner
2014-05-01 07:29 - 2010-03-21 20:06 - 00000000 ____D () C:\Program Files (x86)\Wise Disk Cleaner
2014-05-01 05:26 - 2013-03-05 14:22 - 00000484 _____ () C:\Users\Mark Fruehling\AppData\Roaming\.openyahtzee
2014-04-30 14:16 - 2014-04-30 14:16 - 01016261 _____ (Thisisu) C:\Users\Mark Fruehling\Desktop\zzJunk Removal Tool Download.exe
2014-04-30 13:58 - 2014-04-30 13:58 - 02061824 _____ (Farbar) C:\Users\Mark Fruehling\Desktop\zzFarbar Recovery Scan Tool X64.exe
2014-04-30 10:50 - 2009-12-28 21:10 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-04-29 09:15 - 2010-01-24 08:24 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\The Paper Source
2014-04-29 09:13 - 2009-07-14 00:13 - 00786514 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 07:25 - 2014-02-08 07:20 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 07:25 - 2014-01-03 11:37 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 07:25 - 2014-01-03 11:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-27 07:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-04-26 07:04 - 2011-03-14 07:04 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Local\CrashDumps
2014-04-25 07:48 - 2011-11-04 21:10 - 00001905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-04-25 07:48 - 2011-11-04 21:03 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-04-25 07:44 - 2014-04-25 07:44 - 05315968 _____ (Canneverbe Limited ) C:\Users\Mark Fruehling\Downloads\cdbxp_setup_4.5.3.4746.exe
2014-04-22 16:36 - 2014-04-22 16:36 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 16:28 - 2012-12-09 09:32 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\My Digital Editions
2014-04-22 09:41 - 2009-12-30 01:45 - 00000000 ___RD () C:\Users\Mark Fruehling\Desktop\Microsoft Office 2007
2014-04-21 07:14 - 2011-12-12 07:09 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-21 07:14 - 2010-01-15 21:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-17 17:07 - 2014-04-16 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-17 17:00 - 2009-07-13 21:34 - 00000499 _____ () C:\Windows\win.ini
2014-04-17 16:31 - 2014-04-17 08:35 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\International Association of Commercial Finance Brokers
2014-04-17 07:07 - 2009-12-28 21:10 - 00000000 ___RD () C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-17 06:41 - 2014-04-17 06:41 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\EMPU
2014-04-17 06:39 - 2009-12-28 21:09 - 00243856 _____ () C:\Users\Mark Fruehling\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-17 06:32 - 2014-02-02 10:35 - 00001229 _____ () C:\Users\Mark Fruehling\Desktop\Download App by CNET 1.6.5.165 (need Internet).lnk
2014-04-16 17:43 - 2009-07-13 23:45 - 00689616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-16 17:33 - 2014-04-16 17:33 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-04-16 17:33 - 2014-04-16 17:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-04-16 17:26 - 2014-04-16 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-04-16 16:28 - 2009-07-14 02:45 - 00000000 ____D () C:\Windows\ShellNew
2014-04-16 16:14 - 2009-09-14 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-16 16:13 - 2014-04-16 16:13 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-16 16:08 - 2009-09-14 21:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-04-16 16:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-16 16:01 - 2014-04-16 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-16 16:00 - 2014-04-16 16:00 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Local\Microsoft Help
2014-04-16 06:32 - 2010-05-28 21:40 - 00000000 ____D () C:\Users\Internet Browser
2014-04-15 07:20 - 2014-04-15 07:20 - 18134016 _____ (Adobe Systems Inc.) C:\Users\Mark Fruehling\Downloads\AdobeAIRInstaller.exe
2014-04-14 06:34 - 2014-04-14 06:34 - 00003240 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMark Fruehling
2014-04-13 21:24 - 2014-05-01 16:03 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 21:19 - 2014-05-01 16:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 16:13 - 2010-01-04 14:05 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Local\Adobe
2014-04-12 07:56 - 2009-12-29 13:26 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Roaming\GetRight
2014-04-10 08:04 - 2013-07-12 08:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 07:56 - 2010-01-11 15:37 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 21:06 - 2011-01-05 14:42 - 00000000 ____D () C:\Users\Mark Fruehling\AppData\Local\Google
2014-04-06 16:57 - 2011-05-18 15:20 - 00000000 ____D () C:\Users\Mark Fruehling\DVDS
2014-04-04 21:25 - 2011-05-27 16:14 - 00000125 ___SH () C:\ProgramData\.zreglib
2014-04-04 20:28 - 2010-03-21 12:26 - 00000000 ____D () C:\Users\Mark Fruehling\Documents\Expressit
2014-04-03 08:22 - 2014-02-09 06:58 - 00000000 ____D () C:\Users\Mark Fruehling\My Icons
2014-04-03 06:15 - 2009-07-14 00:08 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Files to move or delete:
====================
C:\Users\Mark Fruehling\microsoft.dat
Some content of TEMP:
====================
C:\Users\Internet Browser\AppData\Local\Temp\i4jdel0.exe
C:\Users\Mark Fruehling\AppData\Local\Temp\ose00000.exe
C:\Users\Mark Fruehling\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-21 09:24
==================== End Of Log ==
Here is Addition Text created when Farbar was executed:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2014 03
Ran by Mark Fruehling at 2014-05-01 18:45:14
Running from C:\Users\Mark Fruehling\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
3M Cloud Library PC App 1.39 (HKLM-x32\...\3M Cloud Library PC App) (Version: 1.39 - 3M)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Acoustica Effects Pack (HKLM-x32\...\Acoustica Effects Pack) (Version: 1.0 - Acoustica, Inc)
Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader 9.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties Trial (HKLM-x32\...\InstallShield_{63415CB1-3C97-4D9C-980D-336710EB0526}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs Trial (HKLM-x32\...\InstallShield_{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III Trial (HKLM-x32\...\InstallShield_{25B25C84-6132-4662-972B-4E4DC1B00C98}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AGEIA PhysX v7.05.17 (HKLM-x32\...\{27DC856A-0916-4988-8198-8714DDD3183D}) (Version: 7.05.17 - AGEIA Technologies, Inc.)
Aliens versus Predator (HKLM-x32\...\Aliens versus Predator) (Version: - )
Aliens versus Predator 2 Demo (HKLM-x32\...\{45EFEFDC-0007-4D31-A69E-8125F0229ACA}) (Version: - )
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.4.5.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.1.487 - Online Media Technologies Ltd.)
AVS Audio Recorder version 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version: 2.0.1.3 - Online Media Technologies Ltd.)
AVS Disc Creator 5 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.1.2.525 - Online Media Technologies Ltd.)
AVS Document Converter 2.2.8 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.2.8.225 - Online Media Technologies Ltd.)
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: 4.1.2.283 - Online Media Technologies Ltd.)
AVS Image Converter 2.3.2.248 (HKLM-x32\...\AVS Image Converter_is1) (Version: 2.3.2.248 - Online Media Technologies Ltd.)
AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)
AVS Photo Editor (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.1.2.136 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.3.1.255 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.3.1.255 - Online Media Technologies Ltd.)
AVS Registry Cleaner version 2.2 (HKLM-x32\...\AVSRegistryCleaner_is1) (Version: - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.2.541 - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.2.241 - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: 2.5.6.87 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.2.2.153 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.2.2.153 - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Beetle Buggin' (HKLM-x32\...\Beetle Crazy Cup) (Version: - )
Bing Bar (HKLM-x32\...\{3A681D82-5167-4418-BEBA-E8991486665B}) (Version: 7.3.114.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.395.0 - Microsoft Corporation)
Boku Sudoku (HKLM-x32\...\{6741E797-825C-44C1-AFE7-ED94C4817FBD}) (Version: 1.00.0000 - Topics Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Civilization III (HKLM-x32\...\{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}) (Version: - )
Clive Barker's Undying (HKLM-x32\...\{631A0B87-B0B7-4B47-00A2-119A4B942EB6}) (Version: - )
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.1) (Version: 5.0.0.1 - Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
Daikatana (HKLM-x32\...\Daikatana) (Version: - )
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 13.3 - Illustrate)
Delta Force - Black Hawk Down (HKLM-x32\...\{8FE54D21-8254-4CCF-AEE0-066496AE43F4}) (Version: 1.00.000 - )
Delta Force (HKLM-x32\...\Delta Force) (Version: - )
DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Download App (HKCU\...\Download App) (Version: 1.6.5 - CBS Interactive)
DriverIdentifier 4.0 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version: - DriverIdentifier)
Duke Nukem - Manhattan Project (HKLM-x32\...\InstallShield_{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}) (Version: 1.0.1 - Arush Entertainment)
Duke Nukem - Manhattan Project (x32 Version: 1.0.1 - Arush Entertainment) Hidden
Duplicate Cleaner Free 3.2.3 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.3 - DigitalVolcano Software Ltd)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Emergency Fire Response Demo (HKLM-x32\...\{3D9E0F32-83ED-4D59-B27F-EEA19744A51E}) (Version: 1.00.000 - )
EMPU 2.2.1.4 (HKCU\...\EMPU) (Version: 2.2.1.4 - Indie Softworks)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GetRight (HKLM-x32\...\GetRight_is1) (Version: - Headlight Software, Inc.)
GetSavin (HKLM-x32\...\GetSavin) (Version: 1.1362510617 - Adpeak, Inc.)
G-Force (HKLM-x32\...\G-Force) (Version: 4.2.0 - SoundSpectrum)
Ghost Recon (HKLM-x32\...\{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\GTA2) (Version: - )
Gunman Chronicles (HKLM-x32\...\Gunman Chronicles) (Version: - )
Half-Life (HKLM-x32\...\Half-Life) (Version: - )
Half-Life: Blue Shift (HKLM-x32\...\Half-Life: Blue Shift) (Version: - )
Half-Life: Opposing Force (HKLM-x32\...\Half-Life: Opposing Force) (Version: - )
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5205.31 - PC-Doctor, Inc.)
Heretic II (HKLM-x32\...\Heretic2UninstallKey) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version: - AOL Products)
Hoyle Demo (HKLM-x32\...\InstallShield_{3209C8A2-558C-445C-832B-1AC552F59B11}) (Version: 1.0.0.1 - Sierra)
Hoyle Demo (x32 Version: 1.0.0.1 - Sierra) Hidden
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
hp print screen utility (HKLM-x32\...\hp print screen utility) (Version: - )
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Remote Solution (x32 Version: 1.1.9.0 - TopSeed) Hidden
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
Ico Converter 1.4 (HKLM-x32\...\IcoConverter) (Version: - Tomatosoft)
Incinerate (HKLM-x32\...\Incinerate_is1) (Version: 1.0 - Media Contact LLC)
Insectoid 1.0.2 (HKLM-x32\...\Insectoid 1.0.2) (Version: - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 7 Update 17 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Juno Internet (HKLM-x32\...\{a0296e52-6e9b-11d6-ace4-00105a0cf83f}) (Version: Juno QuickStart - United Online)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Mario Forever 5.0 (HKLM-x32\...\Mario Forever 5.0) (Version: - )
Mario Forever 5.01 (HKLM-x32\...\Mario Forever 5.01) (Version: - )
Mario Forever 5.08 Direct X (HKLM-x32\...\Mario Forever 5.08 Direct X) (Version: - )
Memorex exPressit Label Design Studio (HKLM-x32\...\MVApplication1) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)
Microsoft Links 2001 Demo (HKLM-x32\...\Links 2001 Demo 1.0) (Version: - )
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mplayer.com (HKLM-x32\...\Mplayer.com) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MVP Baseball 2003 (HKLM-x32\...\{3C8C45D0-3DBF-4DC8-008D-0538032FDC12}) (Version: - )
NetZero For Cosmi (HKLM-x32\...\{53CDAAAB-6D41-4A36-BAA4-90261DE31B13}) (Version: 1.0.0 - NetZero, Inc.)
NetZero Internet (HKLM-x32\...\{6c651250-2eb2-11d5-8e33-0050dad72ac2}) (Version: 8.9.2.0 - NetZero, Inc.)
New Super Mario Forever PC (HKLM-x32\...\New Super Mario Forever PC) (Version: - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.2.0.38 - Symantec Corporation)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
Open Yahtzee (HKLM-x32\...\Open Yahtzee) (Version: - )
Painkiller - Battle Out Of [bleep] (HKLM-x32\...\Painkiller - Battle Out Of [bleep]) (Version: - )
Painkiller (HKLM-x32\...\Painkiller) (Version: - )
PC Attorney (HKLM-x32\...\{A4CEB917-6912-48AC-8999-588A3F3A8EEF}) (Version: 2.1.0000 - Cosmi Corporation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PKZIP for Windows 9.00.0010 (HKLM-x32\...\{BE8DD809-A406-40E2-AB9F-28E69E737383}) (Version: 9.00.0010 - PKWARE, Inc)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Pure Sudoku Deluxe 1.52 (HKLM-x32\...\Pure Sudoku Deluxe_is1) (Version: - Mochek Interactive)
Quake 3 Arena Demo (HKLM-x32\...\Quake 3 Arena Demo) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Rome Puzzle (HKLM-x32\...\Rome Puzzle_is1) (Version: 1.0 - Media Contact LLC)
Sansa Updater (HKCU\...\Sansa Updater) (Version: - SanDisk Corporation)
Serious Sam 2 Demo (HKLM-x32\...\SeriousSam2Demo) (Version: - )
Ship Simulator 2008 Demo (HKLM-x32\...\ShipSim2008Demo) (Version: - )
SKIP-BO Castaway Caper (remove only) (HKLM-x32\...\SKIP-BO Castaway Caper) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Informer 1.2 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Soldier of Fortune II - Double Helix (HKLM-x32\...\Soldier of Fortune II - Double Helix) (Version: 1.0 - Activision, Inc.)
SolSuite 2013 v13.2 (HKLM-x32\...\SolSuite_is1) (Version: 13.2 - TreeCardGames)
Spin It Again (HKLM-x32\...\Spin It Again) (Version: - Acoustica)
SubtitleCreator (HKLM-x32\...\SubtitleCreator) (Version: V2.3rc1 - Erik Vullings)
Super Mario 3 : Mario Forever (HKLM-x32\...\Super Mario 3 : Mario Forever) (Version: - )
Superpower 2 - demo (HKLM-x32\...\InstallShield_{37C28A3E-ADDC-484F-B7C4-A522B8E559DE}) (Version: 1.00.0000 - Dreamcatcher)
Superpower 2 - demo (x32 Version: 1.00.0000 - Dreamcatcher) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
Telltale Texas Hold'em (HKLM-x32\...\Telltale Texas Hold'em) (Version: 3.0.1.9 - Telltale Games)
Tom Clancy's Ghost Recon Advanced Warfighter® 2 (HKLM-x32\...\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}) (Version: 1.00.0000 - UBISOFT)
Tom Clancy's Rainbow Six (HKLM-x32\...\Tom Clancy's Rainbow Six) (Version: - )
TurboRisk 2.0 (HKLM-x32\...\TurboRisk_is1) (Version: - )
Typer Shark Deluxe 1.01 (HKLM-x32\...\Typer Shark Deluxe 1.01) (Version: - )
Uniblue RegistryBooster 2009 (HKLM-x32\...\{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1) (Version: - Uniblue Systems Ltd)
Uniblue SystemTweaker (HKLM-x32\...\{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1) (Version: - Uniblue Systems Ltd)
UNO - Undercover (remove only) (HKLM-x32\...\UNO - Undercover) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Webshots Wallpaper & Screensaver version 1.2.3.123 (HKLM-x32\...\{B84DEFE1-0175-47C9-BC1D-8645FCBC0ECE}_is1) (Version: 1.2.3.123 - Webshots)
Wheel Of Fortune (HKLM-x32\...\Wheel Of Fortune) (Version: - )
Wheel of Fortune 2nd Edition (HKLM-x32\...\{29B11F9F-5E2D-11D4-8BA5-0050BAAA20E2}) (Version: - )
Windows Media Player 9 Series TweakMP PowerToy (HKLM-x32\...\TweakMP9) (Version: - )
Wise Disk Cleaner 8.06 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 8.06 - WiseCleaner.com, Inc.)
WordWeb (HKLM-x32\...\WordWeb) (Version: 7 - WordWeb Software)
==================== Restore Points =========================
20-04-2014 19:56:08 Windows Backup
22-04-2014 11:29:29 Windows Update
27-04-2014 20:04:08 Windows Backup
29-04-2014 12:21:26 Windows Update
30-04-2014 14:32:10 Created by Wise Disk Cleaner
01-05-2014 21:03:44 Windows Update
01-05-2014 21:09:06 Windows Update
01-05-2014 21:11:41 Windows Update
01-05-2014 21:32:16 Windows Update
==================== Hosts content: ==========================
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0083126E-62D8-4FE6-8E2D-C23EB9AF1531} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NNICMJNDJCMKJBJ"
Task: {044AB1AA-9116-431A-A623-D198E017187F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {06466CBA-7D2F-454D-B0B1-8E2F9CCF67CA} - System32\Tasks\{D7493B71-DE9F-4E78-80EF-D7D45FD08C60} => C:\Games\Diablo II\Diablo II.exe
Task: {06FFA92F-642E-43EA-8AAF-1DB67A96C456} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-04-08] (Hewlett-Packard)
Task: {074FE801-7143-4784-AEF5-339EC3A6A587} - System32\Tasks\{5C57E8C2-B71C-4899-AC5D-D6A52519D813} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {081BE352-8B16-4A75-9C4D-061834E6D967} - System32\Tasks\{8E85878D-5B26-4E02-B85C-3AFF3E5DC1E9} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {0B28F9D8-7A64-4F45-9A48-9E39534D7FCE} - System32\Tasks\{42CE8CE1-BF5A-41E9-AEAF-65956A666749} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {0C34D2FA-B547-4597-BFE0-1C017381E3F2} - System32\Tasks\{6CFF694D-01E1-4DBA-9AF8-30522809005D} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {0DD4B46D-0BB8-46B6-B78A-2A26F6961BD3} - System32\Tasks\{EC90FB0E-2F5F-4CD7-9ED7-1E1552914806} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {0EC01673-7C83-4E80-A983-ECC9F6A5AC22} - System32\Tasks\{F86438F0-8C1A-4336-ADD8-03AB7573D075} => E:\PainkillerSetup.exe
Task: {0F9A873C-2022-4F86-9B86-2140DC7DED7A} - System32\Tasks\{C6976054-92A4-4D7B-9B2D-05B73C68EA41} => C:\Games\Daikatana\daikatana.exe
Task: {0FA483B9-91E4-4582-B5EB-3F195A43975D} - System32\Tasks\{21EAE0C5-03DB-4008-8DB8-76A3F5E3632E} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {0FDE7191-092F-4311-8DEC-6553D41DD056} - System32\Tasks\{235306DE-BC1B-4DFF-AA47-6C65A697CBC0} => C:\Games\Diablo II\Diablo II.exe
Task: {10A875F7-1EDE-41AA-8765-F5B1DAD3341F} - System32\Tasks\{D2440506-206F-4B6E-AEB1-0BF3A30C70CD} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {113AF0E2-D67B-44FF-A51F-E7F0806540DA} - System32\Tasks\{EA720F53-F5BD-46FD-96DF-ADC8290C495C} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {142C3A66-5A33-419C-B1E0-DF9D3B805C6D} - System32\Tasks\{0647D68D-BAA9-4E23-91A5-984D5751BF44} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {1466C1B8-D686-4594-9320-9FEE432B76BF} - System32\Tasks\{7A6E6538-0A0E-4D3B-BFCD-64BB0BD0F1EE} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {14F79C55-F558-4E4D-8B48-275842EC9E10} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {15221405-AFB9-4206-B154-6DCC2A1D90C2} - System32\Tasks\{04218AFF-A9CF-4F61-BC42-83610A0E58FB} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {15E01B57-BFD4-4D6B-A2D0-B712883AC77D} - System32\Tasks\{81CD37B6-F1B0-4947-A17C-DF090C8F6088} => C:\Games\Half Life\Half Life\Half-Life\hl.exe [2001-09-14] (Valve, L.L.C.)
Task: {165120E1-A4EC-44F2-96E0-3C4D5E36A6EC} - System32\Tasks\{4DEBE53C-802F-42BF-AC1D-FD1DB04B0477} => C:\Games\Links 2003\LinksLauncher.exe
Task: {16793AF1-574C-4CC7-9A4D-535D63D2A5BE} - System32\Tasks\{10FBEE51-9A6B-4115-92E3-DD5E8EC60AC2} => C:\Games\Risk 2\RiskII\RiskII.exe
Task: {181B79E1-0C3F-49A6-B96E-020B520F3BBF} - System32\Tasks\{541DE703-CD3B-4A5C-8614-99B403F84897} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {18C249DA-EEAB-4C26-9EA1-E31FC980174D} - System32\Tasks\Run RoboForm Process => C:\Users\MARKFR~1\AppData\Local\Temp\RoboForm\RoboTaskBarIcon.exe <==== ATTENTION
Task: {19DDFD8C-5C1A-4114-B429-851F2412805B} - System32\Tasks\{549E0AB7-97C8-42EE-924D-5864AB59499E} => C:\Games\Archangel\bin\Game.exe
Task: {1A02EAD4-C067-4472-9996-134071420A79} - System32\Tasks\{F2F42A2E-7A1C-4B2E-A3F9-D403D6A8000F} => E:\PainkillerSetup.exe
Task: {1B9073EE-A2B5-4899-94E1-7776A85BA36E} - System32\Tasks\{ED64EF29-E5D6-42AC-88F7-928E04E115FA} => C:\Games\Half Life\Opposing Forces\OpFor\hl.exe [2001-04-20] (Valve, L.L.C.)
Task: {1C2BB88E-A5D6-4E93-957F-1572A68E6AD8} - System32\Tasks\{B6F62547-A7C0-4D43-8C91-88313844CB22} => C:\Games\RiskII\RiskII.exe
Task: {1D2676A2-237C-4C18-A1A7-7E52C9C2889F} - System32\Tasks\{BD26A867-1FB0-45C6-89A7-27D6F393056E} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {1E122CDE-2B32-45CE-ABA3-8DBB224B0F5F} - System32\Tasks\{A7C862B3-8D5C-4C6C-9438-0611C882249C} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {1E187248-3CEF-48E1-B453-E7E35BE0DBD7} - System32\Tasks\{38BF4D03-CE61-4E96-A487-F5BE82E22967} => C:\Games\Raiders\RaidersDemo\SOFRDemo.exe
Task: {1F0BD1BA-26CB-4740-BA73-1BB11EFC820A} - System32\Tasks\{63A7C6AF-BA32-4591-910A-2CF13AE1D6DD} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {1FDE531E-7561-437B-BF92-8ECFA4695653} - System32\Tasks\{2A8D54E6-2F0B-47D8-8ABB-BA6E2D23B4B7} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {1FFD2244-B6B8-47EF-AB5B-88CA56207A8E} - System32\Tasks\{5A6C13E9-83E6-4688-8EB4-D8C0362D2EDE} => C:\Games\Diablo II\Diablo II.exe
Task: {23223505-972D-4353-94A0-4A2E870E4362} - System32\Tasks\{8992F95E-D69C-4262-B22A-E470601E4CB2} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {2323327D-4310-4F79-8EE0-903512D540DF} - System32\Tasks\{6CE8F3FF-5CCA-44AB-BC2D-7279E07CE1DE} => C:\Games\RS Lockdown\Lockdown.exe
Task: {241316D5-B7A9-409B-B7D8-572F1A92B0F5} - System32\Tasks\{9E3882F7-B347-4D4F-BB90-7DC0D2CF93A0} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {24998B2D-AF44-4ABD-90AA-335CBC10507D} - System32\Tasks\{FA21E9FA-2897-48C6-9677-7C3E71CA3A8A} => C:\Games\Links 2003\LinksLauncher.exe
Task: {25AD65F7-D509-44FB-99A1-052D1C9174A8} - System32\Tasks\{3589815B-E3E9-42FE-B242-112D057F1F13} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {25FAE7E9-5D82-4485-B1A5-200E9FD3A0AA} - System32\Tasks\{8CCCF639-6A12-417A-8DDD-BDC08E25A84B} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {2724FFA6-B59E-4137-A99F-FB59FC985199} - System32\Tasks\{961D3062-D094-4FEC-A095-237B3F179362} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {285E7994-9A73-4EE7-B29D-C0DC995B9BCB} - System32\Tasks\{87544111-FE83-4325-B124-F3DB12269196} => C:\Games\Quake 4\Quake4.exe
Task: {28B4B1AB-4227-4897-A5F8-28F88F6B233D} - System32\Tasks\{DF9CDDD7-BBA6-41C4-AA9D-D24356A03D6C} => C:\Games\Nukem Manhattan\DukeNukemMP.exe [2002-05-02] ()
Task: {295095C6-0664-48F0-9BFE-424A7364B913} - System32\Tasks\{5AB34B02-A488-4D7B-8A27-D80B9B3D3E1F} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {29ECD8D3-03AB-4B53-9EFF-CAA68357C5C7} - System32\Tasks\{63FA5605-AED4-4BDA-ABD0-22BCDF95DA80} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {2A279509-21DF-41E3-94CC-52F2672C7F1E} - System32\Tasks\{158F349D-3B63-4C2B-8298-0E168740E602} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {2A82314E-F63C-4E4F-A8CC-331196691396} - System32\Tasks\{093BF82E-7933-48BB-A5B8-D318188F5339} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {2D0D9EEE-5EEA-4A71-8ACE-66F17086808E} - System32\Tasks\{56DBF68A-30DB-4B74-96EE-D7F0F0D9E1E9} => C:\Games\Risk 2\RiskII\RiskII.exe
Task: {2D3B5D8F-9C14-4F35-A8B6-0977B236B4D1} - System32\Tasks\{0BA8BA9C-C2E3-4D31-8B83-B34B4CC72EF5} => C:\Games\Quake 4\Quake4.exe
Task: {306AC5E7-C53F-485C-B41C-E16C1F3325C3} - System32\Tasks\{F8E89E65-872B-446C-93F4-BE58E5F7894B} => E:\SETUP.EXE
Task: {31DFBFB9-0BEF-4414-A3A0-B5E4D9645E05} - System32\Tasks\{33ED24AD-C985-4269-B9E0-C925CC6E194D} => C:\Games\Ghost-Graw\GRAW_PC_demo\GRAW_demo.exe
Task: {32C205FF-E842-411C-9952-7BA728D67ED2} - System32\Tasks\{4F3C6C20-3B2C-437E-84D1-BBB0EDF0D10C} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {35BEC742-9C04-4B75-A375-8925A66FB475} - System32\Tasks\{1A01A98C-5676-4D8A-B547-B8D72B6863CE} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {35F2B146-D71A-4F80-982D-4F4ADDA5E636} - System32\Tasks\{2E0C500C-E78C-4083-BE74-6CD7A3D4198F} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {365A46F9-5EA1-462F-A7EE-8305FA8ADC0D} - System32\Tasks\{E7B06C45-17FF-4607-BC01-380687F6A10B} => C:\Games\Ghost-Graw\GRAW_PC_demo\GRAW_demo.exe
Task: {38B09BFE-07E8-4A90-B056-974A14029C5C} - System32\Tasks\{2AA8D942-726A-4071-9E6A-B8238E97C579} => C:\Games\Raiders\RaidersDemo\SOFRDemo.exe
Task: {38DD8C7E-F9C4-4DEA-8CBE-F7F2497843FA} - System32\Tasks\{B3A77C92-DA8C-4DFF-87AC-D011BDB1C16E} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {3A11347F-265B-4C0F-8E56-8AC5DE55307E} - System32\Tasks\{AE48FB83-C797-4167-8BBA-39EF2494C533} => C:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Task: {3B08829A-0D84-4DE0-A96B-222B7F4DE15B} - System32\Tasks\HPCeeScheduleForMark Fruehling => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {3B329884-0CFF-44A4-B7EE-4763C9A7C541} - System32\Tasks\{A5B3B50B-76D3-413E-92CE-00018CDCB091} => C:\Games\Diablo II\Diablo II.exe
Task: {3B704C1F-9627-4D83-A827-5AEA1FF383D7} - System32\Tasks\{3CDCB72B-DE71-45E9-ABAC-FDF361C7CB81} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {3C01836A-B6E5-404E-B272-7C8D38960D23} - System32\Tasks\{763DF7BB-A894-49D0-8B7F-CAD01AFEB815} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {3C209F24-016C-4E60-B9F5-1CB649D5D14A} - System32\Tasks\{A159E5B7-372D-40FC-BABE-BC7E288670BA} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {3D1E2BFB-65C8-4C28-B9A3-5F68146641B7} - System32\Tasks\{95CFFD2F-82F8-4169-A923-D427BA625048} => E:\setup.exe
Task: {3DF5EF8C-D920-40E6-AA8C-76445EDECB77} - System32\Tasks\{D73A239E-2FD9-44B5-9937-4B736C4771B0} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {3DF76373-2296-47C3-A0E6-8EE64AC0D591} - System32\Tasks\{F9E691E6-0643-4E7C-BDC9-5EE2CF1E4D2C} => C:\Games\Half Life\Half Life\Half-Life\hl.exe [2001-09-14] (Valve, L.L.C.)
Task: {3E8246E6-794B-42C5-8CED-5CD7FD71AF23} - System32\Tasks\{8C8463BB-BD6B-43DD-BF86-D4575F509EA8} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {3E855FC1-278C-479E-B989-E0B61638EDBE} - System32\Tasks\{42FCFFC7-9E43-4700-9D92-AF2295D91DBC} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {3F4654FE-9058-4A96-827D-2EA1A5FD622D} - System32\Tasks\{BC4D6765-1BF0-49EF-A40A-0C7514B4C3C2} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {3FC776F8-6474-4876-9C7C-97B387870531} - System32\Tasks\{76AEF90F-73A2-494D-BEF9-FFE54880EDA3} => C:\Games\Delta Force\Df.exe [1999-02-19] ()
Task: {4116F9E7-C2A2-43D4-87FD-978B783ACAAF} - System32\Tasks\{64341BEF-72B4-496D-A70C-E8844E06BB5A} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {423542CE-6A1F-4A8A-B8A7-903D3C30C50F} - System32\Tasks\{9DA52046-4AA6-4625-9C3B-4F08C1B494E4} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {429343E3-2C06-4F3E-9E3B-DF3B5E0FEF22} - System32\Tasks\{CAED890B-4826-4C76-9F56-85600D9FEA87} => C:\Games\Pure Sudoku\PureSudoku.exe
Task: {4298377F-FA20-4C37-9F9C-444620ACB1AE} - System32\Tasks\{418F64E7-E43E-41FF-800A-B9221DC7FDB7} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {431AAFBC-A48B-4A70-A18F-3A2BBD9773D8} - System32\Tasks\{C3EECAEC-6EEE-4B53-B313-1B92BD393EEA} => C:\Games\Rainbow 6\Raven Shield Single Player Demo\system\RavenShield.exe
Task: {4460506E-D191-4B7C-A567-50204B9FACA4} - System32\Tasks\{CC46F1EC-F510-4E30-8B9C-75A519A936CF} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {44B1243E-C931-47FC-8FD5-3426D1B8BB3D} - System32\Tasks\{15A36ABF-2B6C-4856-9DD9-172930FC1C8B} => C:\Games\Archangel\bin\Game.exe
Task: {45BC68D9-AE07-495E-853A-02C069EFC876} - System32\Tasks\{53A8AD0E-DA35-40C4-A166-B79D9BD1BCEA} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {47BCF5FD-7783-4B87-B34A-F105F0087DD9} - System32\Tasks\{158B20E8-52C7-4E20-8D96-096F7F371228} => E:\setup.exe
Task: {48F5F9A9-A344-47DA-A5FB-1016945D0FFB} - System32\Tasks\{BD51E997-0637-4A36-AA03-D2F0D10A87AE} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {4AD2D016-CA6D-4E78-86EF-4E97CA72A3A8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe [2014-03-11] (Symantec Corporation)
Task: {4C54CE25-684F-476D-9CEB-7B5F8B9E66AB} - System32\Tasks\{BDB7FBDE-529F-4B6C-BF38-2F10AB137CCB} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {4E216513-FF35-471A-A9D9-5C1D1E95D3FE} - System32\Tasks\{5365B520-9788-437C-A21B-F2CB357D57BE} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {4E5A1AA3-6A0E-44E7-BAB6-AEA5000BF2F6} - System32\Tasks\{C3B931B2-E644-4555-9914-2CC7FCC31FEF} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {4E75259C-E2C3-4997-94BF-EBB15D0B92E4} - System32\Tasks\{C4666E3C-8936-45D6-9C12-34401C149275} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {4EB72857-0ECD-476A-829A-9D1B54AF4CD4} - System32\Tasks\{45EAB627-F35A-40A2-A688-27DAA51ACE96} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {5009CB5C-12AC-40A0-9309-625E47E80BDB} - System32\Tasks\{11155245-C649-41B7-A5BA-817ACECE6036} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {538D74D9-00FF-4642-8FFD-8C1763CE502C} - System32\Tasks\{3AE829C3-2444-48F7-88E2-F4835193ED86} => C:\Games\Quake 4\Quake4.exe
Task: {551D1E77-9CE5-454F-9C15-10A73FF766FD} - System32\Tasks\{2B7EBFA0-3E95-4FC3-8D60-3C5F3DABF6A3} => C:\Games\Black & White\runblack.exe
Task: {5698B9F9-ADEE-480D-9999-A1A3A5175970} - System32\Tasks\{5408A2AA-5FEB-4B07-A51D-282726526348} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {56AEE2E5-CD63-41B3-8076-48BD17836AD8} - System32\Tasks\{FF2AEB86-EE5E-418C-B408-E2C23828D267} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {57D54556-0A54-4A14-8BAA-3BA0BF07AC75} - System32\Tasks\{83530B36-E083-41EE-8C95-8CF04A31945C} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {57DBC0D8-0323-4FBF-A1FB-A1C8451F9603} - System32\Tasks\{BC688DAD-619D-4159-80BF-3D0A74170590} => C:\Games\Doom 3 Demo\Doom3.exe
Task: {59569283-2903-44E5-9415-A9AB7EAE7BF3} - System32\Tasks\{DBA4DDCE-0E1D-4C88-B2A9-11B177063E5B} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {5A18BDEE-3FEE-4727-83EF-572CAA37A1BB} - System32\Tasks\{BAC5F6C7-CFA3-4F84-A223-D955E132506C} => C:\Games\Quake 4\Quake4.exe
Task: {5A546B40-4FF4-454B-9DC2-2B36611A009E} - System32\Tasks\{B210495F-6257-40ED-99D7-DA74F4BF8DD6} => C:\Games\DF Black Hawk Down\dfbhdd.exe
Task: {5AC02592-F10E-4FAD-93CD-785E169EEC52} - System32\Tasks\{0CF8A41F-C279-4691-89D7-867E9A6E6185} => E:\setup.exe
Task: {5BC71E22-9994-4AA7-92EB-BE38565ADF2D} - System32\Tasks\{F57B2B05-90DB-45CB-8A06-E0EE5FB3F748} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {5BF154A3-5E44-41C1-A449-41C392AD585E} - System32\Tasks\{7B39EC85-4ADC-48BE-B52D-503050623BF9} => C:\Games\Call Of Duty\CoDSP.exe
Task: {5C37BC1C-6067-4441-8F32-C66B01F6E579} - System32\Tasks\{C8F7CFDC-2F4B-425E-9CD2-6A01A2D32EB4} => C:\Games\Nukem Manhattan\DukeNukemMP.exe [2002-05-02] ()
Task: {5C4A865D-DDCE-429E-BF39-9294D0CBF1AB} - \dsmonitor No Task File <==== ATTENTION
Task: {5D20F672-64F4-4A14-8B36-C225404C170E} - System32\Tasks\{D43315C5-3733-4C67-9F21-3C7EFFC56F32} => C:\Games\X-Com Enforcer\X-Com Enforcer\System\xcom.exe
Task: {5DB4E2A9-99D2-40A5-951B-CFF9F59363A3} - System32\Tasks\{F4B04656-8D0F-4236-A01F-9AE7404DBEE5} => C:\Games\Doom 3 Demo\Doom3.exe
Task: {5E276043-9160-4E02-A756-4CC359D35A6D} - System32\Tasks\{74FF65E2-0AD7-4FCC-A2BE-F204A1B7C3B5} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {5E28EFD4-18A7-4148-B75E-F859B966EF17} - System32\Tasks\{970249A3-71CA-450C-8DED-DC5989530C12} => C:\Games\Delta Force\Df.exe [1999-02-19] ()
Task: {61DDCD9A-EDE3-4F2A-AFC1-2F54BC7BC40A} - System32\Tasks\{745E16A9-5540-42C3-8957-2D0E43E9E817} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {636C23C0-7643-4B5E-A9DB-755077D25FBA} - System32\Tasks\{64A1468C-F395-4F32-BD7E-88B994CD984A} => C:\Games\Delta Force Xtreme\DFXDemo.exe
Task: {6434E0AF-4079-4625-9647-58D542CAAC49} - System32\Tasks\{A439E7EE-35F9-4EC8-A009-5A3646808130} => C:\Games\Ghost-Graw\GRAW_PC_demo\GRAW_demo.exe
Task: {655160DD-DC77-4694-89A0-A9F86AD994AB} - System32\Tasks\{6A05DEF8-424E-4E78-A5EB-48360C74C85E} => C:\Games\Nascar Thunder 2003\NASCAR_Thunder_2003_Demo.exe
Task: {67750EBD-2440-45C3-94CA-B9345CB50333} - System32\Tasks\{DEF79C18-00ED-49DC-BB6F-2C7F5420A9F5} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {695B267B-C976-4A17-9627-6BE5A99B8025} - System32\Tasks\{3CC19815-B5E8-42A8-A0B9-0E37E21D28A9} => C:\Games\RiskII\RiskII.exe
Task: {6B1CADF4-6D98-4D9A-9B7C-5132D992A10B} - System32\Tasks\{52A04CD2-E39B-4613-82F9-D44AC10CA7EB} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {6B2BFBC9-16CC-4E4D-AEB3-87C4980813C6} - System32\Tasks\{4D5F7D8B-AAC6-4388-9FFF-9B127A5889E2} => C:\Program Files (x86)\VMware\VMware Player\vmplayer.exe
Task: {6B7F4B3B-5236-4D25-A9F6-A807A55F368D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {6D48676F-5516-4BCD-8126-6BCA14D09EA0} - System32\Tasks\{28B97773-C609-4305-AB22-69C33E2B89C5} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {6ED0BCCB-3054-4628-B251-A311F7F6756E} - System32\Tasks\{E1DA3684-3D5D-470B-8C4C-58DAEF11C833} => C:\Games\Archangel\bin\Game.exe
Task: {6F8B42AD-65E5-4177-A52A-31C75DC76CED} - System32\Tasks\{604F116B-5A13-48FC-ACF8-8CE6D739260A} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {7058D7C1-5A85-460C-BA83-825E4960A150} - System32\Tasks\{C7569741-BC23-445F-9D3B-9F139F9633EA} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {72EFA082-C15E-4023-933D-C131A1C39A74} - System32\Tasks\{6B24A5AA-87D4-4295-B9BD-808D9A5C4FC5} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {754BAEDC-4CCA-4F6F-BAE9-627359977FDF} - System32\Tasks\{C9D0B0F9-8953-4231-9E24-ED754B0E0652} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {77F836E6-0041-420B-8AC5-B67003E1ECBA} - System32\Tasks\{82778454-0A14-4EE4-B81B-F481B02E77F3} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {7A5CC916-EB68-4561-85DB-C053DB73CB7B} - System32\Tasks\{45CFF0D2-D530-4334-A673-AF22BA242BEE} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {7A9484B3-21D8-4304-B4C8-4DE09253A36B} - System32\Tasks\{409EC6A0-0AAB-4EBB-88F3-A7473C5504B5} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {7B3A1E15-D10D-4CFD-B7A1-41C5013BB64B} - System32\Tasks\{EE5119B6-70CC-45EC-A7FC-5364350F6453} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {7D3D6DBC-9617-470C-A1B8-F4C944C905E1} - System32\Tasks\{0D904D6C-C856-4514-AEA2-6E03544073E4} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {7D72DECD-7950-42E9-B3C1-8F7AD4F37A37} - System32\Tasks\{8507AD6B-75D5-4662-A942-5809C09349AE} => E:\Painkiller_BOOH.exe
Task: {7D94EEC5-4DF0-470F-A97F-A1EC3430F89D} - System32\Tasks\{CE270619-FCE2-4526-B99B-880F565089EA} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {7EB0CD3C-A322-4266-ADCB-8F451E4E76E9} - System32\Tasks\{A1BD1E65-0872-4528-82CC-649F63976E82} => C:\Games\Quake 4\Quake4.exe
Task: {812C64F0-32A6-4821-B71B-D826D4F08E0F} - System32\Tasks\{6ECE0108-C2D0-4750-89BC-2B635FE35BF4} => C:\Games\Daikatana\daikatana.exe
Task: {819D991F-448B-4D09-A485-15F46A5BBB3A} - System32\Tasks\{0725B3FE-57B6-47EC-BF44-EAF295CF42EB} => C:\Games\MVP Baseball 2003\mvp2003.exe [2003-03-07] ()
Task: {81E6B26C-BFEF-4278-AEB6-54A45C88D97D} - System32\Tasks\{F667AD0D-838B-4B36-8D02-AF4C5AD4908D} => C:\Games\RiskII\RiskII.exe
Task: {82221CA7-F2FB-4969-8DE1-42653738DC79} - System32\Tasks\{68C3A782-9415-44BD-A929-425FB5278014} => C:\Games\Halo\halo.exe [2003-09-04] (Microsoft Corporation)
Task: {82D635F3-9793-4255-A9DA-4613DD596442} - System32\Tasks\{AD23FD96-96DB-42C3-9887-806F80899F33} => C:\Program Files (x86)\Beetle Buggin'\beetle.exe [2010-01-26] (Efecto Caos S.L.)
Task: {834C5004-56D5-45F4-8B8D-ACC3A6A2E124} - System32\Tasks\{C7399E6E-E93D-4018-946C-269774500F8C} => C:\Games\X-Com Enforcer\X-Com Enforcer\System\xcom.exe
Task: {841D3FE3-3AB6-4F2C-B4CA-39526A6BA9CF} - System32\Tasks\{0AD17D6D-82B7-4548-A862-615DD2F55D8E} => C:\Games\Gunman\Gunman\gunman.exe [2000-11-12] (Rewolf)
Task: {85F345D3-671C-4EEB-AB33-561C2BEC0994} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {861C284A-DDCF-4FF2-A5B3-A018179AC107} - System32\Tasks\{E13C8A2F-D98A-4658-B22A-03F42EA8959D} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {874D69E6-1E40-49A8-B2FE-37BD6DE5644C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {8754FF3C-BC87-4264-ACBA-D153E4E4A96B} - System32\Tasks\{BC42ECE1-3246-4446-96CA-83E9BA84C18C} => C:\Games\Half Life\Blue Shift\Blue-Shift\bshift.exe [2001-04-20] (Valve, L.L.C.)
Task: {87596F8E-FB74-46DE-BF88-5F7938A06168} - System32\Tasks\{A5F01FF5-B50B-4E1C-8DC5-F0B0DAFCF4A4} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {8951572E-D9B9-4EE9-9AFA-EEA4EA2B46F5} - System32\Tasks\{53ACFA56-FA37-4B77-96F0-35382ABBC3D0} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {8B4CD0D4-8B22-4248-A3BE-02078A2D1422} - System32\Tasks\{7A298186-90F9-47F1-BDD9-8DB1F65A4EEB} => C:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Task: {8D11F619-6714-4B18-8ED9-98AD7F98B8CA} - System32\Tasks\{FB268BC3-88EE-4153-9433-B6AFF825AAF4} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {8DFD5CE3-B889-4439-83E7-D838CA816630} - System32\Tasks\{D93B2A40-A706-444E-AA70-08B1B4C076AC} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {8ED37AEA-690F-44C9-837D-CF3F6263CE61} - System32\Tasks\{4CABDAD1-988A-4178-84DA-634B0576F56D} => C:\Games\RiskII\RiskII.exe
Task: {8F994380-C15F-40FA-8BDB-D116F1B888F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {9072E7A3-7108-4F1A-A8F2-098DA5B42E15} - System32\Tasks\{985FC92D-3B30-4E33-8FA7-597B2E58CA6D} => C:\Games\Doom 3 Demo\Doom3.exe
Task: {911CFD23-500C-4FF9-ADA4-251822BB286D} - System32\Tasks\{F4FDF1D2-D63A-41DA-AF3E-4DF5F6B80C2A} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {91AEF6A7-539A-44CD-B79C-A38E334F72A9} - System32\Tasks\{9F9D7744-5955-4E8E-BC28-0A7923623043} => C:\Games\DF Black Hawk Down\dfbhdd.exe
Task: {94EB8152-150B-4692-9815-D251FBD1D85C} - System32\Tasks\{9C0BD239-572B-4977-A2C4-360AE2BDB2B2} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {96C7FE2B-4E5B-4159-B1CB-33AF451A93BE} - System32\Tasks\{DD3C3CE8-BE8C-44FF-9E36-48C891FA143C} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {9745F3A0-4556-4FB2-A1A2-8AC2AF2FE5AD} - System32\Tasks\{E4085DD6-6D53-439A-9E49-188B07CC3510} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {98710BA7-4959-4AB7-B003-F43043B2C0E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {98A7CBC7-BD6E-4330-B0FF-DC301075FAFF} - System32\Tasks\{0CE281E9-B321-4670-AFC7-678ECD2BA27D} => E:\PainkillerSetup.exe
Task: {9909A606-29BC-4807-8A43-742D450C6E7D} - System32\Tasks\{1DFCE728-FADF-4746-8697-AA3848F864D3} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {9B9F1731-A7D8-4D73-AA3D-BC92A510ED92} - System32\Tasks\{36D712B0-9E98-482B-8031-2BCF10088F92} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {9BC7DC30-4DD7-4E82-A4ED-2E31D15F788C} - System32\Tasks\{0AF82B01-2E5C-401B-8B88-130DBD45BCF7} => C:\Games\Doom 3 Demo\Doom3.exe
Task: {9CAD780C-FA3D-4081-BEB6-DBDF07C0E691} - System32\Tasks\{2B140CB2-1BE2-479C-B721-F5D10249C97E} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {9E674FA0-EED1-4DA8-A9DD-123900D95978} - System32\Tasks\{99F8D0D4-3E04-4999-85BA-75A5968BD0C3} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {A067AA63-935F-4F72-96E9-E5B3C3D14195} - System32\Tasks\{0819DBAD-E634-4433-8F62-33B3D6EA24C9} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {A1B52636-AC77-4746-A586-19CD653D87B0} - System32\Tasks\{A5DDE846-638A-4E26-A852-716794BECDFD} => F:\Downloads\012710\AddictionDemo.exe
Task: {A1D9C03A-B26D-4CAB-9C4E-E9F2AF75431E} - System32\Tasks\{0F11EC16-A81C-4116-88F1-3AF45E19F47F} => E:\setup.exe
Task: {A25EBC02-E0BA-421C-AC4B-3F06030B05B9} - System32\Tasks\{D3AF0B88-ED14-481A-87DB-F1BB0B777267} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {A3EEAC60-F05E-4F0F-945F-37F6239C081E} - System32\Tasks\{28F7F17E-B853-40FD-8685-68F5E78CC494} => C:\Games\Diablo II\Diablo II.exe
Task: {A44BD0D8-9B3C-435C-AFF1-146233F8DD6F} - System32\Tasks\{C88066FB-9348-4B75-A4D2-6B7D118C49CB} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {A48BE571-C552-4CEB-AF1E-64954959A137} - System32\Tasks\{CDB227B5-76D9-49E6-8A1C-D29107983892} => C:\Games\MVP Baseball 2003\mvp2003.exe [2003-03-07] ()
Task: {A572E001-282C-4943-9835-18B64F40B548} - System32\Tasks\{EFE1BFF7-22F8-4152-9E2D-142C6D5007AA} => C:\Windows\IsUninst.exe [1998-10-29] (InstallShield Software Corporation)
Task: {A625E34E-4E46-4CD9-8122-1D498526A1CD} - System32\Tasks\{D060D517-345E-470B-A1DE-89A21A6CC1A5} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {A66BBD78-EE7C-42DB-B382-865F38B952A3} - System32\Tasks\{A1CB51A3-77DD-4113-91E2-20616D8D2211} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {A848CD5D-4857-4A49-85A0-12A89277BD3F} - System32\Tasks\{A869A5C9-693E-4124-838A-84F8CC2BAF97} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {A94E0923-4A7F-49C3-AEBB-5D86E5A9FAA2} - System32\Tasks\{CB0F03DA-3494-4671-9D1B-0B5159587744} => C:\Games\Quake 4\Quake4.exe
Task: {A95F2024-81E4-4D12-B7A8-F3ED65C7B03A} - System32\Tasks\{7F0325C6-0E06-4BDC-A3CC-785DD35DCAFA} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {AA1FCE12-17AC-499E-B56F-3FC54170CE38} - System32\Tasks\{3B0C8662-DD40-441E-BE89-3F1CB9D0A2EF} => C:\Games\Nukem Manhattan\DukeNukemMP.exe [2002-05-02] ()
Task: {AA320F71-2BCA-423B-81F8-0C88565DC684} - System32\Tasks\{EA17DC41-8C07-40F4-994F-E87FA1740B1D} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {AA5820D0-9351-4CD0-B723-AE6876B442A9} - \YourFile Update No Task File <==== ATTENTION
Task: {AACD2312-CA41-43EF-8442-AAA0A24EEC06} - System32\Tasks\{5A9231DC-5125-4B80-8B81-73FC123809CB} => C:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Task: {AD4E086E-D2D8-4B4E-A12C-195E74AC73C2} - System32\Tasks\{3550D480-1756-4DA4-8733-7EBA467C67F1} => E:\Painkiller_BOOH.exe
Task: {AD50F888-ECF3-4BB1-AA25-DA1498E74B68} - System32\Tasks\{18A082DF-8D51-4B55-9DE1-575A58DA652D} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {AD58245B-1C15-45AE-8C4D-509A1681DC7D} - System32\Tasks\{64578691-0E00-411E-A9D3-C96CFFC5B15F} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {AE0B3D53-1C7C-414B-AB1E-963ACA1CE2B7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AE105D43-02FB-49C6-A2FA-E25F043F4D4D} - System32\Tasks\{FFB8F020-185A-4FA3-9918-87EAAF22B8B6} => C:\Games\Links 2003\LinksLauncher.exe
Task: {AE21DDAD-1CBC-4069-97FF-F993A1278A8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05] (Google Inc.)
Task: {B1B31152-F1D4-44DE-9D6E-AB09E7D1AA0E} - System32\Tasks\{B2AACD81-D488-4372-93F9-4A58C4FFF029} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {B28F2041-D71F-4EDD-BDBB-B67EEDE38664} - System32\Tasks\{C8AD1DBF-4878-4940-803F-12BFC64F3B38} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {B3FEB538-FBB5-44CF-9AEF-C37301F97CA3} - System32\Tasks\{3685C70E-6733-4B20-99AB-04CBF5726131} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {B428A7E5-6861-42D3-B78E-5E00CBEB342F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-05] (Google Inc.)
Task: {B4F1F45A-F674-4A4F-AC4B-0F3A369EAD33} - System32\Tasks\{1BB7C7F2-BF6F-4031-B364-820D30727556} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {B60E8704-82D3-4E58-920D-73CB5A641DD3} - System32\Tasks\{348DD1C6-58D7-40F5-9250-8505FEC8BCBA} => C:\Games\RiskII\RiskII.exe
Task: {B6871B92-0B59-4F7E-BFBF-F62F872E75AB} - System32\Tasks\{921567DE-E324-4473-AA8B-A80C9AAE4BC8} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {BA3533CD-3650-43A8-8E61-C091EF557DB0} - System32\Tasks\{72206003-5489-4127-A63D-65A9A4D70070} => C:\Program Files (x86)\Doom 3 Demo\Doom3.exe
Task: {BAB961C7-DC6B-41DC-BEF6-2C9CAEC8BE90} - System32\Tasks\{789D9143-C5DA-45D3-95AF-2E8B6C9E14F2} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {BB2080CD-98C7-441C-8F12-112BEF354442} - System32\Tasks\{A4994CB4-EDA3-4094-B63C-B90DACCA51B2} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {BD4825C6-6B35-40C0-B729-6E22E8B78ABF} - System32\Tasks\{3EBD1666-BDB8-466A-A635-0A75DEB25A9A} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {BE3E054B-987D-4145-89F5-BAA6E1F3DC39} - System32\Tasks\{613658B9-C08E-48D0-BF1A-705ACFC64DF4} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {C082D9EF-87A8-47A4-BD88-A3E5E6197C30} - System32\Tasks\{B6E735AE-2277-4ABA-AB0D-74CC7B20F893} => C:\Games\Quake 4\Quake4.exe
Task: {C09D515C-871B-418D-A574-3014C7FAE48F} - System32\Tasks\{21580FDD-E14A-45FD-9EC6-80A9E22A2191} => C:\Games\Ghost-Graw\GRAW_PC_demo\GRAW_demo.exe
Task: {C16EA49F-D570-47BD-97E8-E5356D0C8E1E} - System32\Tasks\{D028CE1E-155E-41A2-A7BF-48B8A64D1350} => C:\Games\Risk 2\RiskII\RiskII.exe
Task: {C257F359-D9B8-43C9-A534-E429E3D8CCA9} - System32\Tasks\{7BF854B1-69A4-4D24-9EF3-E18A14AA9C8F} => C:\Games\SOF 2\SoF2.exe [2002-05-03] ()
Task: {C29056E9-9AF3-45BF-800A-1E11759E37F4} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {C4B16FBA-C3FA-4674-84B9-2A0AE819A983} - System32\Tasks\{8539ADB4-340E-4BD9-A5EE-3FDCBD056B6B} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {C4E94310-5178-4237-BA8A-5DDF14BA2D7A} - System32\Tasks\{A84E2E8C-056C-48FA-86CC-3FCF386D2508} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {C710ABB5-AC54-4524-AF7C-864BF0195FCB} - System32\Tasks\{A7925A5E-5217-4628-8E96-7613440AC901} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {C793361F-31A1-43DE-B202-0041ABFDD49A} - System32\Tasks\{7D38B981-5CBD-49DE-8314-8A068B55384B} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {C955CDD9-F0F7-4982-B6D7-022BC313EA5A} - System32\Tasks\{92912CD4-F3F9-4927-AB00-E243492FFEE5} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {CB249688-D39A-41F1-875A-2B035920FB8B} - System32\Tasks\{D643E949-69E4-4E4C-BC80-D61A4B2767DC} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {CC7154C6-6D24-455B-BC2C-93B861026820} - System32\Tasks\{568E72A1-AC88-4EE2-8342-4267B54C81AA} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {CD15BBEF-12AA-4977-BB7A-A2E66EAB5798} - System32\Tasks\{1EB1157B-3BD7-484A-AA09-585D0960A019} => C:\Program Files (x86)\Beetle Buggin'\beetle.exe [2010-01-26] (Efecto Caos S.L.)
Task: {CDA825F9-3519-40B6-9908-12FB6764225E} - System32\Tasks\{C6ABAEB6-9BC1-4CE4-AF71-340C2C44F026} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {CE19847D-BEE9-4E5C-9AC1-BBDD68D7D014} - System32\Tasks\{2905786C-7AC4-48F6-9FC3-FDE32EA9302D} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {D0DA055C-BAD1-4ECF-8B44-E1794CA7D3BF} - System32\Tasks\{CA12EFAA-39DD-40EC-9B4D-7422B697E41B} => C:\Games\Quake 4\Quake4.exe
Task: {D16E4888-C106-45ED-BA4A-3DB503F144C3} - System32\Tasks\{DB302EDA-DE10-4864-8753-954EA9A4471F} => C:\Games\Civ 3\Civ3Edit.exe [2002-06-28] (FIRAXIS Games, Inc.)
Task: {D48D7123-267A-4F61-BE36-4AF70A306584} - System32\Tasks\{4070ED18-07EF-4CA2-AE00-7541090BF6F9} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {D59748BF-BEEB-42BA-8712-471825EDEDED} - System32\Tasks\{27424D4A-9DF1-4A06-B016-546462D012E2} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {D5D8FF05-5BFB-4BE5-9158-49CFF1FEEB78} - System32\Tasks\{E7F115EB-8E3A-493E-B248-4F9B4484624D} => C:\Games\MVP Baseball 2003\mvp2003.exe [2003-03-07] ()
Task: {D66002FF-3D2C-4D99-99CB-913156152C95} - System32\Tasks\{A65ABCF2-0359-4D38-AC79-00B9052A7C8B} => C:\Games\Quake 4\Quake4.exe
Task: {D7694CBA-9E1D-423C-B1DB-C8465D171034} - System32\Tasks\{DBDD6A90-C847-483E-B26E-E0578E40989A} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {D8A137B7-ECF9-42FF-B99A-D1EFEAE69E9A} - System32\Tasks\{EC68295C-7926-47F6-AFDB-B67ADF0B0F22} => C:\Program Files (x86)\Beetle Buggin'\beetle.exe [2010-01-26] (Efecto Caos S.L.)
Task: {D970309D-F5D0-4E9D-983A-B99AC566BF98} - System32\Tasks\{B3C83705-667A-4ADE-AD5C-B80843255CB5} => C:\Games\X-Com Enforcer\System\xcom.exe
Task: {DA15CD77-1FC6-4B0B-B5ED-FF23C13C835B} - System32\Tasks\{380A83D8-AF61-4201-B49D-0DE8207FF510} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {DB5D7C43-6FD7-4481-9853-FD0DE7B819E3} - System32\Tasks\{3EBFB954-9A2E-48E4-B032-7144FBAC8310} => C:\Games\Rainbow 6\Raven Shield Single Player Demo\system\RavenShield.exe
Task: {DCE10CF1-D8C2-4227-95F2-4A7553D039DE} - System32\Tasks\{9956A125-124E-48E6-878E-277E23932DB9} => C:\Program Files (x86)\Uniblue\DriverScanner\Launcher.exe
Task: {DF4091E0-996B-4751-B523-90DF7E01CB2E} - System32\Tasks\{5D040087-0125-426C-BB8D-97854EBBA1DF} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {DF92E203-C988-4D9D-ABE5-37ADEDFCB8FC} - System32\Tasks\{CED4883C-D2D9-4CF1-BD73-7B67201F48BA} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {E063E69F-43E1-499F-B630-4D647A9A627A} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {E0E10624-384B-4823-A7A5-71B8B65CF8EA} - System32\Tasks\{C78BFED0-757E-41F7-8972-17BA1FAAC21E} => C:\Games\Links 2001\LinksLauncher.exe [2000-11-14] (Microsoft Corp.)
Task: {E10FDCCE-D584-483E-A133-BB0A5005B0DA} - System32\Tasks\{86EF707C-7230-4CBB-A353-3EACB5EA3A50} => C:\Games\Nukem Manhattan\DukeNukemMP.exe [2002-05-02] ()
Task: {E2266CEE-4E18-4A39-80E8-EFD7AF9DEDB8} - System32\Tasks\{0161E857-128B-47DB-9ACC-3B913EFE576A} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {E5350F0D-CC6F-46C2-BFDF-9045DB694515} - System32\Tasks\{20C722E8-27A9-4712-A572-AA5649783748} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {E70A1823-285A-42CC-AF52-3578BBDACB0B} - System32\Tasks\{02C59D02-30EF-4FF8-A037-680D67242B26} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {E8CCFF2F-3D49-46ED-AB2A-8DDF6437BB16} - System32\Tasks\{394C0CB1-C666-4CC7-B5C1-A7D290688075} => C:\Games\Daikatana\daikatana.exe
Task: {E98FC6C2-450D-4DF4-BEAA-F91816461B00} - System32\Tasks\{794D2F6A-5225-4AB3-9371-8CE4A908C312} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {EB1B1009-3DA2-4566-8C53-6D85869F2E42} - System32\Tasks\{2DB2F56C-42E0-4290-B694-B0DADB7B51C7} => C:\Games\Heretic 2\Heretic2.exe [1999-05-17] (Raven Software)
Task: {EB9ED9E9-94DA-4CC4-8D1F-0B953353D602} - System32\Tasks\{561D6A19-9FFF-491B-AB03-BD13449E3212} => C:\Games\Rainbow 6\RainbowSix.exe [1998-09-15] ()
Task: {ECAF8DA4-0301-4F2C-9236-2EDF4C5CCF37} - System32\Tasks\{1BA4802E-1C30-4E94-BE3A-11975A69D5ED} => C:\Games\Doom 3\Doom 3 Demo\Doom3.exe
Task: {ECB8271B-79A6-4560-975A-7DBBE393C8CF} - System32\Tasks\{8005A221-C048-47C3-BF77-93D69AD1A889} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {ED1877EE-A382-4F8A-A913-02C25C09A3F1} - System32\Tasks\{47F776AD-08E7-453E-8F38-7579291E1478} => C:\Games\Undying\System\Undying.exe [2001-01-26] ()
Task: {EF907569-2A41-4D15-8A23-1808B3C5C2CC} - System32\Tasks\{DFABCF80-181F-46BD-99C6-D52FAE0909BB} => C:\Games\Rainbow 6\Raven Shield Single Player Demo\system\RavenShield.exe
Task: {F16C28FF-5EB1-427A-9F88-6BDF668CC125} - System32\Tasks\{9B4DBEE7-A791-4FF3-B603-C72AAD4E6483} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {F24F74D5-89AD-4309-B9F3-829FABCB7C78} - System32\Tasks\{072B0073-8F34-4E80-9184-7011DFF677F5} => C:\Games\Painkiller\Bin\Painkiller.exe [2004-11-12] (People Can Fly)
Task: {F3BFDFCB-DA48-4FB8-BE66-4BA2C9CD3E50} - System32\Tasks\{E88A0FEF-89AD-44FD-9444-E66D03D834CF} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {F50D35DC-4EC2-4346-9A0F-715FAF9FE3D6} - System32\Tasks\{0DF0DF07-C20C-4FB4-A722-42AB279F730B} => C:\Program Files (x86)\id Software\Quake 4\Quake4.exe
Task: {F84885AC-29EA-4C70-A457-853A225B0E95} - System32\Tasks\{E191387B-1964-45CA-8061-4A0ECD923067} => C:\Windows\IsUninst.exe [1998-10-29] (InstallShield Software Corporation)
Task: {F8A6CE70-7D83-4F7D-B621-D88BEFE613E1} - System32\Tasks\{16DDA5FA-C3D5-4AAA-BD99-9451B9C0DCDB} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: {FCE09ADE-3663-47B6-A672-8E54E0298138} - System32\Tasks\{56212B2A-F24C-48F7-8A5A-80C41916C450} => C:\Games\Return to Wolfenstein\Return to Castle Wolfenstein DEMO\WolfSPDemo.exe
Task: {FD2BFF88-3579-4022-9856-81C8CAE1A7F5} - System32\Tasks\{1F6F468D-9B4D-481E-927B-839E2306B815} => C:\Games\AVP\AvP.exe [1999-05-10] ()
Task: {FDE5EAFE-7E11-4541-AE75-46390D842AE9} - System32\Tasks\{797D6BF6-6D7C-4024-A33B-8E57B44EFDBD} => C:\Games\Quake 4\Quake4.exe
Task: {FEF7358B-85ED-4B4E-B467-DF88B0069EB2} - System32\Tasks\{A4A32284-FC97-4815-803C-0EEFBCE7DB20} => C:\Games\Ghost Recon\GhostRecon.exe [2002-10-11] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMark Fruehling.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
==================== Loaded Modules (whitelisted) =============
2013-05-05 23:05 - 2013-01-31 04:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-08 14:07 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2009-05-26 03:36 - 2009-05-26 03:36 - 00656896 ____N () C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-28 21:11 - 2009-06-03 14:34 - 03764224 _____ () C:\Users\Mark Fruehling\AppData\Roaming\PictureMover\Bin\Core.dll
2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2009-12-28 21:11 - 2009-06-03 14:43 - 01703936 _____ () C:\Users\Mark Fruehling\AppData\Roaming\PictureMover\EN-US\Presentation.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:A3F4C22C
AlternateDataStreams: C:\ProgramData\Temp:A8ADE5D8
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: WordWeb => "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (05/01/2014 06:25:59 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 1918.49 MB
Available physical RAM: 1053.23 MB
Total Pagefile: 3836.98 MB
Available Pagefile: 2552.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (COMPAQ) (Fixed) (Total:221.88 GB) (Free:84.82 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.9 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (HP v100w) (Removable) (Total:1.87 GB) (Free:0.23 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
Here is the OTL log created after OTL executed:
OTL logfile created on: 5/1/2014 6:58:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mark Fruehling\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 52.26% Memory free
3.75 Gb Paging File | 2.45 Gb Available in Paging File | 65.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.88 Gb Total Space | 84.82 Gb Free Space | 38.23% Space Free | Partition Type: NTFS
Drive D: | 10.90 Gb Total Space | 2.02 Gb Free Space | 18.55% Space Free | Partition Type: NTFS
Drive G: | 1.87 Gb Total Space | 0.23 Gb Free Space | 12.40% Space Free | Partition Type: FAT
Computer Name: MARKFRUEHLING | User Name: Mark Fruehling | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/01 18:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark Fruehling\Desktop\zzOTL.exe
PRC - [2014/03/28 06:39:51 | 000,228,744 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
PRC - [2014/03/12 03:29:49 | 000,276,376 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\nis.exe
PRC - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/10 03:47:52 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\SeaPort.EXE
PRC - [2013/02/19 22:32:20 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2009/06/03 14:35:16 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2009/05/26 03:36:13 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2013/07/10 18:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2009/07/13 20:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009/06/03 14:43:14 | 001,703,936 | ---- | M] () -- C:\Users\Mark Fruehling\AppData\Roaming\PictureMover\EN-US\Presentation.dll
MOD - [2009/06/03 14:34:18 | 003,764,224 | ---- | M] () -- C:\Users\Mark Fruehling\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2009/05/26 03:36:13 | 000,656,896 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/12/03 21:27:24 | 000,028,672 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2014/04/29 07:25:33 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/12 03:29:49 | 000,276,376 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\NIS.exe -- (NIS)
SRV - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/10/10 03:47:52 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/10/10 03:47:52 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/02/19 22:32:20 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010/09/30 16:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/03/03 23:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/23 09:15:03 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/02/17 20:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/15 10:31:08 | 000,138,664 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2014/02/11 13:33:43 | 000,875,736 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/02/11 13:33:43 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1502000.026\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/13 05:47:27 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/05/12 19:36:39 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/03/04 07:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/01/26 18:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/31 01:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/03/26 06:34:46 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20140430.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/03/18 20:24:11 | 001,525,976 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20140409.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/02/22 02:00:00 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140501.003\ex64.sys -- (NAVEX15)
DRV - [2014/02/22 02:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/02/22 02:00:00 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140501.003\eng64.sys -- (NAVENG)
DRV - [2014/02/15 10:31:08 | 000,138,664 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2013/11/20 21:56:49 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{34CFDD70-3889-41FA-AA2F-4DDC883CF675}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{492A6D90-922B-4BBB-A099-A2364C0ACDE3}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{34CFDD70-3889-41FA-AA2F-4DDC883CF675}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{492A6D90-922B-4BBB-A099-A2364C0ACDE3}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {C3CD82B2-A9E9-43C5-A80E-A0F06378ADFC}
IE - HKCU\..\SearchScopes\{34CFDD70-3889-41FA-AA2F-4DDC883CF675}: "URL" = http://www.bing.com/...E11SR&pc=CPDTDF
IE - HKCU\..\SearchScopes\{492A6D90-922B-4BBB-A099-A2364C0ACDE3}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADFA_enUS425
IE - HKCU\..\SearchScopes\{88BA080D-DF1A-45D2-8CE2-8461E30FBFFE}: "URL" = http://search.netzer...ry={searchTerms}
IE - HKCU\..\SearchScopes\{C3CD82B2-A9E9-43C5-A80E-A0F06378ADFC}: "URL" = https://www.google.c...?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\ [2014/05/01 17:20:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF [2014/02/23 09:34:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WordWeb\WCaptureMoz [2011/10/25 23:09:53 | 000,000,000 | ---D | M]
[2010/01/14 15:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark Fruehling\AppData\Roaming\Mozilla\Extensions
[2010/01/14 15:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark Fruehling\AppData\Roaming\Mozilla\Extensions\[email protected]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - Extension: Google Docs = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Docs = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.7.3_0\
CHR - Extension: Google Wallet = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Mark Fruehling\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
O2 - BHO: (Pop-up Blocker) - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files (x86)\Juno\qsacc\X1IEBHO.dll (Juno, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - No CLSID value found.
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (NetZero Toolbar Helper) - {FE3098B0-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\NetZero\UCReg.dll (NetZero, Inc.)
O2 - BHO: (Juno Toolbar Helper) - {FE3098B1-04A3-41fd-8CA9-BEA39CB14C87} - C:\Program Files (x86)\Juno\UCReg.dll (Juno, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.114.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files (x86)\NetZero\Toolbar.dll (NetZero, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (ZeroBar) - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files (x86)\NetZero\Toolbar.dll (NetZero, Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()
O4 - Startup: C:\Users\Mark Fruehling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots Wallpaper & Screensaver.lnk = C:\Program Files (x86)\Webshots\Wallpaper\WallScreen.exe (Webshots)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download with GetRight - C:\Program Files (x86)\GetRight\GRDownload.htm ()
O8:64bit: - Extra context menu item: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRBrowse.htm ()
O8 - Extra context menu item: Download with GetRight - C:\Program Files (x86)\GetRight\GRDownload.htm ()
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRBrowse.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: juno.com ([]* in Trusted sites)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.co.marsha...sessor/smsx.cab (MeadCo ScriptX)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.168.12 97.64.183.165
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63FEA10A-2D97-4C7D-812F-F23799D74841}: DhcpNameServer = 97.64.168.12 97.64.183.165
O18:64bit: - Protocol\Handler\junomsg - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\junomsg {C4D10830-379D-11d4-9B2D-00C04F1579A5} - C:\Program Files\Juno\bin\jmsgpph.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: BingDesktop - hkey= - key= - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
MsConfig:64bit - StartUpReg: WordWeb - hkey= - key= - C:\Program Files (x86)\WordWeb\wweb32.exe (WordWeb Software)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/05/01 18:53:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mark Fruehling\Desktop\zzOTL.exe
[2014/05/01 18:43:35 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/01 17:25:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/01 17:07:55 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/05/01 17:04:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/01 16:17:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/05/01 16:05:02 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/01 16:03:36 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/01 16:03:36 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/04/30 14:16:43 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Mark Fruehling\Desktop\zzJunk Removal Tool Download.exe
[2014/04/30 13:58:47 | 002,061,824 | ---- | C] (Farbar) -- C:\Users\Mark Fruehling\Desktop\zzFarbar Recovery Scan Tool X64.exe
[2014/04/17 08:35:32 | 000,000,000 | ---D | C] -- C:\Users\Mark Fruehling\Documents\International Association of Commercial Finance Brokers
[2014/04/17 06:41:51 | 000,000,000 | ---D | C] -- C:\Users\Mark Fruehling\Documents\EMPU
[2014/04/16 16:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/04/16 16:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/04/16 16:13:20 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/04/16 16:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/04/16 16:00:24 | 000,000,000 | ---D | C] -- C:\Users\Mark Fruehling\AppData\Local\Microsoft Help
[2014/04/16 16:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/04/10 06:11:05 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/10 06:11:05 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/10 06:11:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/10 06:11:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/10 06:11:00 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/10 06:11:00 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/10 06:11:00 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/10 06:11:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/10 06:11:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/10 06:11:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/10 06:11:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/10 06:10:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/10 06:10:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/10 06:10:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/01 18:53:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark Fruehling\Desktop\zzOTL.exe
[2014/05/01 18:46:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/01 18:34:02 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMark Fruehling.job
[2014/05/01 18:25:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/01 18:19:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/01 17:25:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/01 17:25:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/01 17:18:24 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/01 17:18:00 | 1508,761,600 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/01 05:26:56 | 000,000,484 | ---- | M] () -- C:\Users\Mark Fruehling\AppData\Roaming\.openyahtzee
[2014/04/30 14:16:44 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Mark Fruehling\Desktop\zzJunk Removal Tool Download.exe
[2014/04/30 13:58:47 | 002,061,824 | ---- | M] (Farbar) -- C:\Users\Mark Fruehling\Desktop\zzFarbar Recovery Scan Tool X64.exe
[2014/04/30 10:50:09 | 000,000,552 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2014/04/29 09:13:13 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/29 09:13:13 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/29 09:13:13 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/29 07:25:07 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/29 07:25:07 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/17 06:32:05 | 000,001,229 | ---- | M] () -- C:\Users\Mark Fruehling\Desktop\Download App by CNET 1.6.5.165 (need Internet).lnk
[2014/04/16 17:43:53 | 000,689,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/16 17:05:34 | 000,001,139 | ---- | M] () -- C:\Users\Mark Fruehling\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2014/04/13 21:24:46 | 000,465,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/04/13 21:19:37 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/04/04 21:25:53 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/16 17:05:34 | 000,001,139 | ---- | C] () -- C:\Users\Mark Fruehling\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2014/04/14 06:34:54 | 000,000,368 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMark Fruehling.job
[2013/05/24 07:47:21 | 000,003,584 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/05 14:22:02 | 000,000,484 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Roaming\.openyahtzee
[2012/02/19 20:46:17 | 000,001,057 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Roaming\DVDSubEdit.ini
[2011/11/16 07:45:48 | 000,001,854 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Roaming\GhostObjGAFix.xml
[2011/07/28 14:29:15 | 000,000,000 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Local\{9EA8F4E5-E260-4015-BFE0-F992DF264A50}
[2011/06/26 09:39:00 | 000,000,000 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Local\{7C2BA116-8764-4F18-BF5A-44E3BB5B2D02}
[2011/05/27 16:14:44 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/05/18 15:05:19 | 000,001,571 | ---- | C] () -- C:\Users\Mark Fruehling\four.dxp
[2011/05/04 09:42:25 | 000,000,000 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Local\{13E0D8A2-98FE-450F-9701-CF5268F8EEC0}
[2010/01/12 20:08:29 | 000,000,128 | -H-- | C] () -- C:\Users\Mark Fruehling\microsoft.dat
[2009/12/30 12:42:06 | 000,000,000 | ---- | C] () -- C:\Users\Mark Fruehling\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Custom Scans ==========
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST325031 8AS SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: HP v100w USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 222.00GB
Starting Offset: 105906176
Hidden sectors: 0
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 11.00GB
Starting Offset: 238350761984
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: MS-DOS V4 Huge
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 2.00GB
Starting Offset: 32768
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\assembly\GAC_32\*.ini >
< %systemroot%\assembly\GAC_64\*.ini >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*.exe >
< %APPDATA%\*. >
[2014/02/17 07:12:59 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\3MCloudLibrary
[2010/02/13 09:22:35 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\AccurateRip
[2010/01/27 20:16:25 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\ActionSoft
[2013/01/14 11:02:04 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Adobe
[2014/01/04 06:21:53 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Apple Computer
[2011/03/09 08:44:40 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Avery
[2013/04/20 15:45:07 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\AVS4YOU
[2011/12/13 19:22:14 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Awem
[2014/01/30 15:26:43 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Azureus
[2010/02/01 04:41:52 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Canneverbe Limited
[2014/02/02 10:36:53 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\CBS Interactive
[2011/03/06 08:50:41 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\CyberLink
[2010/02/13 09:30:22 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\dBpoweramp
[2014/02/02 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\DigitalVolcano
[2012/05/24 21:12:04 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\driveridentifier
[2014/02/02 07:27:00 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\EMPU
[2011/03/09 17:10:52 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\fltk.org
[2014/04/12 07:56:55 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\GetRight
[2011/04/03 11:40:43 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Google
[2012/06/16 06:48:03 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Hewlett-Packard
[2014/02/28 07:25:27 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\HP Support Assistant
[2009/12/28 21:07:45 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\HP TCS
[2013/03/29 12:34:13 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\hpqLog
[2014/02/28 07:25:27 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\HpUpdate
[2009/12/28 21:10:09 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Identities
[2012/02/07 17:51:51 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\ImTOO
[2010/11/14 18:41:18 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\InstallShield
[2010/11/14 16:04:07 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Leadertech
[2009/12/29 19:05:50 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Macromedia
[2011/03/11 07:09:20 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Malwarebytes
[2009/07/14 02:44:38 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Media Center Programs
[2014/04/16 17:30:28 | 000,000,000 | --SD | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Microsoft
[2010/01/14 15:25:46 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Mozilla
[2010/01/14 15:53:23 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\MusicNet
[2014/02/28 08:26:36 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\New Super Mario Forever
[2013/05/04 03:26:30 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Oberon Media
[2009/12/28 21:11:29 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\PictureMover
[2009/12/29 14:16:08 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\PKWARE
[2010/01/18 22:01:49 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\PrimoPDF
[2011/10/12 06:19:12 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Rovio
[2013/06/04 06:17:32 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\SanDisk
[2010/08/07 21:11:16 | 000,000,000 | RH-D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\SecuROM
[2010/09/16 12:34:13 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Skip-Bo
[2014/02/28 16:31:31 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Skype
[2012/02/07 18:17:13 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\SmartDVDCreator
[2014/03/09 12:00:54 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\SolSuite
[2010/05/29 16:01:54 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Template
[2011/03/15 19:24:49 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Tific
[2010/09/28 12:22:01 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\UNOUndercover
[2010/02/09 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\uTorrent
[2010/02/23 15:53:27 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\VMware
[2014/01/04 03:51:25 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Webshots
[2014/01/03 12:18:46 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WebshotsDailyFeatures
[2011/03/06 07:42:26 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WebshotsDailyFeatures.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2013/04/23 15:42:28 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WildTangent
[2010/02/02 11:28:23 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WinBatch
[2014/05/01 07:29:47 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\Wise Disk Cleaner
[2014/03/27 08:25:54 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WiseUpdate
[2010/01/10 22:09:10 | 000,000,000 | ---D | M] -- C:\Users\Mark Fruehling\AppData\Roaming\WordWeb
< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: CSRSS.EXE >
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009/07/13 20:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 01:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 01:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 01:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 01:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: MSWSOCK.DLL >
[2009/07/13 20:15:51 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=11A41F17527ED75D6B758FDD7F4FD00D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_b829ad298e9f53ff\mswsock.dll
[2010/11/20 08:27:10 | 000,326,144 | ---- | M] (Microsoft Corporation) MD5=1D5185A4C7E6695431AE4B55C3D7D333 -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[2013/09/06 21:04:16 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=6547D445C4B69DC0083B619AC642DF04 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_bac3d364a4c3ea89\mswsock.dll
[2010/11/20 07:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=8999B8631C7FD9F7F9EC3CAFD953BA24 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
[2013/09/07 21:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\SysNative\mswsock.dll
[2013/09/07 21:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=9A9F9F1A77D6A80EE28B57664F00013E -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_164e004b440bdabf\mswsock.dll
[2013/09/06 21:24:39 | 000,327,168 | ---- | M] (Microsoft Corporation) MD5=BDDB1FD258B92DEE00F222D3304B5D9C -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.22444_none_16e26ee85d215bbf\mswsock.dll
[2013/09/07 21:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\SysWOW64\mswsock.dll
[2013/09/07 21:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) MD5=E94C583CDE2348950155F2AF2876F34D -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.18254_none_ba2f64c78bae6989\mswsock.dll
[2009/07/13 20:41:34 | 000,320,000 | ---- | M] (Microsoft Corporation) MD5=FC76FE3C1E1FDB761244D4F74EF560FD -- C:\Windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7600.16385_none_144848ad46fcc535\mswsock.dll
< MD5 for: NAPINSP.DLL >
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\SysWOW64\NapiNSP.dll
[2009/07/13 20:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0B7E85364CB878E2AD531DB7B601A9E5 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_abf396ebf0847c31\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\SysNative\NapiNSP.dll
[2009/07/13 20:41:52 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=58A0CDABEA255616827B1C22C9994466 -- C:\Windows\winsxs\amd64_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.1.7600.16385_none_0812326fa8e1ed67\NapiNSP.dll
< MD5 for: NLAAPI.DLL >
[2009/07/13 20:16:03 | 000,051,712 | ---- | M] (Microsoft Corporation) MD5=045DB4EAB4FBD23210E85ECC3F464A2E -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_cdcf91c058fc0e07\nlaapi.dll
[2012/01/13 02:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\SysWOW64\nlaapi.dll
[2012/01/13 02:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=0BA65122FFA7E37564EE86422DBF7AE8 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_cfca9d84561311f2\nlaapi.dll
[2010/11/20 07:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=104A1070E90F1C530328E69B49718841 -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_d000a58855ea91a1\nlaapi.dll
[2012/10/03 11:29:27 | 000,052,224 | ---- | M] (Microsoft Corporation) MD5=11B8C7970C10650827D060AA81BEE63F -- C:\Windows\winsxs\wow64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_d07f52216f10753a\nlaapi.dll
[2010/11/20 08:27:22 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=2DF36F15B2BC1571A6A542A3C2107920 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17514_none_c5abfb362189cfa6\nlaapi.dll
[2012/10/03 12:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\SysNative\nlaapi.dll
[2012/10/03 12:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=46BB91A169B9B31FF44EB04C48EC1D41 -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.17964_none_c575f33221b24ff7\nlaapi.dll
[2009/07/13 20:41:52 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=86E3822A34D454032D8E88C72AE8CF2D -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7600.16385_none_c37ae76e249b4c0c\nlaapi.dll
[2012/10/03 12:32:48 | 000,070,656 | ---- | M] (Microsoft Corporation) MD5=C98BCE54F31113D5E736C1097FD086DC -- C:\Windows\winsxs\amd64_microsoft-windows-nlasvc_31bf3856ad364e35_6.1.7601.22124_none_c62aa7cf3aafb33f\nlaapi.dll
< MD5 for: PNRPNSP.DLL >
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\SysWOW64\pnrpnsp.dll
[2009/07/13 20:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) MD5=5CF640EDDB1E40A5AB1BB743BCDEC610 -- C:\Windows\winsxs\wow64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_d7c8b1ac70865dab\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\SysNative\pnrpnsp.dll
[2009/07/13 20:41:53 | 000,086,016 | ---- | M] (Microsoft Corporation) MD5=613C8CE10A5FDE582BA5FA64C4D56AAA -- C:\Windows\winsxs\amd64_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.1.7600.16385_none_cd74075a3c259bb0\pnrpnsp.dll
< MD5 for: PRINTISOLATIONHOST.EXE >
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\SysNative\PrintIsolationHost.exe
[2009/07/13 20:39:27 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=22F020C76E339EB2B2187BA73A7E4173 -- C:\Windows\winsxs\amd64_microsoft-windows-p..ng-server-isolation_31bf3856ad364e35_6.1.7600.16385_none_f8a40495785334a9\PrintIsolationHost.exe
< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USER32.DLL >
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 20:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 20:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 02:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 01:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WINRNR.DLL >
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\SysNative\winrnr.dll
[2009/07/13 20:41:56 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=2E2072EB48238FCA8FBB7A9F5FABAC45 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_b543449669c73e11\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\SysWOW64\winrnr.dll
[2009/07/13 20:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=5DF5D8CFD9B9573FA3B2C89D9061A240 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.1.7600.16385_none_5924a912b169ccdb\winrnr.dll
< MD5 for: WSHELPER.DLL >
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 20:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 20:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll
< C:\Windows\assembly\tmp\U\*.* /s >
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014/03/07 08:12:05 | 000,804,560 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2014/03/07 08:12:05 | 000,804,560 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014/04/23 19:33:15 | 000,841,032 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014/03/07 08:12:03 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014/03/07 08:12:03 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014/03/07 08:12:03 | 000,218,624 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014/03/07 08:12:05 | 000,804,560 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE [2014/03/07 08:12:05 | 000,804,560 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %ProgramFiles%\WINDOWS NT\*.* /s >
[2010/11/20 07:17:57 | 004,247,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\wordpad.exe
[2009/07/13 20:16:20 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\WordpadFilter.dll
[2009/07/13 21:06:02 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\Accessories\en-US\wordpad.exe.mui
[2009/07/13 20:16:15 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextService.dll
[2009/06/10 16:43:18 | 000,016,212 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2009/06/10 16:43:18 | 001,272,822 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2009/06/10 16:43:18 | 000,980,102 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2009/06/10 16:43:19 | 001,665,878 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
[2009/06/10 16:43:19 | 001,445,430 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
[2009/06/10 16:43:19 | 001,810,352 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
[2009/06/10 16:43:19 | 000,044,968 | ---- | M] () -- C:\Program Files (x86)\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2009/07/13 21:05:26 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\WINDOWS NT\TableTextService\en-US\TableTextService.dll.mui
< %systemroot%\system32\drivers\*.sys /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:A3F4C22C
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Here is the log file Extras created after OTL is executed:
OTL Extras logfile created on: 5/1/2014 6:58:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mark Fruehling\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 52.26% Memory free
3.75 Gb Paging File | 2.45 Gb Available in Paging File | 65.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.88 Gb Total Space | 84.82 Gb Free Space | 38.23% Space Free | Partition Type: NTFS
Drive D: | 10.90 Gb Total Space | 2.02 Gb Free Space | 18.55% Space Free | Partition Type: NTFS
Drive G: | 1.87 Gb Total Space | 0.23 Gb Free Space | 12.40% Space Free | Partition Type: FAT
Computer Name: MARKFRUEHLING | User Name: Mark Fruehling | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1l",OpenURL %l (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E215F7-931A-45FB-8161-DC5450FAB60B}" = lport=445 | protocol=6 | dir=in | app=system |
"{0B836242-EC87-450A-B0FD-2468A3A74A48}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3056AA6E-46B4-44F7-AC85-77AB157D6C22}" = lport=139 | protocol=6 | dir=in | app=system |
"{38D1B097-549F-4FC3-A125-ECDDFDFAF202}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4701CBFB-A937-4928-9D13-48A3ADD5FFEF}" = rport=445 | protocol=6 | dir=out | app=system |
"{4C2686AE-A9D5-4778-B4FE-305FD048A6F7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{5B53D62B-7790-45FB-BA2F-E84C5771B028}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D918CB3-BB23-4F7E-8321-2CAEFF04B3BA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7D5CEA8B-48CB-4B28-A9BC-3EC3F4CCB191}" = rport=137 | protocol=17 | dir=out | app=system |
"{9674667B-C69A-4C3A-A1F3-876606CAA2E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{C029BD05-3A50-41E3-8169-654FAD21E16C}" = rport=139 | protocol=6 | dir=out | app=system |
"{D03B660E-7779-4578-A7E1-072A24723575}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB40C8D6-012D-45A1-A36C-528FD7D06C41}" = rport=138 | protocol=17 | dir=out | app=system |
"{F72262F7-6516-4A2D-9624-B0442C0DE01C}" = lport=138 | protocol=17 | dir=in | app=system |
"{FBEDA43F-E49B-42C9-B287-F74BDF64428C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0081DF34-D474-4DE5-93ED-382A2FE497CC}" = protocol=6 | dir=in | app=c:\games\skipbo\skip-bo castaway caper\skipbocastawaycaper.exe |
"{008FD6C9-22B3-41D9-8AC5-8CCBCB169EDA}" = protocol=17 | dir=in | app=c:\games\raiders\raidersdemo\sofrdemo.exe |
"{00B5E095-B1DB-4CE7-BC1A-67696C82E030}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsupdatemanager\avsupdatemanager.exe |
"{0160B4A1-78DB-42A1-8EC8-C4A1002048B7}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{033DC5BF-91AD-40C1-9324-41600F8AD9BF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{03405B03-D8BD-4D1A-A83B-BB49CB6C615A}" = protocol=17 | dir=in | app=c:\program files (x86)\4musics mp3 bitrate changer\mp3-mp3.exe |
"{04571D61-2231-4B14-A3F8-2EC2385E17A0}" = protocol=6 | dir=in | app=c:\games\ship sim 2008\shipsim2008demo\shipsim2008_demo.exe |
"{05A0B195-77A3-47B3-ADF2-477A0B57C70A}" = protocol=6 | dir=in | app=c:\games\ghost - graw 2\ghost recon advanced warfighter 2\graw2.exe |
"{0778C77C-05B5-4616-83A8-7738AF025050}" = protocol=6 | dir=in | app=c:\games\ghost recon\ghostrecon.exe |
"{08D85FDB-1751-4D7E-B439-04762F176662}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{091450CD-1E88-42C8-AEE0-B1BA10B0EA4A}" = protocol=17 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmplayer.exe |
"{0A76CD2E-A2D7-4C99-85B7-D4B7644DACAE}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsphotoeditor\avsphotoeditor.exe |
"{0A889B1C-0303-4D08-A6E7-FCFB25DC4341}" = protocol=6 | dir=in | app=c:\program files (x86)\beetle buggin'\beetle.exe |
"{0B658FF9-1F2A-454C-8ACC-03247C17E287}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0C35E704-BBC7-429F-8FA0-650BBC8EF3B7}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{0D61F388-7A9B-4FFE-91AB-54327B357E6F}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{1078129A-7EE9-4721-ABEB-B4A23E651594}" = protocol=6 | dir=in | app=c:\program files (x86)\cdburnerxp\cdbxpp.exe |
"{11D7D4E1-A4C8-4764-9E41-3DF7D2E636FC}" = protocol=6 | dir=in | app=c:\games\nukem manhattan\dukenukemmp.exe |
"{11D92F59-2FA3-42E5-91AD-EA986C08BA5B}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsvideoremaker\avsvideoremaker.exe |
"{1236B734-E1BF-47B4-87A0-476F0B2DF1BB}" = protocol=6 | dir=in | app=c:\games\warcraft 3\warcraft iii demo\warcraft iii demo.exe |
"{130A2333-6999-40CB-8DF5-68EEC8545013}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsringtonemaker\avsringtonemaker.exe |
"{1587AE91-B2B9-42C9-B90F-21E5D4F9FA5A}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsimageconverter\avsimageconverter.exe |
"{183930C2-FD8E-4B1E-868E-038E67ECDDF3}" = protocol=6 | dir=in | app=c:\games\call of duty\codsp.exe |
"{1ACBAEC4-261E-4ED4-817F-B2C9D42514BD}" = protocol=6 | dir=in | app=c:\games\civ 3\civilization3.exe |
"{1B85DCD7-6B62-4A24-8F1C-B5A5059939A0}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsscreencapture\avsscreencapture.exe |
"{1C530F46-D88C-4BFC-931D-124CC0814E30}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D962955-492A-4855-BAA0-FA5D4B65BA53}" = protocol=17 | dir=in | app=c:\games\hidden and dangerous\bin\hde.exe |
"{1EAFB326-AA05-413A-99CB-A3409AD71751}" = protocol=17 | dir=in | app=c:\program files (x86)\wordweb\wwnotray.exe |
"{22EAF888-942F-43EC-9D98-67370AFBB301}" = protocol=6 | dir=in | app=c:\program files (x86)\getright\getright.exe |
"{25B46621-3AB2-4868-A5AA-152487DD49C1}" = protocol=17 | dir=in | app=f:\downloads\012710\setup.exe |
"{27310EFC-1450-4AF4-B980-1F95FECA0E64}" = protocol=6 | dir=in | app=c:\games\gunman\gunman\gunman.exe |
"{282DD0F9-49CD-45D9-8B2D-A4C50A783635}" = protocol=6 | dir=in | app=c:\games\halo\halo.exe |
"{2AE937A0-EEBB-4862-A343-E8EF5A443570}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsvideoconverter\avsvideoconverter.exe |
"{2B5CEC60-03B9-405D-B0D4-4F6C726D6A22}" = protocol=17 | dir=in | app=c:\games\skipbo\skip-bo castaway caper\skipbocastawaycaper.exe |
"{2C3F0013-AD7E-455C-86A3-F9A830B6B966}" = protocol=17 | dir=in | app=c:\games\age of empires 3\age3.exe |
"{2D2C300D-BF2E-40A6-89EA-28B52DE4A6C5}" = protocol=17 | dir=in | app=c:\games\pure sudoku\puresudoku.exe |
"{2F851B70-1CA1-4947-86F0-04A54225D39A}" = protocol=17 | dir=in | app=c:\games\call of duty\codsp.exe |
"{36C13DAC-1B6B-443D-8E4E-EC008FCEE01E}" = protocol=17 | dir=in | app=c:\program files (x86)\wise disk cleaner\wisediskcleaner.exe |
"{36F82ACD-4F3F-4B03-83C8-2FF261639872}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsdvdcopy\avsdvdcopy.exe |
"{3837E7EC-FD24-4537-A817-EAF2EEB575EF}" = protocol=6 | dir=in | app=c:\games\serious sam 2\serious sam 2 demo\bin\sam2.exe |
"{39D0DF3B-B6B2-442E-9D87-C74A515E858F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C6A4648-56E4-4201-8BF1-E7661DF900CE}" = protocol=6 | dir=in | app=c:\games\links 2001\linkslauncher.exe |
"{43616606-4C98-4218-8263-6609DB98CB33}" = protocol=6 | dir=in | app=c:\games\age of empires 3\age3.exe |
"{43DF51B8-4939-43D3-AA5A-710C023BA91A}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsscreencapture\avsscreencapture.exe |
"{471B0D74-80BC-4B30-9A4A-1650812D834F}" = protocol=17 | dir=in | app=c:\games\links 2003\linkslauncher.exe |
"{47E83B8A-C30A-4366-AC40-148F626C3B42}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4A71E711-E9D3-4D4E-936D-C2D3B78933AB}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsvideorecorder\avsvideorecorder.exe |
"{4AC5558F-C4FA-434D-A1BF-BB5E9564E4A3}" = protocol=17 | dir=in | app=c:\games\halo\halo.exe |
"{4CEE0593-6075-413E-B105-5183627FC7D4}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{5056D7EA-A522-4275-BCD8-E2D3577E9BFC}" = protocol=17 | dir=in | app=e:\painkiller_booh.exe |
"{5389CC14-01AB-4557-82C7-4DF57BABE403}" = protocol=17 | dir=in | app=c:\program files (x86)\beetle buggin'\beetle.exe |
"{5391DD16-F693-4AEA-9F2A-7C6E5CAA3C88}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsaudiorecorder\avsaudiorecorder.exe |
"{5486D56F-69A7-4A9B-9DD4-BACB59EF8082}" = protocol=6 | dir=in | app=c:\program files (x86)\wise disk cleaner\wisediskcleaner.exe |
"{5780592D-9164-4FEC-B3B1-7AF6B8FC4358}" = protocol=6 | dir=in | app=c:\program files (x86)\vmware\vmware player\vmplayer.exe |
"{582C6B09-9594-4E6F-848D-5665FBA0E99D}" = protocol=17 | dir=in | app=c:\games\sc double agent\scda-offline\system\splintercell4.exe |
"{59BCC430-BB07-4F16-A757-C4E2750F125C}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsvideoeditor\avsvideoeditor.exe |
"{5C01C52A-F096-4B47-8D13-56372D91CE5E}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avssoftwarenavigator\avs4yousoftwarenavigator.exe |
"{5DED993D-5500-4733-8964-7479F75E0934}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{5E00D4BF-DC99-408F-95CA-D0911E27B308}" = protocol=6 | dir=in | app=c:\games\heretic 2\heretic2.exe |
"{5E991DC1-1DBD-456C-8D8F-44DA9E348505}" = protocol=6 | dir=in | app=c:\games\super mario 3\mario forever 5.0\mario forever 5.0.exe |
"{6073A6A5-C89A-4138-B463-EC7DDD7CE1B2}" = protocol=6 | dir=in | app=c:\games\avp\avp.exe |
"{60893BB1-6230-416B-B8A2-813BBD20171D}" = protocol=6 | dir=in | app=c:\games\links 2003\linkslauncher.exe |
"{6508A229-F68A-4FA1-8DE9-DC67AC735877}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{651FF08C-233E-48AF-B980-FA2EB0DDD1E2}" = protocol=17 | dir=in | app=c:\games\heretic 2\heretic2.exe |
"{655716F6-DFDC-4451-8A38-B68E6E2819B6}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsdocumentconverter\avsdocumentconverter.exe |
"{67177290-ACAA-4F66-BD46-3DBF48A1821B}" = protocol=6 | dir=in | app=c:\program files (x86)\dvdfab 8 qt\dvdfab.exe |
"{67D82ACE-8DA7-47F1-80F6-A5CA106831D8}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{6B06AD8F-8857-4E15-8C7E-B5656168BB96}" = protocol=6 | dir=in | app=c:\games\rainbow 6\rainbowsix.exe |
"{6F12A411-D58D-499F-9DC8-F39ADA999705}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsupdatemanager\avsupdatemanager.exe |
"{70C7D2F5-E2F7-41E8-AEAC-5411473560A3}" = protocol=6 | dir=in | app=c:\games\aoe 3 the war chiefs\age3x.exe |
"{73B27D85-9B6A-4AED-A3A8-778C6164E518}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsregistrycleaner\avsregistrycleaner.exe |
"{742829DB-A2D5-4132-A45D-33DB2B2A8338}" = protocol=17 | dir=in | app=c:\games\half life\half life\half-life\hl.exe |
"{75CEEF97-EA25-4FCA-9F17-58FA261F7F6B}" = protocol=17 | dir=in | app=c:\program files (x86)\dvdfab 8 qt\dvdfab.exe |
"{76274614-567A-4D01-8CE5-910E07AB2308}" = protocol=6 | dir=in | app=e:\painkiller_booh.exe |
"{763AF040-2F6E-4593-B0F1-8C8A72862548}" = protocol=17 | dir=in | app=c:\games\uno\uno - undercover\uno undercover.exe |
"{76777F96-AFA9-4120-BBD4-A8290D6A3616}" = protocol=6 | dir=in | app=c:\games\x-com enforcer\system\xcomed.exe |
"{77EA8D97-C46E-468B-845F-6583A4F2712C}" = protocol=6 | dir=in | app=c:\games\undying\system\undying.exe |
"{786764E6-8F47-407A-9A5E-6BF80FDC59CC}" = protocol=1 | dir=in | [email protected],-28543 |
"{7939BCD6-F114-452B-AF6D-78F244E603DD}" = protocol=6 | dir=in | app=c:\games\dig dug\virtuanes.exe |
"{7CE653A6-5F10-4786-B82C-ACB679FC9720}" = protocol=17 | dir=in | app=c:\games\x-com enforcer\system\xcomed.exe |
"{7DB75667-69AE-412B-9C67-401121766C61}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7F005474-7BCD-4F0F-8394-6EAD9D075429}" = protocol=6 | dir=in | app=c:\program files (x86)\juno\exec.exe |
"{7FD46BB1-1605-4981-83A0-BDBEA47B0F31}" = protocol=17 | dir=in | app=c:\games\df bh down platinum pack\dfbhd.exe |
"{83E0491D-9838-44A5-9393-4FE5472EA5A6}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsdvdcopy\avsdvdcopy.exe |
"{83F9FAFE-A3E0-41D0-935C-3E28A536FE77}" = protocol=6 | dir=in | app=c:\games\ghost - graw 2\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{85FB6D78-9AE6-4313-ADEA-1146566F3923}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsvideoconverter\avsvideoconverter.exe |
"{8762B572-A789-4FB0-A2DA-E3D095AABA69}" = protocol=17 | dir=in | app=c:\games\ship sim 2008\shipsim2008demo\shipsim2008_demo.exe |
"{88F99378-DE04-494C-9970-A8FE6F7A662C}" = protocol=17 | dir=in | app=c:\games\ghost recon\ghostrecon.exe |
"{8BB827B0-A4EF-42A6-95F4-FE6E6650584B}" = protocol=6 | dir=in | app=c:\games\sc double agent\scda-offline\system\splintercell4.exe |
"{8C077B89-FF3C-4B55-9CE5-A58524679272}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsmediaplayer\avsmediaplayer.exe |
"{8D83F711-831C-44A9-BB87-FAD752CF426A}" = protocol=17 | dir=in | app=c:\program files (x86)\netzero\exec.exe |
"{8D9B7484-2DD1-4C61-AC86-742900D6F19D}" = protocol=17 | dir=in | app=c:\games\warcraft 3\warcraft iii demo\warcraft iii demo.exe |
"{8DEB68C6-7583-4516-9D96-5BBB181EE51A}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsmediaplayer\avsmediaplayer.exe |
"{8F6ACC36-FF6A-449E-9FC7-152DBCDA9EED}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsvideoremaker\avsvideoremaker.exe |
"{90E40983-3F3F-439A-9884-65BE005E98E9}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsvideorecorder\avsvideorecorder.exe |
"{9120FF68-07E3-417B-8403-9F966871F2FF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{93C8B863-3739-4AA1-8E09-0B8657A656D1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\avsmedia\videouploader\avsvideouploader.exe |
"{954A5CE3-A9FF-49E1-86DB-53ECBE1015F8}" = protocol=17 | dir=in | app=c:\games\half life\opposing forces\opfor\hl.exe |
"{9599B4B3-3DD0-4DC4-82EB-8915F13AE9BB}" = protocol=17 | dir=in | app=c:\games\ghost - graw 2\ghost recon advanced warfighter 2\graw2.exe |
"{95B604F2-0B18-4534-A80B-25C1B478C900}" = protocol=17 | dir=in | app=e:\painkillersetup.exe |
"{979D0882-AB11-4DB4-9DCD-9A71070AB515}" = protocol=6 | dir=in | app=c:\games\half life\opposing forces\opfor\hl.exe |
"{9CF5E129-5158-440F-A208-053959AB8C55}" = protocol=6 | dir=in | app=c:\games\avp2\avp2.exe |
"{9EA50CCE-FEAA-454C-AD8E-E1D2341605B8}" = protocol=17 | dir=in | app=c:\games\serious sam 2\serious sam 2 demo\bin\sam2.exe |
"{9F1892D6-4A91-45DE-949E-B686CD3B4FB3}" = protocol=6 | dir=in | app=c:\games\emergency fire response\fdmaster.exe |
"{A071292E-01CE-4F28-A861-8031952BBCAF}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avscovereditor\avscovereditor2.exe |
"{A0718D9C-996D-4854-A0A5-3002B6E7C255}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{A15F85FE-B285-4488-82E0-6B229D7D9AF7}" = protocol=6 | dir=in | app=c:\program files (x86)\wordweb\wwnotray.exe |
"{A2AA3787-559D-4DB0-83F6-E7A0591FEA41}" = protocol=1 | dir=out | [email protected],-28544 |
"{A33CE982-3730-4832-8CAD-9A11189536D9}" = protocol=17 | dir=in | app=c:\games\civ 3\civilization3.exe |
"{A606E902-F5EC-4424-9A3C-5D50DF3AFDB0}" = protocol=6 | dir=in | app=c:\games\half life\half life\half-life\hl.exe |
"{A72E9F05-11E8-4291-A38B-5E1B388ED3FA}" = protocol=17 | dir=in | app=c:\games\links 2001\linkslauncher.exe |
"{AA7292C5-5985-421C-BA37-FF9CEE1C1A25}" = protocol=17 | dir=in | app=c:\games\archangel\bin\game.exe |
"{AA78F518-50DC-4E94-8405-33DABB054DDA}" = protocol=6 | dir=in | app=c:\games\archangel\bin\game.exe |
"{AAAE5063-FD99-41BC-986A-8A6CB824E8E3}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsaudiorecorder\avsaudiorecorder.exe |
"{AAE5AA0B-2F57-4298-B388-64E6B84FCC62}" = protocol=6 | dir=in | app=c:\games\df bh down platinum pack\dfbhd.exe |
"{AD85A3C7-02B9-48C6-A67E-13315B3409F4}" = protocol=17 | dir=in | app=c:\program files (x86)\cdburnerxp\cdbxpp.exe |
"{B0CBBF5D-FDD3-4DFB-AB3E-A15B3608FA2F}" = protocol=17 | dir=in | app=c:\games\avp\avp.exe |
"{B227B426-C386-45A2-AC6D-127793E6F0D2}" = protocol=17 | dir=in | app=c:\games\super mario 3\mario forever 5.0\mario forever 5.0.exe |
"{B25F1D13-5A04-4FE2-9248-C2B4BC3B1F2F}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{B3A4CE8E-D008-4C02-B892-20BCA637B4AF}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{B590A402-3725-4803-8B8B-ABD8E7617055}" = protocol=6 | dir=in | app=c:\games\aoe 3 asian dynasties\age3y.exe |
"{B7AFC053-A341-4948-8CAB-9C7D817FC9F2}" = protocol=6 | dir=in | app=c:\program files (x86)\uniblue\driverscanner\launcher.exe |
"{B954A5D4-F787-440C-904B-D8B61D6B8718}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B9C865DF-1405-4612-8B88-E3F9B7C16637}" = protocol=17 | dir=in | app=c:\games\gunman\gunman\gunman.exe |
"{BB344A76-6CF0-416C-8933-D3B6D78BEEC5}" = protocol=17 | dir=in | app=c:\program files (x86)\getright\getright.exe |
"{BB527D5B-ED7C-4371-8699-6619ADF716CC}" = protocol=6 | dir=in | app=e:\painkillersetup.exe |
"{BBF9C586-BC47-47F8-903E-8803658EA80A}" = protocol=17 | dir=in | app=c:\games\emergency fire response\fdmaster.exe |
"{BDB8E565-EBF6-4EFD-BB89-A7CFEEE127ED}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsphotoeditor\avsphotoeditor.exe |
"{BDFCF735-96F2-4EFE-A52C-DB15DDFA0946}" = protocol=17 | dir=in | app=c:\games\undying\system\undying.exe |
"{BEBA49D8-F8B5-469D-9664-356F649E22E0}" = protocol=17 | dir=in | app=c:\games\splinter cell chaos theory\system\splintercell3.exe |
"{BEFFA33E-DC33-471A-9727-B670EA916C2E}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsvideoeditor\avsvideoeditor.exe |
"{BFF6FA0D-482E-42AD-9EB0-A776CCB1377E}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsaudioeditor\avsaudioeditor.exe |
"{C12910E7-481C-4A9D-B666-744C0315E5CF}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsaudioconverter\avsaudioconverter.exe |
"{C37947D3-8A9B-4F47-B549-0A39108EC051}" = protocol=6 | dir=in | app=c:\games\mvp baseball 2003\mvp2003.exe |
"{C4CE4CA5-CEAB-4EE8-8D6A-48051912658C}" = protocol=6 | dir=in | app=f:\downloads\012710\setup.exe |
"{C80D8BAE-D935-4200-8CCD-E5285FAEF5C8}" = protocol=17 | dir=in | app=c:\games\half life\blue shift\blue-shift\bshift.exe |
"{C9BB6457-D8CF-4AF4-BE1D-15A03A22E6C2}" = protocol=17 | dir=in | app=c:\games\aoe 3 asian dynasties\age3y.exe |
"{CA0F320D-F3B8-433E-A262-822AEDD01A3C}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsdocumentconverter\avsdocumentconverter.exe |
"{CE975B49-ED9B-4A0C-9015-27DFBC343DD1}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avssoftwarenavigator\avs4yousoftwarenavigator.exe |
"{CEA50A70-1288-4605-900D-D50F487AD448}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{D001849C-409B-42CE-9030-DAC6670E425A}" = protocol=58 | dir=in | [email protected],-28545 |
"{D085AFB2-3340-441E-9637-46EABAA51B60}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{D0F24888-AA56-41AD-9520-BA8044AD436F}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{D2A3A1C1-1839-45E4-9EBB-2CEF0A7F52E5}" = protocol=6 | dir=in | app=c:\games\splinter cell chaos theory\system\splintercell3.exe |
"{D53C2955-FE80-4ED8-BC58-B5B677D1F919}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsregistrycleaner\avsregistrycleaner.exe |
"{D6443658-52F9-4BF1-9808-D44C69A9ADA5}" = protocol=17 | dir=in | app=c:\games\dig dug\virtuanes.exe |
"{D717135B-55F5-411B-AA7A-32A70DA7CCBF}" = protocol=17 | dir=in | app=c:\games\rainbow 6\rainbowsix.exe |
"{DB4534EA-92A3-4FC7-ACF1-A3463EF27E23}" = protocol=6 | dir=in | app=c:\program files (x86)\netzero\exec.exe |
"{DBA57435-7CD4-4257-A0B8-A7805822D42B}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{DBAF5C1F-72B7-4BA0-82BF-638A3EDC2B4E}" = protocol=17 | dir=in | app=c:\games\nukem manhattan\dukenukemmp.exe |
"{DC289CE3-D438-48E5-9894-9F597350C88D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DCDCFDAA-D5E1-4221-802C-6416B78CF47A}" = protocol=17 | dir=in | app=c:\games\aoe 3 the war chiefs\age3x.exe |
"{DD811742-372C-48B8-8F7B-3B827548DBDD}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\avsmedia\videouploader\avsvideouploader.exe |
"{E348EB09-F456-486B-A622-ED066FE83551}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsaudioconverter\avsaudioconverter.exe |
"{E593D1F1-88CD-4998-9069-0AF6FF874776}" = protocol=17 | dir=in | app=c:\games\avp2\avp2.exe |
"{E6A3225B-94E5-4784-8B20-5DA4DA060223}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsimageconverter\avsimageconverter.exe |
"{E7BDDAA4-324B-4DBD-A949-C3D9766E1A54}" = protocol=17 | dir=in | app=c:\games\mvp baseball 2003\mvp2003.exe |
"{E804B426-EBA6-4AD6-9ADF-B94CAAE494BF}" = protocol=6 | dir=in | app=c:\games\raiders\raidersdemo\sofrdemo.exe |
"{E92F6543-490F-457B-A532-6E095858E280}" = protocol=6 | dir=in | app=c:\games\uno\uno - undercover\uno undercover.exe |
"{E93C533F-90AF-4860-9B48-C80097E1ED34}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsdisccreator\avsdisccreator.exe |
"{EBD06E1F-D1B9-4AE6-B40B-9A739DFA1F52}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{EC89716A-D4D3-41CC-8708-81AB7247E1A1}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsaudioeditor\avsaudioeditor.exe |
"{F061E905-F486-4112-9ADC-6E0D93BA6CBD}" = protocol=17 | dir=in | app=c:\games\ghost - graw 2\ghost recon advanced warfighter 2\graw2_dedicated.exe |
"{F2BBC5A2-7CFF-41F2-890B-675B198A20B4}" = protocol=6 | dir=in | app=c:\games\hidden and dangerous\bin\hde.exe |
"{F2D3116B-4895-4BFE-8195-6FC9C0DB9999}" = protocol=6 | dir=in | app=c:\program files (x86)\4musics mp3 bitrate changer\mp3-mp3.exe |
"{F4178DE3-D679-460A-BD3A-78E1FD407E80}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avscovereditor\avscovereditor2.exe |
"{F436A693-841B-447C-95CD-FF00FC2CEED2}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{F571E2C5-8A35-4577-A1CB-6869DDF756F1}" = protocol=17 | dir=in | app=c:\program files (x86)\avs4you\avsdisccreator\avsdisccreator.exe |
"{F684EFD8-540C-4FB6-987A-DC727F787504}" = protocol=6 | dir=in | app=c:\games\pure sudoku\puresudoku.exe |
"{F7A36996-0367-4B6F-BA20-CD0AA684CE2D}" = protocol=6 | dir=in | app=c:\program files (x86)\avs4you\avsringtonemaker\avsringtonemaker.exe |
"{F7AFE5B5-305E-4175-9285-5F9E7EF91AE3}" = protocol=17 | dir=in | app=c:\program files (x86)\uniblue\driverscanner\launcher.exe |
"{FB3D1199-E138-4A14-94C6-954508883CE4}" = protocol=6 | dir=in | app=c:\games\half life\blue shift\blue-shift\bshift.exe |
"{FB4365BA-B7B8-4575-9342-C403EA990ACE}" = protocol=17 | dir=in | app=c:\program files (x86)\juno\exec.exe |
"{FC3BAF8D-801F-4A68-A9F9-5CC35F36F907}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{0D0CEA61-BB30-4349-A336-87442404FE2A}C:\games\delta force\df.exe" = protocol=6 | dir=in | app=c:\games\delta force\df.exe |
"TCP Query User{0F0E318C-BE84-4E8A-A00D-21015C12DD20}C:\games\links 2001\linksmmi.exe" = protocol=6 | dir=in | app=c:\games\links 2001\linksmmi.exe |
"TCP Query User{2C5E535E-6B3A-4E0E-A94B-DF7024BD499D}C:\program files\juno\bin\juno.exe" = protocol=6 | dir=in | app=c:\program files\juno\bin\juno.exe |
"TCP Query User{2E1AC75B-2353-42A2-B5CF-1A69373E00D6}C:\games\sc double agent\scda-offline\system\splintercell4.exe" = protocol=6 | dir=in | app=c:\games\sc double agent\scda-offline\system\splintercell4.exe |
"TCP Query User{503593DA-945C-4846-A5ED-F05AD0D38625}C:\games\super powers 2\joshua.exe" = protocol=6 | dir=in | app=c:\games\super powers 2\joshua.exe |
"TCP Query User{66853B02-6596-4489-916D-8B29FAE01AFD}C:\program files\juno\bin\juno.exe" = protocol=6 | dir=in | app=c:\program files\juno\bin\juno.exe |
"TCP Query User{66F39198-0299-4D03-B67D-4E5C6293B4B3}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{B0DE7C5C-C1B6-4D3A-B5E8-D2F1F46706B2}C:\games\soldier of fortune 2\sof2mp.exe" = protocol=6 | dir=in | app=c:\games\soldier of fortune 2\sof2mp.exe |
"TCP Query User{FF565E56-2738-4E0A-90CE-2A965B007B66}C:\games\quake 3 arena demo\quake3.exe" = protocol=6 | dir=in | app=c:\games\quake 3 arena demo\quake3.exe |
"UDP Query User{157F4DAF-E1A4-4B00-BE22-5CA36CD8225F}C:\games\super powers 2\joshua.exe" = protocol=17 | dir=in | app=c:\games\super powers 2\joshua.exe |
"UDP Query User{294B4021-234C-4ECE-94EE-97FC51D90A2B}C:\games\delta force\df.exe" = protocol=17 | dir=in | app=c:\games\delta force\df.exe |
"UDP Query User{29B3CAE8-B043-4574-B89B-8C1A6DA63775}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{58D8F8DC-55E8-4996-A851-E19908F1EC4E}C:\games\links 2001\linksmmi.exe" = protocol=17 | dir=in | app=c:\games\links 2001\linksmmi.exe |
"UDP Query User{A5727D22-CD1B-4B07-A523-02C47A6ED1B5}C:\games\sc double agent\scda-offline\system\splintercell4.exe" = protocol=17 | dir=in | app=c:\games\sc double agent\scda-offline\system\splintercell4.exe |
"UDP Query User{B214C688-FD63-45EE-899B-A00CE1C8491A}C:\program files\juno\bin\juno.exe" = protocol=17 | dir=in | app=c:\program files\juno\bin\juno.exe |
"UDP Query User{CD3BD917-A668-443E-84EE-53C27132C3A2}C:\program files\juno\bin\juno.exe" = protocol=17 | dir=in | app=c:\program files\juno\bin\juno.exe |
"UDP Query User{CF25E6BE-22F6-4EAD-A729-D1C9DBAEA44A}C:\games\soldier of fortune 2\sof2mp.exe" = protocol=17 | dir=in | app=c:\games\soldier of fortune 2\sof2mp.exe |
"UDP Query User{D1480BDC-3264-45DF-8896-AB3B5FFE3C23}C:\games\quake 3 arena demo\quake3.exe" = protocol=17 | dir=in | app=c:\games\quake 3 arena demo\quake3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Software Informer_is1" = Software Informer 1.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0AD84416-63A4-4CF3-BDDF-8FA866711FB0}" = Civilization III
"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27DC856A-0916-4988-8198-8714DDD3183D}" = AGEIA PhysX v7.05.17
"{29B11F9F-5E2D-11D4-8BA5-0050BAAA20E2}" = Wheel of Fortune 2nd Edition
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{3209C8A2-558C-445C-832B-1AC552F59B11}" = Hoyle Demo
"{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"{37C28A3E-ADDC-484F-B7C4-A522B8E559DE}" = Superpower 2 - demo
"{3A681D82-5167-4418-BEBA-E8991486665B}" = Bing Bar
"{3C8C45D0-3DBF-4DC8-008D-0538032FDC12}" = MVP Baseball 2003
"{3D9E0F32-83ED-4D59-B27F-EEA19744A51E}" = Emergency Fire Response Demo
"{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1" = DriverIdentifier 4.0
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45EFEFDC-0007-4D31-A69E-8125F0229ACA}" = Aliens versus Predator 2 Demo
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{53CDAAAB-6D41-4A36-BAA4-90261DE31B13}" = NetZero For Cosmi
"{631A0B87-B0B7-4B47-00A2-119A4B942EB6}" = Clive Barker's Undying
"{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial
"{6741E797-825C-44C1-AFE7-ED94C4817FBD}" = Boku Sudoku
"{6c651250-2eb2-11d5-8e33-0050dad72ac2}" = NetZero Internet
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"{8FE54D21-8254-4CCF-AEE0-066496AE43F4}" = Delta Force - Black Hawk Down
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0296e52-6e9b-11d6-ace4-00105a0cf83f}" = Juno Internet
"{A4CEB917-6912-48AC-8999-588A3F3A8EEF}" = PC Attorney
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}" = Age of Empires III - The WarChiefs Trial
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B84DEFE1-0175-47C9-BC1D-8645FCBC0ECE}_is1" = Webshots Wallpaper & Screensaver version 1.2.3.123
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BE8DD809-A406-40E2-AB9F-28E69E737383}" = PKZIP for Windows 9.00.0010
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Activate Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D89EF3B3-6F17-4665-B7A9-A4235A6DC787}" = Ghost Recon
"{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1" = Uniblue SystemTweaker
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2009
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F78AC3C0-578C-49AB-BD4E-3107A6036A13}" = Tom Clancy's Ghost Recon Advanced Warfighter® 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3M Cloud Library PC App" = 3M Cloud Library PC App 1.39
"7-Zip" = 7-Zip 9.22beta
"8461-7759-5462-8226" = Vuze
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Aliens versus Predator" = Aliens versus Predator
"AnyDVD" = AnyDVD
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Audio Editor_is1" = AVS Audio Editor 7.2
"AVS Audio Recorder_is1" = AVS Audio Recorder version 4.0
"AVS Disc Creator_is1" = AVS Disc Creator 5
"AVS Document Converter_is1" = AVS Document Converter 2.2.8
"AVS DVD Copy_is1" = AVS DVD Copy 4.1.2.283
"AVS Image Converter_is1" = AVS Image Converter 2.3.2.248
"AVS Media Player_is1" = AVS Media Player 4.2.2.104
"AVS Photo Editor_is1" = AVS Photo Editor
"AVS Registry Cleaner_is1" = AVS Registry Cleaner 2.3.1.255
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.2.2.153
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"AVSCoverEditor2_is1" = AVS Cover Editor 2.0.1.3
"AVSRegistryCleaner_is1" = AVS Registry Cleaner version 2.2
"Beetle Crazy Cup" = Beetle Buggin'
"CloneDVD2" = CloneDVD2
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Daikatana" = Daikatana
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Delta Force" = Delta Force
"Duplicate Cleaner Free" = Duplicate Cleaner Free 3.2.3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"GameSpy Arcade" = GameSpy Arcade
"GetRight_is1" = GetRight
"GetSavin" = GetSavin
"G-Force" = G-Force
"Google Chrome" = Google Chrome
"GTA2" = GTA2
"Gunman Chronicles" = Gunman Chronicles
"Half-Life" = Half-Life
"Half-Life: Blue Shift" = Half-Life: Blue Shift
"Half-Life: Opposing Force" = Half-Life: Opposing Force
"Halo" = Microsoft Halo
"Heretic2UninstallKey" = Heretic II
"Homepage Protection" = Homepage Protection
"hp print screen utility" = hp print screen utility
"HP Remote Solution" = HP Remote Solution
"IcoConverter" = Ico Converter 1.4
"Incinerate_is1" = Incinerate
"Insectoid 1.0.2" = Insectoid 1.0.2
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{25B25C84-6132-4662-972B-4E4DC1B00C98}" = Age of Empires III Trial
"InstallShield_{3209C8A2-558C-445C-832B-1AC552F59B11}" = Hoyle Demo
"InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}" = DesignPro 5
"InstallShield_{37C28A3E-ADDC-484F-B7C4-A522B8E559DE}" = Superpower 2 - demo
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{63415CB1-3C97-4D9C-980D-336710EB0526}" = Age of Empires III - The Asian Dynasties Trial
"InstallShield_{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project
"InstallShield_{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}" = Age of Empires III - The WarChiefs Trial
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.42
"Links 2001 Demo 1.0" = Microsoft Links 2001 Demo
"Mario Forever 5.0" = Mario Forever 5.0
"Mario Forever 5.01" = Mario Forever 5.01
"Mario Forever 5.08 Direct X" = Mario Forever 5.08 Direct X
"Mplayer.com" = Mplayer.com
"MVApplication1" = Memorex exPressit Label Design Studio
"New Super Mario Forever PC" = New Super Mario Forever PC
"NIS" = Norton Internet Security
"Open Yahtzee" = Open Yahtzee
"Painkiller" = Painkiller
"Painkiller - Battle Out Of [bleep]" = Painkiller - Battle Out Of [bleep]
"Plants vs. Zombies" = Plants vs. Zombies
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"Pure Sudoku Deluxe_is1" = Pure Sudoku Deluxe 1.52
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"Rome Puzzle_is1" = Rome Puzzle
"SeriousSam2Demo" = Serious Sam 2 Demo
"ShipSim2008Demo" = Ship Simulator 2008 Demo
"SKIP-BO Castaway Caper" = SKIP-BO Castaway Caper (remove only)
"Soldier of Fortune II - Double Helix" = Soldier of Fortune II - Double Helix
"SolSuite_is1" = SolSuite 2013 v13.2
"Spin It Again" = Spin It Again
"STANDARDR" = Microsoft Office Standard 2007
"SubtitleCreator" = SubtitleCreator
"Super Mario 3 : Mario Forever" = Super Mario 3 : Mario Forever
"SystemRequirementsLab" = System Requirements Lab
"Telltale Texas Hold'em" = Telltale Texas Hold'em
"Tom Clancy's Rainbow Six" = Tom Clancy's Rainbow Six
"TurboRisk_is1" = TurboRisk 2.0
"TweakMP9" = Windows Media Player 9 Series TweakMP PowerToy
"Typer Shark Deluxe 1.01" = Typer Shark Deluxe 1.01
"UNO - Undercover" = UNO - Undercover (remove only)
"Wheel Of Fortune" = Wheel Of Fortune
"WildTangent hp Master Uninstall" = HP Games
"Wise Disk Cleaner_is1" = Wise Disk Cleaner 8.06
"WordWeb" = WordWeb
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download App" = Download App
"EMPU" = EMPU 2.2.1.4
"Sansa Updater" = Sansa Updater
========== Last 20 Event Log Errors ==========
[ Hewlett-Packard Events ]
Error - 4/22/2013 7:01:00 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 4/28/2013 11:03:33 PM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 40 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/5/2013 10:41:31 PM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 60 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/5/2013 10:49:06 PM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 60 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/5/2013 10:59:45 PM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 60 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/6/2013 8:38:31 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 50 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/6/2013 8:38:48 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 50 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/6/2013 8:39:09 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 50 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/6/2013 8:39:22 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 50 TargetSite: Void loadActiveCheckResult(Boolean)
Error - 5/6/2013 8:39:40 AM | Computer Name = MarkFruehling | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Message: Object reference not set to an instance of an object. StackTrace:
at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
includeIgnored) Source: HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01
Path:
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US
RAM:
1918 Ram Utilization: 50 TargetSite: Void loadActiveCheckResult(Boolean)
[ System Events ]
Error - 5/1/2014 7:25:59 PM | Computer Name = MarkFruehling | Source = DCOM | ID = 10010
Description =
< End of report >
I certainly appreciate your help, RK.
Thanks, Mark.
Edited by cabse5, 01 May 2014 - 07:43 PM.