Hi Guys,
A few days ago my computer was infected with the Packed.Win32.Krap.hc virus. It was detected by Kaspersky rescue disk. I've also tried using Malwarebytes, Spybot, Hitman Pro, Killzilla, adwcleaner and nothing seems to work. I think I got the virus downloading Adobe Photoshop trial, i was misdirected to a bogus webiste. I've had speedupmypc, flyplayer, and other programmes installed by the virus. I managed to get rid of some of them.
Any help with getting rid of this would be great.
Steve
This is the OTL file Ive just ran.
OTL logfile created on: 08/06/2014 23:00:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steven White\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
15.94 Gb Total Physical Memory | 14.14 Gb Available Physical Memory | 88.70% Memory free
31.89 Gb Paging File | 30.12 Gb Available in Paging File | 94.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 1509.95 Gb Free Space | 81.05% Space Free | Partition Type: NTFS
Drive D: | 384.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1863.01 Gb Total Space | 492.81 Gb Free Space | 26.45% Space Free | Partition Type: NTFS
Drive H: | 1862.98 Gb Total Space | 984.41 Gb Free Space | 52.84% Space Free | Partition Type: NTFS
Computer Name: STEVENWHITE-PC | User Name: Steven White | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/08 22:58:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steven White\Downloads\OTL.exe
PRC - [2014/05/14 20:44:15 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014/05/11 00:13:18 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
========== Modules (No Company Name) ==========
MOD - [2014/05/14 20:44:14 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014/05/11 00:13:17 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/06/08 18:49:57 | 000,127,752 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)
SRV:64bit: - [2014/03/06 09:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/12/11 19:03:14 | 000,513,736 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/29 18:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/05/14 20:44:16 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/11 07:52:43 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe -- (N360)
SRV - [2014/05/11 00:13:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/09 16:39:04 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2014/05/09 16:21:56 | 000,295,800 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2014/03/06 21:13:45 | 000,477,960 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc)
SRV - [2014/03/04 12:32:56 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/30 20:26:34 | 000,075,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/10/01 13:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/14 16:19:22 | 000,039,056 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/26 20:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 20:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/03/15 16:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/01/15 14:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2011/12/02 07:14:16 | 000,007,168 | R--- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/05/24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011/04/26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/04/24 22:14:00 | 000,138,664 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2014/04/20 11:45:44 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/03/20 23:02:52 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/03/04 05:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/18 02:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symnets.sys -- (SymNetS)
DRV:64bit: - [2014/02/13 02:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/02/08 00:52:00 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/10/02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/27 03:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 03:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/10 03:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/09/10 02:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/07/17 18:10:52 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2013/07/10 14:20:44 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/26 20:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 20:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 20:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 20:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/03/04 13:24:27 | 000,040,344 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2012/08/23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/03 14:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/12/02 07:06:04 | 000,023,832 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2011/12/02 07:06:00 | 000,565,528 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/22 09:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/09/05 10:28:16 | 000,178,176 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 01:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 22:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 21:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014/06/07 10:10:06 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140607.001_3ff\ex64.sys -- (NAVEX15)
DRV - [2014/06/07 10:10:06 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140607.001_3ff\eng64.sys -- (NAVENG)
DRV - [2014/05/10 02:07:23 | 001,530,160 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140510.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/05/09 16:15:12 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140606.002_430\IDSviA64.sys -- (IDSVia64)
DRV - [2014/04/24 22:14:00 | 000,138,664 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2014/03/06 22:36:54 | 000,075,048 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver64.sys -- (BRDriver64)
DRV - [2014/02/07 02:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {21A51130-7285-49FE-B3F6-2385CC71CDEA}
IE:64bit: - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...r=718745324&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{21A51130-7285-49FE-B3F6-2385CC71CDEA}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...UM}&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...UM}&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperba...UM}&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperba...UM}&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...UM}&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...UM}&type=hp2000
IE - HKCU\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...r=718745324&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "http://feed.helperba...M}&type=hp2000"
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2014.7.0.46
FF - prefs.js..extensions.enabledAddons: TidyNetwork%40TidyNetwork:5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://feed.helperba...type=hp2000&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/12/30 17:10:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/12/30 17:10:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/06/08 02:42:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/06/08 18:45:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/10/20 18:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steven White\AppData\Roaming\mozilla\Extensions
[2014/06/08 19:58:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steven White\AppData\Roaming\mozilla\Firefox\Profiles\8dypnmou.default\extensions
[2014/06/08 19:58:35 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Steven White\AppData\Roaming\mozilla\Firefox\Profiles\8dypnmou.default\extensions\TidyNetwork@TidyNetwork
[2014/06/08 19:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steven White\AppData\Roaming\mozilla\Firefox\Profiles\l19cn9z0.default-1402173125062\extensions
[2014/06/08 19:58:36 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\Steven White\AppData\Roaming\mozilla\Firefox\Profiles\l19cn9z0.default-1402173125062\extensions\TidyNetwork@TidyNetwork
[2014/06/08 19:58:07 | 000,002,763 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\mozilla\firefox\profiles\8dypnmou.default\searchplugins\Web Search.xml
[2014/03/20 11:57:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/11 00:13:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/10 12:19:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2014/05/10 12:19:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/08 18:45:55 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\COFFPLGN
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TidyNetwork) - {1E802885-BA64-379F-DA16-7F20C5AB8FE6} - C:\Program Files (x86)\TidyNetwork\petn64.dll ()
O2:64bit: - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (TidyNetwork) - {1E802885-BA64-379F-DA16-7F20C5AB8FE6} - C:\Program Files (x86)\TidyNetwork\petn.dll ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [FastAccess Web Alert] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\FAInstaller\FAtry.exe (Microsoft)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Live! Central 3] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [WD Drive Unlocker] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - Startup: C:\Users\Steven White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.0.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{220435A1-7876-470D-B72A-9470CFEE9301}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4212C13F-19E7-49F1-B36E-92590DB997E9}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/06/07 16:54:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/02/15 05:53:50 | 000,000,027 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{99f24939-2f4b-11e3-8b92-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99f24939-2f4b-11e3-8b92-806e6f6e6963}\Shell\AutoRun\command - "" = E:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/08 21:27:33 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2014/06/08 20:07:06 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\ImgBurn
[2014/06/08 19:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2014/06/08 19:58:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2014/06/08 19:58:35 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\TidyNetwork
[2014/06/08 19:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TidyNetwork
[2014/06/08 19:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KNCTR
[2014/06/08 19:58:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Itibiti Soft Phone
[2014/06/08 19:25:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2014/06/08 19:00:35 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\virus reports
[2014/06/08 18:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/06/08 18:49:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/06/08 18:31:21 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/08 18:31:06 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/06/08 18:31:06 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/06/08 18:31:06 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/06/08 03:27:34 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\AUTORUNS
[2014/06/08 03:14:00 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/08 02:13:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2014/06/07 23:24:38 | 000,000,000 | ---D | C] -- C:\NPE
[2014/06/07 21:32:11 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Desktop\Old Firefox Data
[2014/06/07 17:21:28 | 000,000,000 | ---D | C] -- C:\EEK
[2014/06/07 16:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/06/07 15:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2014/06/07 15:23:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2014/06/07 14:53:08 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\NPE
[2014/06/07 01:35:18 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\RBs
[2014/06/06 21:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greener Web
[2014/06/06 16:29:47 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\3AB026C7-EBCA-4166-8855-A697D8B6E2EB
[2014/06/06 16:16:21 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\Malware Logs
[2014/06/06 16:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2014/06/06 16:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/06/06 15:24:12 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Acronis
[2014/06/06 15:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2014/06/06 15:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2014/06/06 15:17:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2014/06/06 15:17:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2014/06/06 15:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AomeiBR
[2014/06/06 14:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Standard Edition 2.0
[2014/06/06 14:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0
[2014/06/06 13:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/06/06 13:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/06 13:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/06/06 13:21:37 | 000,000,000 | ---D | C] -- C:\StevenWhite-PC
[2014/06/06 13:10:46 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/06/06 13:02:44 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\SUPERAntiSpyware.com
[2014/06/06 13:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014/06/06 13:01:50 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/06/06 12:00:58 | 000,000,000 | ---D | C] -- C:\temp
[2014/06/06 12:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JFileManager
[2014/06/06 12:00:31 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\JFileManager
[2014/06/06 12:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JFileManager
[2014/06/06 11:46:24 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/06 11:46:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/06 00:43:34 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\My CamStudio Videos
[2014/06/06 00:43:03 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\My CamStudio Temp Files
[2014/06/06 00:42:03 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\Weather_Warnings_LLC
[2014/06/06 00:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
[2014/06/06 00:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio 2.7
[2014/06/02 12:27:15 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\Sims 3 mods
[2014/06/02 11:12:17 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\Peter_L_Jones
[2014/06/02 11:03:09 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/06/02 11:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/06/02 11:03:07 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Notepad++
[2014/06/02 11:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014/06/02 10:48:09 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Peter L Jones
[2014/06/02 10:47:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\s3pe
[2014/06/02 10:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\s3pe
[2014/06/02 10:09:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Explorer Suite Signatures
[2014/06/02 10:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Explorer Suite
[2014/06/02 10:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\NTCore
[2014/06/01 22:56:19 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\AfterDuskSims0.7
[2014/06/01 22:32:42 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\fruit
[2014/05/29 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Desktop\Tor Browser
[2014/05/29 00:16:48 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\MTS_bootsbrisket_47122_bootsbrisketscage
[2014/05/28 10:45:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lepid Llama Tools
[2014/05/28 10:44:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Postal
[2014/05/28 10:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/05/28 10:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/05/28 10:41:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/05/28 10:41:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/05/28 10:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/05/28 10:34:34 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilkShape 3D 1.8.5
[2014/05/28 10:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MilkShape 3D 1.8.5
[2014/05/28 10:20:28 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\MilkShape 3D 1.x.x
[2014/05/28 10:16:58 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MilkShape 3D 1.8.4
[2014/05/28 10:16:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MilkShape 3D 1.8.4
[2014/05/28 10:15:36 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\TSR Workshop
[2014/05/28 10:15:27 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\Ibibi_HB
[2014/05/28 10:15:26 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\TSRWorkshop
[2014/05/28 10:15:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSR Workshop
[2014/05/28 10:15:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Sims Resource
[2014/05/28 10:13:15 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Roaming\The Sims Resource
[2014/05/27 19:48:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/05/27 19:48:04 | 000,000,000 | ---D | C] -- C:\Users\Steven White\AppData\Local\WinZip
[2014/05/27 19:47:57 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/05/27 19:47:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2014/05/23 08:11:09 | 000,000,000 | ---D | C] -- C:\Users\Steven White\Documents\Stories
[2014/05/16 16:45:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/15 20:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
========== Files - Modified Within 30 Days ==========
[2014/06/08 22:50:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/08 22:50:31 | 4250,304,510 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/08 19:58:53 | 000,001,889 | ---- | M] () -- C:\Users\Steven White\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/08 19:58:53 | 000,001,865 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/08 19:58:22 | 000,001,094 | ---- | M] () -- C:\Users\Steven White\Application Data\Microsoft\Internet Explorer\Quick Launch\KNCTR.lnk
[2014/06/08 19:58:22 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\KNCTR.lnk
[2014/06/08 19:57:59 | 000,002,592 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\smartbar_3312014.exe.lnk
[2014/06/08 19:44:13 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/08 19:15:47 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/06/08 19:05:23 | 000,000,546 | ---- | M] () -- C:\Users\Steven White\Desktop\Emsisoft Emergency Kit.lnk
[2014/06/08 18:54:39 | 000,025,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 18:54:39 | 000,025,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/08 18:49:57 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/06/08 18:47:54 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/06/08 18:47:47 | 000,000,440 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/06/08 18:47:14 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/06/08 18:45:51 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/08 18:31:10 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/08 16:44:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/08 03:26:32 | 000,511,782 | ---- | M] () -- C:\Users\Steven White\Documents\Autoruns.zip
[2014/06/07 16:54:00 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/06/06 20:50:16 | 000,000,096 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\version2.xml
[2014/06/06 15:00:57 | 000,001,024 | -H-- | M] () -- C:\SYSTAG.BIN
[2014/06/06 12:00:57 | 000,001,161 | ---- | M] () -- C:\Users\Public\Desktop\JFileManager.lnk
[2014/06/06 11:01:45 | 000,004,565 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\CamStudio.cfg
[2014/06/06 11:01:45 | 000,000,408 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\CamShapes.ini
[2014/06/06 11:01:45 | 000,000,408 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\CamLayout.ini
[2014/06/06 11:01:45 | 000,000,135 | ---- | M] () -- C:\Users\Steven White\AppData\Roaming\Camdata.ini
[2014/06/04 20:14:44 | 000,038,119 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\VT20140604.020
[2014/06/02 12:51:35 | 000,002,230 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Into the Future.lnk
[2014/06/02 11:03:10 | 000,001,059 | ---- | M] () -- C:\Users\Steven White\Desktop\Notepad++.lnk
[2014/05/29 00:42:32 | 000,001,201 | ---- | M] () -- C:\Users\Steven White\Desktop\Uplay.lnk
[2014/05/28 22:43:13 | 000,000,222 | ---- | M] () -- C:\Users\Steven White\Desktop\Watch_Dogs.url
[2014/05/28 10:34:39 | 000,001,055 | ---- | M] () -- C:\Users\Steven White\Desktop\MilkShape 3D 1.8.5.lnk
[2014/05/28 10:17:08 | 000,001,055 | ---- | M] () -- C:\Users\Steven White\Desktop\MilkShape 3D 1.8.4.lnk
[2014/05/28 10:15:16 | 000,002,545 | ---- | M] () -- C:\Users\Public\Desktop\TSR Workshop.lnk
[2014/05/27 19:48:10 | 000,002,277 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/05/20 12:20:57 | 001,842,774 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\Cat.DB
[2014/05/16 19:59:19 | 000,000,043 | -HS- | M] () -- C:\ProgramData\.zreglib
[2014/05/15 18:05:23 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/12 07:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/11 07:52:10 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1503000.00C\isolate.ini
[2014/05/11 00:01:56 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\WD Security.lnk
========== Files Created - No Company Name ==========
[2014/06/08 19:58:53 | 000,001,889 | ---- | C] () -- C:\Users\Steven White\Application Data\Microsoft\Internet Explorer\Quick Launch\ImgBurn.lnk
[2014/06/08 19:58:53 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2014/06/08 19:58:22 | 000,001,094 | ---- | C] () -- C:\Users\Steven White\Application Data\Microsoft\Internet Explorer\Quick Launch\KNCTR.lnk
[2014/06/08 19:58:22 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\KNCTR.lnk
[2014/06/08 19:57:59 | 000,002,592 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\smartbar_3312014.exe.lnk
[2014/06/08 19:44:13 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/08 19:05:23 | 000,000,546 | ---- | C] () -- C:\Users\Steven White\Desktop\Emsisoft Emergency Kit.lnk
[2014/06/08 18:49:57 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014/06/08 18:31:10 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/06/08 03:26:29 | 000,511,782 | ---- | C] () -- C:\Users\Steven White\Documents\Autoruns.zip
[2014/06/07 16:54:00 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/06/06 15:00:57 | 000,001,024 | -H-- | C] () -- C:\SYSTAG.BIN
[2014/06/06 12:00:56 | 000,001,161 | ---- | C] () -- C:\Users\Public\Desktop\JFileManager.lnk
[2014/06/06 11:59:29 | 000,034,376 | ---- | C] () -- C:\Windows\Launcher.exe
[2014/06/06 01:14:06 | 000,004,565 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\CamStudio.cfg
[2014/06/06 01:14:06 | 000,000,408 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\CamShapes.ini
[2014/06/06 01:14:06 | 000,000,408 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\CamLayout.ini
[2014/06/06 01:14:06 | 000,000,135 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\Camdata.ini
[2014/06/06 00:42:47 | 000,000,096 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\version2.xml
[2014/06/02 12:51:35 | 000,002,230 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Into the Future.lnk
[2014/06/02 11:03:10 | 000,001,059 | ---- | C] () -- C:\Users\Steven White\Desktop\Notepad++.lnk
[2014/05/29 00:42:31 | 000,001,201 | ---- | C] () -- C:\Users\Steven White\Desktop\Uplay.lnk
[2014/05/28 22:43:13 | 000,000,222 | ---- | C] () -- C:\Users\Steven White\Desktop\Watch_Dogs.url
[2014/05/28 10:34:39 | 000,001,055 | ---- | C] () -- C:\Users\Steven White\Desktop\MilkShape 3D 1.8.5.lnk
[2014/05/28 10:17:07 | 000,001,055 | ---- | C] () -- C:\Users\Steven White\Desktop\MilkShape 3D 1.8.4.lnk
[2014/05/28 10:15:16 | 000,002,545 | ---- | C] () -- C:\Users\Public\Desktop\TSR Workshop.lnk
[2014/05/27 19:48:08 | 000,002,277 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/05/26 17:51:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/05/15 18:05:22 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2014/05/11 00:01:54 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\WD Security.lnk
[2014/05/01 20:17:57 | 000,003,584 | ---- | C] () -- C:\Users\Steven White\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/27 21:40:02 | 000,000,107 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\WB.CFG
[2013/11/30 20:26:35 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/11/30 20:26:34 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/11/30 20:26:33 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013/10/20 18:32:09 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/10/18 18:12:42 | 000,000,282 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\GPU MeterV2_Settings.ini
[2013/10/18 18:12:08 | 000,000,624 | ---- | C] () -- C:\Users\Steven White\AppData\Roaming\All CPU MeterV3_Settings.ini
[2013/10/07 14:35:28 | 000,793,164 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/07 14:21:41 | 000,053,053 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/10/07 13:52:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/10/07 13:52:32 | 000,036,118 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 03:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 03:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/06/06 16:29:47 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\3AB026C7-EBCA-4166-8855-A697D8B6E2EB
[2014/06/07 14:16:47 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Abine
[2014/06/06 15:24:12 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Acronis
[2014/06/08 02:37:13 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Azureus
[2014/06/08 19:22:22 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\DAEMON Tools Lite
[2013/11/08 10:35:37 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\FreeSmith
[2014/06/08 20:09:38 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\ImgBurn
[2014/04/16 10:17:09 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\MAGIX
[2014/05/28 11:27:28 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\MilkShape 3D 1.x.x
[2014/06/02 11:12:22 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Notepad++
[2013/10/21 12:05:58 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Origin
[2014/06/02 10:48:09 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Peter L Jones
[2014/06/08 02:37:48 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\SoftGrid Client
[2014/06/08 02:44:51 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Spotify
[2013/11/29 10:50:31 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\Temp
[2013/11/09 22:38:16 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\The Creative Assembly
[2014/05/28 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\The Sims Resource
[2014/03/04 19:06:22 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\TP
[2014/05/28 10:15:26 | 000,000,000 | ---D | M] -- C:\Users\Steven White\AppData\Roaming\TSRWorkshop
========== Purity Check ==========
< End of report >
Extras report:
OTL Extras logfile created on: 08/06/2014 23:00:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steven White\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
15.94 Gb Total Physical Memory | 14.14 Gb Available Physical Memory | 88.70% Memory free
31.89 Gb Paging File | 30.12 Gb Available in Paging File | 94.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 1509.95 Gb Free Space | 81.05% Space Free | Partition Type: NTFS
Drive D: | 384.75 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 1863.01 Gb Total Space | 492.81 Gb Free Space | 26.45% Space Free | Partition Type: NTFS
Drive H: | 1862.98 Gb Total Space | 984.41 Gb Free Space | 52.84% Space Free | Partition Type: NTFS
Computer Name: STEVENWHITE-PC | User Name: Steven White | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000EE0B6-6B55-4022-9393-74D1F72FED48}" = lport=10243 | protocol=6 | dir=in | app=system |
"{10A8107B-4AC4-43AA-9D0F-48494E20379A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{152E18A2-3972-4A07-B265-F83CFF874D36}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{219709E8-D2F2-4A35-B89F-5FDDC0446D93}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{22AF0FDA-A7A9-4CEF-850F-80ACFBCDC905}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{265B87B2-205B-4746-8E46-7C44E3FD6CF3}" = rport=2869 | protocol=6 | dir=out | app=system |
"{2891B21D-7B88-4B94-8178-3DF39929B247}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2A6E2566-2133-49CE-A872-E9F2E9E7CD87}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C6855D2-0027-4FC8-B588-CD65089A0734}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{2F641B46-29FD-4455-BEAF-D9EA415AFA5F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3A789424-2398-4E68-B2C6-B789581C6B10}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{43AB94F9-2AF7-4E11-9298-2484F0C83970}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CC9360A-47C3-48FB-8D3B-A2EBD351BB7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A30F2EE-6794-4E20-BA19-2F89C5A60E76}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5E0B7460-6AD3-4033-B238-9E1C7C67D66D}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7C6C4FD0-97B4-4B34-8BB8-C068B731648C}" = rport=139 | protocol=6 | dir=out | app=system |
"{7CFD03D7-9C38-4F7B-8E4E-4382BCCCC711}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{810FAED8-5039-476A-B763-CECD9EFC954C}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8A2DFE2C-E34D-438F-8DFD-BFDECB15179E}" = lport=445 | protocol=6 | dir=in | app=system |
"{93692AF3-F0B8-4912-871D-366E62F722DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96351827-16B6-4C95-ABF8-075FCA38E713}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F8B2499-A10F-4777-80D4-7CE5447958E0}" = rport=137 | protocol=17 | dir=out | app=system |
"{A943F9A4-AFEC-4725-97E6-3DE98FC9BC59}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AEBD0D64-1346-496E-BFED-6B8DA03B4B85}" = lport=137 | protocol=17 | dir=in | app=system |
"{B0CC8793-1018-485F-97C7-630CB4FA3698}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B23ADB44-A36D-40F2-A74E-83196AD118BC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6F60EDB-1BBC-40B8-83FC-45536A814E1A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B9884857-10AE-4092-9979-2B0E2EC36848}" = rport=138 | protocol=17 | dir=out | app=system |
"{BBBAA889-28F3-468A-8E93-C84FBED9E21F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BFEB6901-D026-47E6-B837-91DADBCCB562}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2C8BDC6-2F5E-4406-B432-C57590997963}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D780D2D3-2C6E-4A4B-808C-291839ED713A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DC20273C-6E69-4CA6-BE32-6484249BABA4}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{E116F569-412F-4EBF-A20B-729E8BBA231A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EDDC56A6-075D-4211-AEC6-243203C79B90}" = rport=445 | protocol=6 | dir=out | app=system |
"{FBE87689-8C61-46B2-AD53-A9969C1D75B7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC71171C-66F0-4C33-AFB1-19FD61E6518F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B9C4EA-1969-4AD4-9B94-D45B9A8BDBAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08ACA0B0-77B8-49BD-B913-9EEC8F7412C8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0AE8D33D-EA25-48B7-889A-A47EFEF1BB69}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0C976404-E653-4060-A1E5-F6ACE9257731}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0F3F9F18-A19D-4C6C-9A2F-E3F368DAC7F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{1D6C51B7-71B1-4552-A10A-7E6B0F7C58FD}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{1E9893C8-18FA-4C80-A0C0-FB5E1F26F8DD}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{24014CD2-A2E2-424B-BC40-C85180917085}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{25F090D7-1AF2-4243-A2D4-952DA66DF4B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AB60F7E-CA2C-414A-A50D-C484F6BB3FB6}" = protocol=58 | dir=out | [email protected],-28546 |
"{2AC9D161-D448-4C81-837F-697C424FC47E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2C799CA1-F027-4A13-8338-74F60926DFD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2FB4419A-576E-4AD2-8DBD-FC4A092E8725}" = protocol=6 | dir=out | app=system |
"{30855D6A-A3EB-4C16-8324-3D87A27D76AC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{30BCFADB-FB28-424D-BB33-4D4E5CD1AC86}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{30E43E86-E2CE-4DEC-8FA8-23CB266F90E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{31A7F6AA-C97E-40F9-BF2A-ABE726FA91FD}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{341B18BB-20B6-4F35-9AAB-74053AE2B6D6}" = dir=in | app=c:\soloapp\chromedriver.exe |
"{360FB2B7-E125-4565-8F5B-0D10D5B5715F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{37217495-A486-422A-B4EE-48D1FE10A45F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{37A12CAA-817B-4553-8BE5-C6A36A0273AB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{38A554F1-2642-4FCD-B78B-1BD4A7E97330}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe |
"{3C55B689-5A28-44CB-B983-58C009A6FE79}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{40189555-91B8-4719-8B7A-7F36C7F8DFB1}" = dir=in | app=c:\program files (x86)\hometab\wbrowsershield.exe |
"{486B6D0B-AD7D-4E1D-BBF9-CF545E79C61D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead season two\thewalkingdead2.exe |
"{4994786F-9CD8-46BD-B63A-D59EB5F2ED2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row iv\saintsrowiv.exe |
"{4C6735D2-5232-4EFF-8558-8E07130E17A6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4D3FE3DB-2A24-4A97-98DD-412632A3340F}" = dir=out | app=c:\program files (x86)\slysoft\anydvd\anydvdtray.exe |
"{4E1FC38F-5DEB-4510-9D82-788AEA52ABBF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E5F732F-C0D4-42EA-84F0-E9E083D52642}" = protocol=58 | dir=in | [email protected],-28545 |
"{4EDE9ABC-CDB0-472C-B43B-F2690B092C7A}" = protocol=1 | dir=in | [email protected],-28543 |
"{50029849-CCDF-44C9-9BAE-CCD6F2E86DE8}" = dir=in | app=c:\program files (x86)\slysoft\anydvd\anydvdtray.exe |
"{5093ED82-59CA-4690-9A0B-316D04682ACA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{54D97CB1-F055-4571-89F2-CE0F36ACC9C7}" = dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iv black flag\ac4bfmp.exe |
"{57BABA03-2C1E-43E4-B6A4-923C4FACD8CF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{5997836C-B072-491B-A2E5-186E4ADCD2EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe |
"{5C21E169-AAE1-46D7-B72E-D5D098FCAC64}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{5D12CCCF-4452-4E34-BEA6-B9E5C8F8AD63}" = protocol=6 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
"{60A3C183-30D2-4878-83DE-631DAA15A05A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\democracy 3\democracy3.exe |
"{65FA615C-652F-4029-912D-DF09740A2835}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{6D1F71DF-7C7D-456B-89E4-BA9D092BCFBA}" = dir=in | app=c:\soloapp\webdriver.dll |
"{700934F7-06C6-403D-977A-E61D6F0E4BA0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\saints row iv\saintsrowiv.exe |
"{723F0A7C-714F-4E1D-860A-3226F1E06C70}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |
"{758BF586-4411-49AC-9498-82BDCF0D0957}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{77BBD6E4-0D9D-418F-9243-114267F3C8A2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7823A7E5-4659-4A5C-9319-D6E9AA6D01F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\bmlauncher.exe |
"{7C60C688-0CCB-4BCB-93B8-02C7B558461B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{7D67A444-5D7A-4615-B31A-14F675EA6793}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\simcity\simcity\simcity.exe |
"{7F41D7CF-71B2-43A4-B8DD-3FA2EB11F703}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{821E400E-4500-4819-9412-9D0A32732E6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
"{8250093D-37E3-4619-9CB6-8F896732F0B9}" = dir=in | app=c:\soloapp\soloapp.exe |
"{84043DFD-0AC9-447E-B6F7-266786F1114E}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{86DDF819-6C87-4F05-B54A-D12AF64B238B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{89F8B268-1EEF-44DF-9EF5-7F87A15871F5}" = dir=out | app=c:\soloapp\webdriver.dll |
"{909765D2-366A-4BA2-8954-F863CEF0A155}" = dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iv black flag\ac4bfsp.exe |
"{9B8D0324-C890-4818-B036-AF9671D6E62B}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\need for speed most wanted\nfs13.exe |
"{9F5A43DF-C520-40BF-8074-6E37A8F2D935}" = protocol=17 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
"{A18108FA-5DAC-4F91-BFDE-86202366DC82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead season two\thewalkingdead2.exe |
"{A606C814-0C93-4B6B-901F-8123B3DB6C64}" = dir=in | app=c:\soloapp\iedriverserver.exe |
"{B4606B7D-6200-4E75-A5BD-C464B7C81A44}" = dir=out | app=c:\program files (x86)\hometab\wbrokerproductivity.exe |
"{B6888417-25BD-4B54-A878-DE44FE61A664}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\need for speed most wanted\nfs13.exe |
"{B7C818CD-40EB-45C9-A218-FF88CC8A9BA4}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{B7CA3368-F179-4F3D-A6C4-9EC5407CD039}" = dir=in | app=c:\program files (x86)\hometab\wbrowserupgrade.exe |
"{B8BF3E7C-89EF-4046-876F-299F75250E25}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BA38C79E-63C1-4398-B28D-4770352DDE4B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{BE47DE18-91C0-41C3-88A7-6EFE80FA4B35}" = dir=out | app=c:\soloapp\iedriverserver.exe |
"{BF564610-43F3-4635-8157-1C518338CD3B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{BFECE9C6-E4B0-4CBD-84CC-97BF7E00533F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\watch_dogs\bin\watch_dogs.exe |
"{C20AA511-0DD0-4958-89E7-9B6A2F3C4D82}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{C35302F7-0F1C-4ED8-AB13-F999E2E89E74}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C6B73646-3ECE-42F1-9D04-86276731A1BD}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |
"{C87A6FBB-8D5F-46A8-A7AE-35B30A1AD8C6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C94B7BBA-7528-4065-A327-32837718CFBA}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{CA336583-501F-484E-AF33-078FDAF13AB6}" = dir=out | app=c:\soloapp\soloapp.exe |
"{CEA03D6D-0636-4D5C-AE5A-085CB400F025}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{CF0693FF-3C55-4C87-B6D5-5F9CF688F08D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF0CF007-0269-41E0-9E16-9B0AFF416238}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |
"{D20D6089-CCA8-447A-84FB-10EC18357C2D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D598EC9E-A397-4FE6-8C7E-D043188702BE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\watch_dogs\bin\watch_dogs.exe |
"{D59DB52F-69E8-4C39-B1DE-BBCCA68F9265}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{DD9E4C48-062A-4B59-A3F2-FE4DED77D7BC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{DE1B87BB-176F-479F-B745-C02612CB5B9B}" = dir=out | app=c:\soloapp\chromedriver.exe |
"{DF40CCC4-4AFE-43CC-8B24-D90944397365}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\democracy 3\democracy3.exe |
"{DF61EE4D-51C7-4B00-8C26-3CEC82CFB18D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\singleplayer\binaries\win32\batmanorigins.exe |
"{E02314E3-A6DE-4162-B190-8385E732C65C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
"{E0D6DEDF-515E-4C05-B03C-589632457CB1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{E108CCD2-EBD8-40ED-8AAB-0CA45FDEF5D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E31DF717-28C1-4965-B777-E5E1E4EADC03}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E45B26CA-FAF7-4E09-92D4-42E9DEA8698D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E71335BD-B737-4F59-BA67-E0DAEBDDD006}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{E7D971E0-EF4B-49CC-B6A9-8B208ED44A4D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe |
"{E98FA78C-3B2E-4267-8D01-D7EA648DD055}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{EBEB5F62-53D0-449C-8C61-96C50EAB624F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EC1236DE-C6F2-4326-85D7-9BFF75232F67}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EDB55303-FA9F-41B5-8398-7AF208190F26}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |
"{EEA2BE1D-66B1-48FF-9236-C2291DA7E35F}" = dir=in | app=c:\program files (x86)\hometab\wbrokerproductivity.exe |
"{F342F290-5C35-4B85-B82F-5DE764A63F51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham origins\online\binaries\win32\batmanoriginsonline.exe |
"{F60AD465-7059-4764-A8C4-B3D49DCD4CF0}" = dir=out | app=c:\program files (x86)\hometab\wbrowserupgrade.exe |
"{F994C39C-DE9E-4841-A43C-D126729FA544}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FA9BA0F9-0346-47A7-BB94-C1E0764CAA02}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FC3B376A-6416-4AF8-AAC2-9259AA48DD83}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |
"{FC66475C-7BCE-4C56-A016-1A383607D734}" = dir=out | app=c:\program files (x86)\hometab\wbrowsershield.exe |
"{FCF27729-DDCC-4106-B40D-926F8425A645}" = protocol=1 | dir=out | [email protected],-28544 |
"{FD1D3080-E295-4F3F-9610-516BCC1610BB}" = protocol=58 | dir=in | [email protected],-148 |
"{FDEB9BC9-C1F0-44B5-9631-F83404EC0D0F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{FEBDE4F8-1509-448A-AD50-B7E09C433AF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"TCP Query User{9CC51DD2-33A8-42CE-BF23-1B270399DA3E}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"TCP Query User{BF3453DD-DC71-493B-B0B0-4213E2CD08AF}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"TCP Query User{C3C3D2A0-BD1C-4B44-A2F5-1966BA70DAF1}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{E4750803-561D-48A7-90F0-25C19A82DC57}C:\users\steven white\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\steven white\appdata\roaming\spotify\spotify.exe |
"UDP Query User{66511FA1-FEA4-4D02-9CDE-418DD6928DD9}C:\users\steven white\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\steven white\appdata\roaming\spotify\spotify.exe |
"UDP Query User{94D2F500-23AD-4733-9CA2-5E01FC6272B9}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe |
"UDP Query User{C3595AD3-9CA0-47F7-824F-8680455D0975}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{E9E5B2D3-55D4-42DD-BFBB-980EB0860426}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio 2.7.2
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{4E0EE43D-22E6-4CE3-817F-F042444AB8E6}" = MAGIX Speed burnR (MSI)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{600DEB42-433A-40AF-BC14-082E40577BF2}" = AntimalwareEngine
"{6E936B32-5120-412E-AC87-C1D3651E531F}" = WD SmartWare
"{776CC1A1-330C-4A13-B331-D3AD23545A3D}" = AdAwareInstaller
"{7994B53E-9CAF-414E-904C-63AA00D64B52}" = AdAwareUpdater
"{7994B53E-9CAF-414E-904C-63AA00D64B52}_AdAwareUpdater" = Ad-Aware Antivirus
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8240AD26-ECB7-425E-BAEF-9F240E097243}" = MAGIX Music Maker MX Production Suite Download Version
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 335.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.40
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}" = WinZip 18.5
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"8461-7759-5462-8226" = Vuze
"CCleaner" = CCleaner
"Explorer Suite_is1" = Explorer Suite IV
"HitmanPro37" = HitmanPro 3.7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014A2868-BE56-4888-A16C-693989B8F153}" = SlimDX Runtime .NET 2.0 (January 2012)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = The Sims™ 3 Diesel Stuff
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217055FF}" = Java 7 Update 55
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33100EE2-5EDF-4AB1-BF08-D767E3AED642}" = TSR Workshop
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{44C0EC7E-CF09-4569-B34B-0A9347D72596}" = Vuze Remote Toolbar v9.3
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7431ED5D-9247-4F17-91C9-702D9B36FAC4}" = WD Drive Utilities
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7ac3fd38-27b0-428d-b368-7b0dbd1e78f0}_is1" = HomeTab 6.3
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}" = Intel® Rapid Storage Technology enterprise
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90C3D9C7-2F83-4399-8E28-A00228CFFDF8}" = WD Security
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9af08980-8d36-4304-a8d0-53dc0c7d93a5}" = WD SmartWare Installer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{BFFB6CFD-13E8-4967-AA6D-A57E7280FFDA}_is1" = FreeSmith version 1.2.3
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{D0087539-3C57-44E0-BEE7-D779D546CBE1}" = The Sims™ 3 Movie Stuff
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F181233F-67DF-4995-A159-EB81F2B5500B}" = WD Quick View
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{FB0127F3-985B-44CE-AE29-378CAF60B361}" = Need for Speed™ Most Wanted
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AnyDVD" = AnyDVD
"AVS Video Editor_is1" = AVS Video Editor 6.5
"BitRaider Web Client" = BitRaider Web Client
"CloneDVD2" = CloneDVD2
"Creative Live! Central 2" = Creative Live! Central 3
"DAEMON Tools Lite" = DAEMON Tools Lite
"Democracy 3_is1" = Democracy 3 Austria Mod
"FastAccess Web Alert" = FastAccess Web Alert
"foxtab" = Foxtab
"ImgBurn" = ImgBurn
"Itibiti_is1" = KNCTR
"JFileManager" = JFileManager
"MAGIX_{4E0EE43D-22E6-4CE3-817F-F042444AB8E6}" = MAGIX Speed burnR (MSI)
"MAGIX_{8240AD26-ECB7-425E-BAEF-9F240E097243}" = MAGIX Music Maker MX Production Suite Download Version
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"MilkShape 3D 1.8.4" = MilkShape 3D 1.8.4
"MilkShape 3D 1.8.5" = MilkShape 3D 1.8.5
"Mozilla Firefox 29.0.1 (x86 en-US)" = Mozilla Firefox 29.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Origin" = Origin
"PrintProjects" = PrintProjects
"RealPlayer 16.0" = RealPlayer
"s3pe" = s3pe - Sims3 Package Editor
"Steam App 206420" = Saints Row IV
"Steam App 209000" = Batman™: Arkham Origins
"Steam App 214950" = Total War: ROME II
"Steam App 231430" = Company of Heroes 2
"Steam App 243470" = Watch_Dogs
"Steam App 245470" = Democracy 3
"Steam App 261030" = The Walking Dead: Season Two
"Steam App 34030" = Napoleon: Total War
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 8870" = BioShock Infinite
"swtor_swtor" = Star Wars The Old Republic
"TeamViewer 8" = TeamViewer 8
"Uplay" = Uplay
"Uplay Install 273" = Assassin's Creed IV Black Flag
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 08/06/2014 15:20:05 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 15:20:06 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 15:21:04 | Computer Name = StevenWhite-PC | Source = WinMgmt | ID = 10
Description =
Error - 08/06/2014 15:22:52 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:09:12 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:09:12 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:09:39 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:51:19 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:51:19 | Computer Name = StevenWhite-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files (x86)\Itibiti
Soft Phone\Itibiti.exe". Dependent Assembly Microsoft.Windows.Networking.RtcDll,language="*",processorArchitecture="X86",publicKeyToken="6595b64144ccf1df",type="win32",version="5.2.1002.3"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 08/06/2014 17:52:07 | Computer Name = StevenWhite-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 08/06/2014 17:58:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 17:58:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:09 | Computer Name = StevenWhite-PC | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068
Error - 08/06/2014 18:00:44 | Computer Name = StevenWhite-PC | Source = DCOM | ID = 10005
Description =
Error - 08/06/2014 18:00:44 | Computer Name = StevenWhite-PC | Source = DCOM | ID = 10005
Description =
< End of report >